Testing access control policy through Change Rule and Swap Rule Algorithm (CRSR)

Abstract

We propose an algorithm for testing policies based on XACML Context Schema, known as Change Rule and Swap Rule Algorithm (CRSR). Compared to other testing techniques and tools for testing access control policies, where policy set or policy is evaluated first, this algorithm focuses on the rule and target of a policy set or policy. Our approach represents policy as a vector of bits. A Boolean variable 1 is used to represent the applicability of a policy to a request and a Boolean variable 0 is used to represent the non-applicability of a policy to a request. We assume that a correct policy evaluates to 1, indicating that all the elements, attributes ID and their values are correctly enforced. First of all we identify and extract the rule and target from the policy and then generate mutant policies and requests by applying the proposed algorithm. The rule and target are then evaluated using the original policies, mutant policies and requests generated. We compare our results against mutants generated using mutant operators, the Targen tool and the simple combinatorial approach to see the fault detection capability. The proposed algorithm is found to be effective, efficient and of high fault detection capability in testing access control policies, as it ensures a total coverage of the various elements of a policy based on the XACML Context Schema.