{"title":"属性测试真实世界的授权系统","authors":"A. Sharifi, P. Bottinelli, Mahesh V. Tripunitara","doi":"10.1145/2462410.2463207","DOIUrl":null,"url":null,"abstract":"We motivate and address the problem of testing for properties of interest in real-world implementations of authorization systems. We adopt a 4-stage process: (1) express a property precisely using existential second-order logic, (2) establish types of traces that are necessary and sufficient to establish a property, (3) adopt finitizing assumptions and show that under those assumptions, verifying a property is in PSPACE, and, (4) use a model-checker as a trace-generator to generate instances of traces, and exercise the implementation to check for those traces. We discuss our design of a corresponding testing-system, and its use to test for qualitatively different kinds of properties in two commercial authorization systems. One is a database system that we call the D system, and the other is a file-sharing system that we call the I system. (We use pseudonyms at the request of the respective vendors.) In the context of the D system, our testing has uncovered several issues with its authorization system in the context of procedures that aggregate SQL statements that, to our knowledge, are new to the research literature. For the I system, we have established that it possesses several properties of interest.","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"90 3 1","pages":"225-236"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Property-testing real-world authorization systems\",\"authors\":\"A. Sharifi, P. Bottinelli, Mahesh V. Tripunitara\",\"doi\":\"10.1145/2462410.2463207\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We motivate and address the problem of testing for properties of interest in real-world implementations of authorization systems. We adopt a 4-stage process: (1) express a property precisely using existential second-order logic, (2) establish types of traces that are necessary and sufficient to establish a property, (3) adopt finitizing assumptions and show that under those assumptions, verifying a property is in PSPACE, and, (4) use a model-checker as a trace-generator to generate instances of traces, and exercise the implementation to check for those traces. We discuss our design of a corresponding testing-system, and its use to test for qualitatively different kinds of properties in two commercial authorization systems. One is a database system that we call the D system, and the other is a file-sharing system that we call the I system. (We use pseudonyms at the request of the respective vendors.) In the context of the D system, our testing has uncovered several issues with its authorization system in the context of procedures that aggregate SQL statements that, to our knowledge, are new to the research literature. For the I system, we have established that it possesses several properties of interest.\",\"PeriodicalId\":74509,\"journal\":{\"name\":\"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies\",\"volume\":\"90 3 1\",\"pages\":\"225-236\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-06-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2462410.2463207\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2462410.2463207","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
We motivate and address the problem of testing for properties of interest in real-world implementations of authorization systems. We adopt a 4-stage process: (1) express a property precisely using existential second-order logic, (2) establish types of traces that are necessary and sufficient to establish a property, (3) adopt finitizing assumptions and show that under those assumptions, verifying a property is in PSPACE, and, (4) use a model-checker as a trace-generator to generate instances of traces, and exercise the implementation to check for those traces. We discuss our design of a corresponding testing-system, and its use to test for qualitatively different kinds of properties in two commercial authorization systems. One is a database system that we call the D system, and the other is a file-sharing system that we call the I system. (We use pseudonyms at the request of the respective vendors.) In the context of the D system, our testing has uncovered several issues with its authorization system in the context of procedures that aggregate SQL statements that, to our knowledge, are new to the research literature. For the I system, we have established that it possesses several properties of interest.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
