In the context of access control systems, testing activity is among the most adopted means to assure that sensible information or resources are correctly accessed. In XACML-based access control systems, incoming access requests are transmitted to the policy decision point (PDP) that grants or denies the access based on the defined XACML policies. The criticality of a PDP component requires an intensive testing activity consisting in probing such a component with a set of requests and checking whether its responses grant or deny the requested access as specified in the policy. Existing approaches for improving manual derivation of test requests such as combinatorial ones do not consider policy function semantics and do not provide a verdict oracle. In this paper, we introduce XACMET, a novel approach for systematic generation of XACML requests as well as automated model-based oracle derivation. The main features of XACMET are as follows: (i) it defines a typed graph, called the XAC-Graph, that models the XACML policy evaluation; (ii) it derives a set of test requests via full-path coverage of this graph; (iii) it derives automatically the expected verdict of a specific request execution by executing the corresponding path in such graph; (iv) it allows us to measure coverage assessment of a given test suite. Our validation of the XACMET prototype implementation confirms the effectiveness of the proposed approach.

中文翻译：

---

XACMET：XACML 测试和建模

在访问控制系统的上下文中，测试活动是确保正确访问合理信息或资源的最常用方法之一。在基于 XACML 的访问控制系统中，传入的访问请求被传输到策略决策点 (PDP)，它根据定义的 XACML 策略授予或拒绝访问。PDP 组件的关键性需要密集的测试活动，包括使用一组请求探测此类组件并检查其响应是准许还是拒绝策略中指定的请求访问。用于改进测试请求的手动推导的现有方法（例如组合请求）不考虑策略函数语义并且不提供判决预言机。在本文中，我们介绍了 XACMET，一种用于系统生成 XACML 请求以及自动基于模型的预言机推导的新方法。XACMET 的主要特点如下： (i) 它定义了一个类型图，称为 XAC-Graph，它对 XACML 策略评估进行建模；(ii) 它通过该图的全路径覆盖导出一组测试请求；(iii) 它通过执行该图中的相应路径，自动推导出特定请求执行的预期结果；(iv) 它允许我们测量给定测试套件的覆盖率评估。我们对 XACMET 原型实现的验证证实了所提议方法的有效性。(ii) 它通过该图的全路径覆盖导出一组测试请求；(iii) 它通过执行该图中的相应路径，自动推导出特定请求执行的预期结果；(iv) 它允许我们测量给定测试套件的覆盖率评估。我们对 XACMET 原型实现的验证证实了所提议方法的有效性。(ii) 它通过该图的全路径覆盖导出一组测试请求；(iii) 它通过执行该图中的相应路径，自动推导出特定请求执行的预期结果；(iv) 它允许我们测量给定测试套件的覆盖率评估。我们对 XACMET 原型实现的验证证实了所提议方法的有效性。