Abstract
When setting up a secure system, rigorous testing is important to implement and sustain a system that will induce customer confidence. In order to improve the testing process of security properties, formal methods of specification are developed to automatically generate tests. In this work, we propose to apply an approach we developed in a previous work to test the robustness of a very restrictive and important security property, which is non-interference. We consider the case of distributed component-based systems, where avoiding interference can represent a real challenge, especially when exchanging messages between heterogeneous entities.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abdellatif, T., Sfaxi, L., Robbana, R., Lakhnech, Y.: Automating information flow control in component-based distributed systems. In: Proceedings of the 14th International ACM Sigsoft Symposium on Component Based Software Engineering, CBSE’11, pp. 73–82. ACM, New York (2011)
Alur, R., Dill, D.L.: A theory of timed automata. Theor. Comput. Sci. 126(2), 183–235 (1994)
Csallner, C., Smaragdakis, Y.: Check ‘n’ crash: combining static checking and testing. In: Proceedings of the 27th International Conference on Software Engineering, 2005, pp. 422–431 (2005)
Dix, M., Hofmann, H.D.: Automated software robustness testing—static and adaptive test case design methods. In: Proceedings of the 28th International Conference on Euromicro Conference, pp. 62–66 (2002)
Du, W., Mathur, A.P.: Vulnerability testing of software system using fault injection. Technical report (1998)
Eyers, D.M., Roberts, B., Bacon, J., Papagiannis, I., Migliavacca, M., Pietzuch, P., Shand, B.: Event-processing middleware with information flow control. In: Proceedings of the 10th ACM/IFIP/USENIX International Conference on Middleware, Middleware’09, pp. 32:1–32:2. Springer, New York (2009)
Fournet, C., Guernic, G.L., Rezk, T.: A security-preserving compiler for distributed programs: from information-flow policies to cryptographic mechanisms. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS’09. ACM, New York (2009)
Fu, Y., Kon, O.: Security and robustness by protocol testing. IEEE Syst. J. 1, 99 (2012)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 11–20 (1982)
Helmy, A., Gupta, S.: Fotg: fault-oriented stress testing of ip multicast. IEEE Commun. Lett. 9(4), 375–377 (2005)
Hessel, A., Larsen, K.G., Mikuèionis, M., Nielsen, B., Pettersson, P., Skou, A.: Testing real-time systems using uppaal (2008)
Khair, M., Mavridis, I., Pangalos, G.: Design of secure distributed medical database systems. In: Proceedings of the International Conference on Database and Expert systems Applications (1998)
Krohn, M.: Information flow control for standard os abstractions. In: Proceedings of Twenty-first ACM SIGOPS Symposium on Operating Systems Principles, SOSP’07, ACM. New York (2007)
Myers, A.C., Liskov, B.: Protecting privacy using the decentralized label model. ACM Trans. Softw. Eng. Methodol. (TOSEM) 9(4), 410–442 (2000)
Myers, A.C., Sabelfeld, A., Zdancewic, S.: Enforcing robust declassification and qualified robustness. J. Comput. Secur. 14(2), 157–196 (2006)
Naceur, M., Sfaxi, L., Robbana, R.: Robustness testing for secure wireless sensor network. In: Proceedings of the International Conference on Automation, Control, Engineering and Computer Science, ACECS’14, Monastir, Tunisia (2014)
Upsala University. Uppaal tool. www.uppaal.org (2014)
Zdancewic, S., Zheng, L., Nystrom, N., Myers, A.C.: Secure program partitioning. ACM Trans. Comput. Syst. 20(3), 283–328 (2002)
Zeldovich, N., Boyd-Wickizer, S., Mazières, D.: Securing distributed systems with information flow control. In: Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation, NSDI’08, pp. 293–308. USENIX Association, Berkeley (2008)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Naceur, M., Sfaxi, . (2016). Applying RoBuSt Method for Robustness Testing of the Non-interference Property. In: Lee, R. (eds) Computer and Information Science 2015. Studies in Computational Intelligence, vol 614. Springer, Cham. https://doi.org/10.1007/978-3-319-23467-0_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-23467-0_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23466-3
Online ISBN: 978-3-319-23467-0
eBook Packages: EngineeringEngineering (R0)