Policy-Based Testing

Authored by: JeeHyun Hwang , Evan Martin , Tao Xie , Vincent C. Hu

Encyclopedia of Software Engineering

Print publication date:  November  2010
Online publication date:  November  2010

Print ISBN: 9781420059779
eBook ISBN: 9781351249270
Adobe ISBN:


 Download Chapter



As software systems become more and more complex, and are deployed to manage a large amount of sensitive information and resources, specifying and managing correct access control policies is critical and yet challenging. Policy testing is an important means to increasing confidence in the correctness of specified policies and their implementations for access control. There are two types of policy testing. In the first type, the artifacts under test are policy specifications and the main testing goal is to assure the correctness of the policy specifications. In the second type, the artifacts under test are policy implementations and the main testing goal is to assure the conformance between the policy specifications and implementations. Both types of policy testing supply typical test inputs (requests) to the artifacts under test and subsequently check test outputs (responses) against expected ones. This entry presents recent approaches on policy testing in five main categories: fault models, testing criteria, test generation, test oracles, and model‐based testing.

Search for more...
Back to top

Use of cookies on this website

We are using cookies to provide statistics that help us give you the best experience of our site. You can find out more in our Privacy Policy. By continuing to use the site you are agreeing to our use of cookies.