GRADUATION: a GDPR-based mutation methodology

Adopting the General Data Protection Regulation (GDPR) enhances different business and research opportunities that evidence the necessity of appropriate solutions supporting specification, processing, testing, and assessing the overall (personal) data management. This paper proposes GRADUATION (GdpR-bAseD mUtATION) methodology for mutation analysis of data protection policies test cases. The new methodology provides generic mutation operators about the currently applicable EU Data Protection Regulation. The preliminary implementation of the steps involved in the GDPR-based mutant derivation is also described

An automated model-based test oracle for access control systems

In the context of XACML-based access control systems, an intensive testing activity is among the most adopted means to assure that sensible information or resources are correctly accessed. Unfortunately, it requires a huge effort for manual inspection of results: thus automated verdict derivation is a key aspect for improving the cost-effectiveness of testing. To this purpose, we introduce XACMET, a novel approach for automated model-based oracle definition. XACMET defines a typed graph, called the XAC-Graph, that models the XACML policy evaluation. The expected verdict of a specific request execution can thus be automatically derived by executing the corresponding path in such graph. Our validation of the XACMET prototype implementation confirms the effectiveness of the proposed approach.Comment: 7 page

COVID-19 & privacy: Enhancing of indoor localization architectures towards effective social distancing

Abstract The way people access services in indoor environments has dramatically changed in the last year. The countermeasures to the COVID-19 pandemic imposed a disruptive requirement, namely preserving social distance among people in indoor environments. We explore in this work the possibility of adopting the indoor localization technologies to measure the distance among users in indoor environments. We discuss how information about people's contacts collected can be exploited during three stages: before, during, and after people access a service. We present a reference architecture for an Indoor Localization System (ILS), and we illustrate three representative use-cases. We derive some architectural requirements, and we discuss some issues that concretely cope with the real installation of an ILS in real-world settings. In particular, we explore the privacy and trust reputation of an ILS, the discovery phase, and the deployment of the ILS in real-world settings. We finally present an evaluation framework for assessing the performance of the architecture proposed

A Decentralized Solution for Combinatorial Testing of Access Control Engine

In distributed environments, information security is a key factor and access control is an important means to guarantee confidentiality of sensitive and valuable data. In this paper, we introduce a new decentralized framework for testing of XACML-based access control engines. The proposed framework is composed of different web services and provides the following functionalities: I) generation of test cases based on combinatorial testing strategies; ii) decentralized oracle that associates the expected result to a given test case, i.e. an XACML request; and finally, iii) a GUI for interacting with the framework and providing some analysis about the expected results. A first validation confirms the efficiency of the proposed approach

Automatic XACML requests generation for policy testing

Abstract-Access control policies are usually specified by the XACML language. However, policy definition could be an error prone process, because of the many constraints and rules that have to be specified. In order to increase the confidence on defined XACML policies, an accurate testing activity could be a valid solution. The typical policy testing is performed by deriving specific test cases, i.e. XACML requests, that are executed by means of a PDP implementation, so to evidence possible security lacks or problems. Thus the fault detection effectiveness of derived test suite is a fundamental property. To evaluate the performance of the applied test strategy and consequently of the test suite, a commonly adopted methodology is using mutation testing. In this paper, we propose two different methodologies for deriving XACML requests, that are defined independently from the policy under test. The proposals exploit the values of the XACML policy for better customizing the generated requests and providing a more effective test suite. The proposed methodologies have been compared in terms of their fault detection effectiveness by the application of mutation testing on a set of real policies

A Data Warehouse and a Framework for the Validation and Testing of Access Control Systems

Context: In modern pervasive applications, it is important to validate access control mechanisms that are usually defined by means of the standard XACML language. Mutation analysis has been applied on access control policies for measuring the adequacy of a test suite. Objective: This thesis presents (1) a new test case generation strategy, named XACMET, based on the expected behaviour of the Policy Decision Point (PDP), and (2) a testing framework aimed at applying mutation analysis at the level of the Java based PDP engine. A set of Java based mutation operators is selected and applied to the code of the PDP. Method: We conducted a controlled quasi-experiment considering nine real-world access control policies aiming to evaluate XACMET against a combinatorial approach implemented in X-CREATE (as a baseline). To assess the different test generation strategies, we use mutation analysis and compute the mutation scores reached by each strategy. This helps assessing the rate of fault detection. Results: The preliminary results show that XACMET achieves the same fault-detection effectiveness reached by X-CREATE, in almost all cases even employing a smaller number of test requests. Conclusion: We conclude that the test cases generated by XACMET can be used usefully under budget constraints

The GDPR Compliance Through Access Control Systems

The GDPR is changing how Personal Data should be processed. It states, in Art. 5.1(f), that "[data] should be processed in a manner that ensures appropriate security of the personal data […], using appropriate technical or organizational measures (integrity and confidentiality)". We identify in the Access Control (AC) systems such a measure. Indeed, AC is the mechanism used to restrict access to data or systems according to Access Control Policies (ACPs), i.e., a set of rules that specify who has access to which resources and under which circumstances. In our view, the ACPs, when suitably enriched with attributes, elements and rules extracted from the GDPR provisions, can suitably specify the regulations and the AC systems can assure a by-design lawfully compliance with the privacy preserving rules. Vulnerabilities, threats, inaccuracies and misinterpretations that occur during the process of ACPs specification and AC systems implementation may have serious consequences for the security of personal data (security perspective) and for the lawfulness of the data processing (legal perspective). For mitigating these risks, this thesis provides a systematic process for automatically deriving, testing and enforcing ACPs and AC systems in line with the GDPR. Its data protection by-design solution promotes the adoption of AC systems ruled by policies systematically designed for expressing the GDPR's provisions. Specifically, the main contributions of this thesis are: (1) the definition of an Access Control Development Life Cycle for analyzing, designing, implementing and testing AC mechanisms (systems and policies) able to guarantee the compliance with the GDPR; (2) the realization of a reference architecture allowing the automatic application of the proposed Life Cycle; and (3) the use of the thesis proposal within five application examples highlighting the flexibility and feasibility of the proposal

A Domain-Based Monitoring Ontology for IoT Systems

project SERICS (PE00000014) under the NRRP MUR program funded by the EU - NGEU. Publisher Copyright: © 2023, The Author(s).Internet of Things (IoT) is an emerging technology used in several contexts and domains. The work aims to define a technological reference solution specifically conceived for monitoring and assessing the behavior of IoT systems from the cybersecurity perspective when a new device or component joins the system. We leverage semantic web technologies, such as ontologies, for defining DAEMON, a domain-based ontology that formally models monitoring, IoT, and System of Systems (SoS) domains’ knowledge. We also propose a supporting architecture and describe the proof-of-concept implementing different components. We have validated and showcased our proposal by instantiating DAEMON into a multi-robot autonomous navigation scenario applied to the intralogistics domain.publishersversionpublishe

A Toolchain for Model-Based Design and Testing of Access Control Systems

In access control systems, aimed at regulating the accesses to protected data and resources, a critical component is the Policy Decision Point (PDP), which grants or denies the access according to the defined policies. Due to the complexity of the standard language, it is recommended to rely on model-driven approaches which allow to overcome difficulties in the XACML policy definition. We provide in this paper a toolchain that involves a model-driven approach to specify and generate XACML policies and also enables automated testing of the PDP component. We use XACML-based testing strategies for generating appropriate test cases which are able to validate the functional aspects, constraints, permissions and prohibitions of the PDP. An experimental assessment of the toolchain and its use on a realistic case study are also presented

Testing of PolPA Authorization Systems

The implementation of an authorization system is a critical and error-prone activity that requires a careful verification and testing process.As a matter of fact, errors in the authorization system code could grant accesses that should instead be denied, thus jeopardizing the security of the protected system. In this paper, we address the testing of the implementation of the Policy Decision Point (PDP) within the PolPA authorization system that enables history-based and usage-based control of accesses. Accordingly, we propose two testing strategies specifically conceived for validating the history-based access control and the usage control functionalities of the PolPA PDP. The former is based on a fault model able to highlight the problems and vulnerabilities that could occur during the PDP implementation. The latter combines the standard technique for conditions coverage with a methodology for simulating the continuous control of the PDP during the runtime execution. Both strategies are implemented within a testing framework supporting the automatic generation and execution of security test suites. Results produced by the application of this testing framework to a real case study are presented