Abstract. Checking that a security policy has been correctly deployed over a network is a key issue for system administrators. Although this is a kind of conformance testing, there are a number of significant differences with the framework of such standards as IS9646. We propose a method to derive tests from a policy expressed as a set of rules, with a single modality. For each element of our language and each type of rule, we propose a pattern of test, which we call a tile. We then combine those tiles into a test for the whole rule.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.