{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T14:19:33Z","timestamp":1742998773745,"version":"3.40.3"},"publisher-location":"Cham","reference-count":25,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030397487"},{"type":"electronic","value":"9783030397494"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-39749-4_3","type":"book-chapter","created":{"date-parts":[[2020,1,24]],"date-time":"2020-01-24T18:03:07Z","timestamp":1579888987000},"page":"35-51","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["A Framework for the Validation of Access Control Systems"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3073-6217","authenticated-orcid":false,"given":"Said","family":"Daoudagh","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4864-2219","authenticated-orcid":false,"given":"Francesca","family":"Lonetti","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4223-8036","authenticated-orcid":false,"given":"Eda","family":"Marchetti","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,1,25]]},"reference":[{"key":"3_CR1","unstructured":"Fedora commons repository software. http:\/\/fedora-commons.org\/"},{"key":"3_CR2","doi-asserted-by":"crossref","unstructured":"Bertolino, A., Daoudagh, S., Lonetti, F., Marchetti, E.: Automatic XACML requests generation for policy testing. In: Proceedings of ICST, pp. 842\u2013849, April 2012","DOI":"10.1109\/ICST.2012.185"},{"key":"3_CR3","unstructured":"Bertolino, A., Daoudagh, S., Lonetti, F., Marchetti, E.: Modelling and testing of XACML policies. 2012-TR-010 (2012)"},{"key":"3_CR4","doi-asserted-by":"crossref","unstructured":"Bertolino, A., Daoudagh, S., Lonetti, F., Marchetti., E.: XACMUT: XACML 2.0 mutants generator. In: Proceedings of the 8th International Workshop on Mutation Analysis, pp. 28\u201333 (2013)","DOI":"10.1109\/ICSTW.2013.11"},{"key":"3_CR5","doi-asserted-by":"crossref","unstructured":"Bertolino, A., Lonetti, F., Marchetti, E.: Systematic XACML request generation for testing purposes. In: Proceedings of the 36th EUROMICRO Conference on Software Engineering and Advanced Applications (SEAA), pp. 3\u201311 (2010)","DOI":"10.1109\/SEAA.2010.58"},{"key":"3_CR6","doi-asserted-by":"crossref","unstructured":"Bertolino, A., Daoudagh, S., Lonetti, F., Marchetti, E.: An automated model-based test oracle for access control systems. In: Proceedings of the 13th International Workshop on Automation of Software Test, AST@ICSE 2018, Gothenburg, Sweden, 28\u201329 May 2018, pp. 2\u20138 (2018)","DOI":"10.1145\/3194733.3194743"},{"issue":"2","key":"3_CR7","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1007\/s11219-013-9216-0","volume":"22","author":"A Bertolino","year":"2014","unstructured":"Bertolino, A., Daoudagh, S., Lonetti, F., Marchetti, E., Martinelli, F., Mori, P.: Testing of PolPA-based usage control systems. Softw. Qual. J. 22(2), 241\u2013271 (2014)","journal-title":"Softw. Qual. J."},{"issue":"4","key":"3_CR8","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1049\/iet-sen.2012.0101","volume":"7","author":"A Bertolino","year":"2013","unstructured":"Bertolino, A., Daoudagh, S., Lonetti, F., Marchetti, E., Schilders, L.: Automated testing of extensible access control markup language-based access control systems. IET Softw. 7(4), 203\u2013212 (2013)","journal-title":"IET Softw."},{"key":"3_CR9","doi-asserted-by":"crossref","unstructured":"Daoudagh, S., Lonetti, F., Marchetti, E.: Assessment of access control systems using mutation testing. In: TELERISE, Florence, Italy, 18 May 2015, pp. 8\u201313 (2015)","DOI":"10.1109\/TELERISE.2015.10"},{"key":"3_CR10","unstructured":"Daoudagh, S., Lonetti, F., Marchetti, E.: XACMET: XACML modeling & testing: an automated model-based testing solution for access control systems. Softw. Qual. J. (2019, accepted)"},{"key":"3_CR11","series-title":"Studies in Big Data","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/978-3-319-61893-7_6","volume-title":"A Comprehensive Guide Through the Italian Database Research Over the Last 25 Years","author":"M Golfarelli","year":"2018","unstructured":"Golfarelli, M., Rizzi, S.: From star schemas to big data: 20+ years of data warehouse research. In: Flesca, Sergio, Greco, Sergio, Masciari, Elio, Sacc\u00e0, Domenico (eds.) A Comprehensive Guide Through the Italian Database Research Over the Last 25 Years. SBD, vol. 31, pp. 93\u2013107. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-61893-7_6"},{"issue":"5","key":"3_CR12","doi-asserted-by":"publisher","first-page":"649","DOI":"10.1109\/TSE.2010.62","volume":"37","author":"Y Jia","year":"2011","unstructured":"Jia, Y., Harman, M.: An analysis and survey of the development of mutation testing. IEEE Trans. Softw. Eng. 37(5), 649\u2013678 (2011)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"3_CR13","doi-asserted-by":"crossref","unstructured":"Le Traon, Y., Mouelhi, T., Baudry, B.: Testing security policies: going beyond functional testing. In: Proceedings of ISSRE, pp. 93\u2013102 (2007)","DOI":"10.1109\/ISSRE.2007.27"},{"key":"3_CR14","unstructured":"Li, Y., Li, Y., Wang, L., Chen, G.: Automatic XACML requests generation for testing access control policies. In: SEKE, pp. 217\u2013222 (2014)"},{"key":"3_CR15","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1002\/stvr.308","volume":"15","author":"YS Ma","year":"2005","unstructured":"Ma, Y.S., Offutt, J., Kwon, Y.R.: MuJava: an automated class mutation system. J. Softw. Test. Verif. Reliab. 15, 97\u2013133 (2005)","journal-title":"J. Softw. Test. Verif. Reliab."},{"key":"3_CR16","doi-asserted-by":"crossref","unstructured":"Martin, E., Xie, T.: A fault model and mutation testing of access control policies. In: Proceedings of the 16th International Conference on World Wide Web, pp. 667\u2013676 (2007)","DOI":"10.1145\/1242572.1242663"},{"key":"3_CR17","doi-asserted-by":"crossref","unstructured":"Martin, E., Xie, T.: Automated test generation for access control policies. In: Supplemental Proceedings of ISSRE, November 2006","DOI":"10.1145\/1176617.1176708"},{"key":"3_CR18","doi-asserted-by":"crossref","unstructured":"Martin, E., Xie, T.: Automated test generation for access control policies via change-impact analysis. In: Proceedings of SESS, pp. 5\u201311, May 2007","DOI":"10.1109\/SESS.2007.5"},{"key":"3_CR19","doi-asserted-by":"crossref","unstructured":"Mouelhi, T., Fleurey, F., Baudry, B.: A generic metamodel for security policies mutation. In: Proceedings of ICSTW, pp. 278\u2013286 (2008)","DOI":"10.1109\/ICSTW.2008.2"},{"key":"3_CR20","unstructured":"OASIS: eXtensible Access Control Markup Language (XACML) Version 2.0. http:\/\/docs.oasis-open.org\/xacml\/2.0\/access_control-xacml-2.0-core-spec-os.pdf. Accessed 10 June 2019"},{"key":"3_CR21","doi-asserted-by":"crossref","unstructured":"Papadakis, M., Kintis, M., Zhang, J., Jia, Y., Traon, Y.L., Harman, M.: Mutation testing advances: an analysis and survey. In: Advances in Computers, vol. 112, pp. 275\u2013378. Elsevier (2019)","DOI":"10.1016\/bs.adcom.2018.03.015"},{"key":"3_CR22","doi-asserted-by":"crossref","unstructured":"Pretschner, A., Mouelhi, T., Le Traon, Y.: Model-based tests for access control policies. In: Proceedings of ICST, pp. 338\u2013347 (2008)","DOI":"10.1109\/ICST.2008.44"},{"key":"3_CR23","unstructured":"Sun Microsystems: Sun\u2019s XACML implementation (2006). http:\/\/sunxacml.sourceforge.net\/"},{"key":"3_CR24","unstructured":"TAS3 project: trusted architecture for securely shared services. https:\/\/cordis.europa.eu\/project\/rcn\/85331\/factsheet\/en"},{"key":"3_CR25","doi-asserted-by":"crossref","unstructured":"Xu, D., Peng, S.: Towards automatic repair of access control policies. In: 14th Annual Conference on Privacy, Security and Trust (PST), pp. 485\u2013492. IEEE (2016)","DOI":"10.1109\/PST.2016.7907003"}],"container-title":["Lecture Notes in Computer Science","Emerging Technologies for Authorization and Authentication"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-39749-4_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,23]],"date-time":"2025-01-23T23:03:34Z","timestamp":1737673414000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-39749-4_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030397487","9783030397494"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-39749-4_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"25 January 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ETAA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Emerging Technologies for Authorization and Authentication","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Luxembourg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Luxembourg","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 September 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 September 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"etaa2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.iit.cnr.it\/etaa2019\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}