Research On Testcases Generation For Access Control Vulnerabilities Based On Policy Inferring

With the development of Web technology, Web applications are widely used. However, software systems become more and more complex, and Web application security has become serious, access control vulnerability is one of the main security vulnerabilities, attackers can bypass the intended security mechanism and make unauthorized access to data. Therefore, more and more scholars make research on this problem. Test case generation is one of the key issues during the whole testing phase. Nevertheless, existing test case generation approaches have limits and high redundant while providing certain coverage. In this paper, through the research of access control model, based on access control policy, test case generation and detection method for access control vulnerability have been discussed and studied.Firstly, the background concepts on access control vulnerability, and test case generation technologies were discussed. Then, through the research on access control model for Web applications, this paper proposed a novel test case generation method for discovering access control vulnerabilities in Web applications based on black-box. From the collected traces, the method identified the set of rules which are allowed for each role or user and concluded the access control policy. Then reduced and effective test cases were generated based on the inferred policy. The test cases could be divided into two types:legal and illegal. The legal test cases verified the legitimacy of the inferred policy, and illegal test cases detect access control vulnerability.In this paper, a prototype system named ACTC-Generator was also implemented for evaluation over a set of Web applications. The experiment results demonstrated that the method can effectively decrease the test cases and improve the efficiency to exploit access control vulnerabilities while guaranteeing the coverage. Through experiment verification, this method has theoretical significance and application value in test case generation for detecting access control vulnerability.