DOXAT (DevOps Xacml Testing) useful both for continuous planning and testing of the PDP inside the DevOps process. Very briey, PDP testing consists on the execution of a set of access requests, derived by a specic policy on the PDP and the consequent comparison of the collected responses against the expected ones. Considering instead the assessment of the test generation strategies, it is necessary rst, to execute the requests (test cases) on the original PDP and to collect the associated set of responses. Then, the PDP is replaced with one of its mutated versions, each of the test cases re-executed on this mutant, and responses collected again. Finally, the responses are analyzed and compared so to discover the killed mutants. In the case of PDP, a mutant is considered killed when an exception is raised or when the returned response is dierent from the expected one. As nal step, the mutation score for the whole test suite is calculated by dividing the number of killed mutants by the number of mutants. According to the literature, a test suite is considered of high quality if it is able to reach a high mutation score29; i.e. the test suite has a high fault detection capability.

XMF is the core component of our framework, it provides three main functionalities: test case generation, execution and assessment, and mutants generation. XMF consists of the following subcomponents: i) XacmlRepository is a repository containing all XACML policies and data involved into the testing activity, i.e., the name and the version of the test cases generation tools, the XACML requests and the test suites; ii) TestCasesGenerator is an automated XACML requests generator, which implements and/or integrates dfferent testing strategies; iii) PDPsMutationGenerator automatically derives mutated versions of the target PDP; iv) PDPsMutationIntegrator is in charge of seeding the faults in the code of PDP and producing executable mutated versions of it; v) XacmlPDPsRepository stores the target PDP and its associated mutated versions; vi) XacmlPDPsExecutor executes a test suite on the target PDP and the associated set of mutants if they exist; vii) XacmlMutationDW is a data mart for storing the collected data derived from the test cases and mutants generation activities as well as the evaluation activity.

METTERE LINK

The PDP Instantiator component interacts with PDPsMutationGenerator to install each time the PDP used for mutants generation. It allows also to select the PDP functionalities that are object of mutation analysis.

METTERE LINK al PDP mutato (tutte le )