NIST logo

Publications Portal

You searched on:
Author: david kuhn

Displaying records 21 to 30 of 88 records.
Resort by: Date / Title

21. Efficient Methods for Interoperability Testing Using Event Sequences
Published: 7/31/2012
Authors: David R Kuhn, James M. Higdon, J .M. Lawrence, Raghu N Kacker, Yu Lei
Abstract: Many software testing problems involve sequences of events. The methods described in this paper were motivated by testing needs of mission critical systems that may accept multiple communication or sensor inputs and generate output to several commun ...

22. Combinatorial Testing
Published: 6/25/2012
Authors: David R Kuhn, Raghu N Kacker, Yu Lei
Abstract: Combinatorial testing is a method that can reduce cost and improve test effectiveness significantly for many applications. The key insight underlying this form of testing is that not every parameter contributes to every failure, and empirical data su ...

23. Evaluation of Fault Detection Effectiveness for Combinatorial and Exhaustive Selection of Discretized Test Inputs
Published: 6/4/2012
Authors: Carmelo Montanez-Rivera, David R Kuhn, Mary C Brady, Richard M Rivello, Jenise Reyes Rodriguez, Michael K. Powers
Abstract: Testing components of web browsers and other graphical interface software can be extremely expensive because of the need for human review of screen appearance and interactive behavior. Combinatorial testing has been advocated as a method that provid ...

24. Combinatorial Methods for Event Sequence Testing
Published: 4/17/2012
Authors: David R Kuhn, James M. Higdon, James F Lawrence, Raghu N Kacker, Yu Lei
Abstract: Many software testing problems involve sequences. This paper presents an application of combinatorial methods to testing problems for which it is important to test multiple configurations, but also to test the order in which events occur. For exam ...

25. Vulnerability Hierarchies in Access Control Configurations
Published: 12/27/2011
Author: David R Kuhn
Abstract: This paper applies methods for analyzing fault hierarchies to the analysis of relationships among vulnerabilities in misconfigured access control rule structures. Hierarchies have been discovered previously for faults in arbitrary logic formulae, s ...

26. Role Engineering: Methods and Standards
Published: 12/8/2011
Authors: Edward Coyne, Timothy Weil, David R Kuhn
Abstract: This article explains problems and approaches to designing permission structures for role based access control. RBAC and the RBAC standard are summarized, common approaches to role engineering described, and the current status and plans for the INCI ...

27. Vetting Mobile Apps
Published: 7/22/2011
Authors: Stephen Quirolgico, Jeffrey Mark Voas, David R Kuhn
Abstract: Billions of copies of apps for mobile devices have been purchased in recent years. With this growth, however, comes an increase in the spread of potentially dangerous security vulnerabilities. Because of an app's low cost and high proliferation, the ...

28. A Combinatorial Approach to Detecting Buffer Overflow Vulnerabilities
Published: 6/14/2011
Authors: Raghu N Kacker, Yu Lei, David R Kuhn, Wenhua Wang
Abstract: Buffer overflow vulnerabilities are program defects that can cause a buffer overflow to occur at runtime. Many security attacks exploit buffer overflow vulnerabilities to compromise critical data structures. In this paper, we present a black-box test ...

29. A Survey of Binary Covering Arrays
Published: 4/7/2011
Authors: James F Lawrence, Raghu N Kacker, David R Kuhn, Michael Forbes
Abstract: Two-valued covering arrays of strength t are 0--1 matrices having the property that for each t columns and each of the possible 2t sequences of t 0's and 1's, there exists a row having that sequence in that set of t columns. Covering arrays are an im ...

30. Model Checking for Verification of Mandatory Access Control Models and Properties
Published: 2/28/2011
Authors: Chung Tong Hu, David R Kuhn, Tao Xie, J Hwang
Abstract: Mandatory access control (MAC) mechanisms control which users or processes have access to which resources in a system. MAC policies are increasingly specified to facilitate managing and maintaining access control. However, the correct specification o ...

Search NIST-wide:

(Search abstract and keywords)

Last Name:
First Name:

Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series