Automated Conformance Testing of the 2017 NIST Password Policies
Faculty Mentor Information
Dr. Dianxiang Xu
Abstract
Password security is of the utmost importance to all organizations, particularly those that store sensitive information. In 2017, NIST released a new password guideline, emphasizing procedures that promote the ease of password usage. It increases the complexity of password validation and may raise new issues about password validation programs. This project focuses on automated conformance testing of the new NIST password policy guideline. We use equivalence partitioning and boundary value analysis to create test cases and convert them into test code. We explore mutation analysis for evaluating the effectiveness of test cases. Also, we will apply our technique to the evaluation of multiple open source programs.
Automated Conformance Testing of the 2017 NIST Password Policies
Password security is of the utmost importance to all organizations, particularly those that store sensitive information. In 2017, NIST released a new password guideline, emphasizing procedures that promote the ease of password usage. It increases the complexity of password validation and may raise new issues about password validation programs. This project focuses on automated conformance testing of the new NIST password policy guideline. We use equivalence partitioning and boundary value analysis to create test cases and convert them into test code. We explore mutation analysis for evaluating the effectiveness of test cases. Also, we will apply our technique to the evaluation of multiple open source programs.