Software security concerns the methods used in controlling software that is used to run the operating system or utility software that supports the running of the operating systems and applications.
Software security refers to the protection of the programs that are either bought from an outside vendor or are created in-house by the user.
Software security is one major concern that is required to build trustworthy software systems. In the last decades, we have witnessed an increasing interest in the security testing research area. Several researchers have explored this topic by providing new solutions in terms of security modeling, security features development, and the specification and implementation of the security mechanisms that have to be embedded in software systems. In parallel to the emergence of security concerns, security testing has also gained a considerable interest as it has to be developed conjointly to software security hardening. As a matter of fact, it is crucial to guarantee that the security mechanisms that are in place are correctly implemented. Testing these security mechanisms is very important in order to avoid ending up with security flaws inside the system or the application.
Access control is one of the major and the most critical security mechanisms. It ensures that only eligible users are able to access protected resources in a given system. This book chapter explores the landscape of access control testing and shows advances in access control testing approaches.