主权项 |
1. A system comprising: one or more processors, one or more computer-readable memories and one or more non-transitory computer-readable storage devices;
program instructions, stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, to perform at least one of a functional and non-functional assessment of an authentication layer of a software component, wherein the non-functional assessment is a validation of at least one authentication algorithm associated with the software component, wherein the at least one authentication algorithm is associated with a claims-based authentication policy, wherein at least one of the claims associated with the claims-based authentication policy is an unbounded value; program instructions, stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, to persist and aggregate static and dynamic analysis results of the assessment to enable multiple views of the authentication algorithm execution; program instructions, stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, to generate at least one authentication token, wherein the authentication token is to a testing component to validate an algorithm associated with the authentication layer; program instructions, stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, to execute the algorithm utilizing the at least one authentication token as an input for evaluating at least one conditional statement of the algorithm; program instructions, stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, to determine the at least one conditional statement of the algorithm and obtaining metrics from the at least one conditional statement during execution of the algorithm; program instructions, stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, to establish a decision tree for the authorization algorithm; and program instructions, stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, to graphically present the decision tree for the authorization algorithm within a user interface, wherein each node of the decision tree is associated with at least one of a control flow information and a conditional statement outcome. |