中文摘要：

在基于安全评估标准的安全数据库管理系统（Security Database Management System，SDBMS）的安全功能测评中，存在的困难问题之一就是缺乏合适的测试用例．而目前基于安全产品形式化规约的测试用例自动生成方法并不能完全适用于这种需要．因为包括SDBMS在内的大多数信息安全产品的系统规约并不能真实的反映现实系统的行为，系统中的操作除了要完成其预定的功能外，同时还必须满足安全产品安全策略的约束．本文采用了基于安全产品安全策略模型的测试用例自动生成方法，设计并实现了一个测试用例自动化生成工具——CaseBuilder．该工具可针对SDBMS快速生成能够满足产品安全策略测试要求的测试用例集．

英文摘要：

During the security evaluation of security products, one of the difficulties is the lack of proper test cases. Current automatic test case generation tools cannot completely solve the problem. The reason is that most specifications of information security products, such as the Secure Database Management System （SDBMS）, cannot reflect the systems＇ real behaviors. Besides the requirements of the product specification, the system must also satisfy the requirements of the security policies. In this paper,we present the design and implementation of CaseBuilder,an automatic test case generating tool, which has adopted a test case generating method based on the product＇s security policies.As the result of prototyping, CaseBuilder can generate test cases for SDBMS effectively, which can well satisfy the testing requirements of security policy model.