tests: Enable isolation of KeyChain during run of unit/integrated tests

Change-Id: Ia136e4bb074c14e8d824f563594cbc0ad7592c3b
Refs: #3655
diff --git a/tests/unit-tests/security/conf/checker.t.cpp b/tests/unit-tests/security/conf/checker.t.cpp
index e989237..64588eb 100644
--- a/tests/unit-tests/security/conf/checker.t.cpp
+++ b/tests/unit-tests/security/conf/checker.t.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -29,6 +29,8 @@
 namespace conf {
 namespace tests {
 
+using namespace ndn::tests;
+
 BOOST_FIXTURE_TEST_SUITE(SecurityConfChecker, IdentityManagementFixture)
 
 void
diff --git a/tests/unit-tests/security/config-file-empty-home/.ndn/client.conf b/tests/unit-tests/security/config-file-empty-home/.ndn/client.conf
deleted file mode 100644
index f1cdcf9..0000000
--- a/tests/unit-tests/security/config-file-empty-home/.ndn/client.conf
+++ /dev/null
@@ -1,4 +0,0 @@
-; Empty client.conf is unfeasible in automated tests,
-; see tests/unit-tests/security/config-file-readme.txt.
-; The test is broken into two: 1) missing pib and 2) missing tpm
-pib=pib-sqlite3:/tmp/test/ndn-cxx/keychain/sqlite3-empty/
diff --git a/tests/unit-tests/security/config-file-empty2-home/.ndn/client.conf b/tests/unit-tests/security/config-file-empty2-home/.ndn/client.conf
deleted file mode 100644
index 98b43c8..0000000
--- a/tests/unit-tests/security/config-file-empty2-home/.ndn/client.conf
+++ /dev/null
@@ -1,4 +0,0 @@
-; Empty client.conf is unfeasible in automated tests,
-; see tests/unit-tests/security/config-file-readme.txt.
-; The test is broken into two: 1) missing pib and 2) missing tpm
-tpm=tpm-file:/tmp/test/ndn-cxx/keychain/empty-file/
diff --git a/tests/unit-tests/security/config-file-home/.ndn/client.conf b/tests/unit-tests/security/config-file-home/.ndn/client.conf
deleted file mode 100644
index 8823a78..0000000
--- a/tests/unit-tests/security/config-file-home/.ndn/client.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-pib=pib-sqlite3:/tmp/test/ndn-cxx/keychain/sqlite3-file/
-tpm=tpm-file:/tmp/test/ndn-cxx/keychain/sqlite3-file/
diff --git a/tests/unit-tests/security/config-file-malformed-home/.ndn/client.conf b/tests/unit-tests/security/config-file-malformed-home/.ndn/client.conf
deleted file mode 100644
index 4ed6728..0000000
--- a/tests/unit-tests/security/config-file-malformed-home/.ndn/client.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-pib=lord
-tpm=ring
diff --git a/tests/unit-tests/security/config-file-malformed2-home/.ndn/client.conf b/tests/unit-tests/security/config-file-malformed2-home/.ndn/client.conf
deleted file mode 100644
index 2cfb7f6..0000000
--- a/tests/unit-tests/security/config-file-malformed2-home/.ndn/client.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-pib=pib-sqlite3:/tmp/test/ndn-cxx/keychain/sqlite3-just-wrong/
-tpm=just-wrong
diff --git a/tests/unit-tests/security/digest-sha256.t.cpp b/tests/unit-tests/security/digest-sha256.t.cpp
index ffc6908..f6e2eb0 100644
--- a/tests/unit-tests/security/digest-sha256.t.cpp
+++ b/tests/unit-tests/security/digest-sha256.t.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -30,7 +30,7 @@
 namespace ndn {
 namespace tests {
 
-BOOST_FIXTURE_TEST_SUITE(SecurityDigestSha256, security::IdentityManagementFixture)
+BOOST_FIXTURE_TEST_SUITE(SecurityDigestSha256, IdentityManagementFixture)
 
 std::string SHA256_RESULT("a883dafc480d466ee04e0d6da986bd78eb1fdd2178d04693723da3a8f95d42f4");
 
diff --git a/tests/unit-tests/security/identity-fixture.cpp b/tests/unit-tests/security/identity-fixture.cpp
deleted file mode 100644
index a89eb8d..0000000
--- a/tests/unit-tests/security/identity-fixture.cpp
+++ /dev/null
@@ -1,121 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2013-2015 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file.  If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#include "security/key-chain.hpp"
-#include "../util/test-home-environment-fixture.hpp"
-#include <boost/filesystem.hpp>
-
-#include "boost-test.hpp"
-
-namespace ndn {
-namespace security {
-
-class IdentityFixture : public util::TestHomeEnvironmentFixture
-{
-public:
-  IdentityFixture()
-  {
-    using namespace boost::filesystem;
-
-    // initialize KeyChain from test specific HOME: tests/unit-tests/security/tmp-home
-    if (std::getenv("HOME"))
-      m_HOME = std::getenv("HOME");
-    if (std::getenv("OLD_HOME"))
-      m_OLD_HOME = std::getenv("OLD_HOME");
-
-    setenv("HOME", "tests/unit-tests/security/tmp-home", 1);
-    setenv("OLD_HOME", m_HOME.c_str(), 1);
-
-    KeyChain keyChain;
-
-    // save the old default identity
-    try {
-      m_oldDefaultIdentity = keyChain.getDefaultIdentity();
-      m_hasOldDefaultIdentity = true;
-    }
-    catch (SecPublicInfo::Error& e) {
-      m_hasOldDefaultIdentity = false;
-    }
-
-    m_newIdentity = "/ndn-cxx-test-identity";
-    m_newIdentity.appendVersion();
-
-    // create the new identity and self-signed certificate
-    keyChain.createIdentity(m_newIdentity);
-
-    // set the new identity as default identity,
-    // and the corresponding certificate becomes the default certificate
-    keyChain.setDefaultIdentity(m_newIdentity);
-  }
-
-  ~IdentityFixture()
-  {
-    using namespace boost::filesystem;
-
-    KeyChain keyChain;
-
-    // recover the old default setting
-    if (m_hasOldDefaultIdentity) {
-      keyChain.setDefaultIdentity(m_oldDefaultIdentity);
-    }
-
-    // remove the temporarily created identity and certificates
-    // XXX This has no effect if oldDefaultIdentity doesn't exist.
-    //     newIdentity would be kept as default.
-    keyChain.deleteIdentity(m_newIdentity);
-
-    path pibPath(absolute(std::getenv("HOME")));
-    pibPath /= ".ndn/ndnsec-public-info.db";
-
-    boost::filesystem::remove(pibPath);
-
-    path tpmPath(absolute(std::getenv("HOME")));
-    tpmPath /= ".ndn/ndnsec-tpm-file";
-
-    boost::filesystem::remove_all(tpmPath);
-
-    if (!m_HOME.empty())
-      setenv("HOME", m_HOME.c_str(), 1);
-    else
-      unsetenv("HOME");
-
-    if (!m_OLD_HOME.empty())
-      setenv("OLD_HOME", m_OLD_HOME.c_str(), 1);
-    else
-      unsetenv("OLD_HOME");
-  }
-
-private:
-  std::string m_OLD_HOME;
-  std::string m_HOME;
-
-  bool m_hasOldDefaultIdentity;
-  Name m_oldDefaultIdentity;
-  Name m_newIdentity;
-};
-
-BOOST_GLOBAL_FIXTURE(IdentityFixture)
-#if BOOST_VERSION >= 105900
-;
-#endif // BOOST_VERSION >= 105900
-
-} // namespace security
-} // namespace ndn
diff --git a/tests/unit-tests/security/identity-management-fixture.t.cpp b/tests/unit-tests/security/identity-management-fixture.t.cpp
index 046c018..5c02328 100644
--- a/tests/unit-tests/security/identity-management-fixture.t.cpp
+++ b/tests/unit-tests/security/identity-management-fixture.t.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -23,7 +23,6 @@
 #include "boost-test.hpp"
 
 namespace ndn {
-namespace security {
 namespace tests {
 
 BOOST_FIXTURE_TEST_SUITE(SecurityIdentityManagementFixture, IdentityManagementFixture)
@@ -40,5 +39,4 @@
 BOOST_AUTO_TEST_SUITE_END()
 
 } // namespace tests
-} // namespace security
 } // namespace ndn
diff --git a/tests/unit-tests/security/key-chain.t.cpp b/tests/unit-tests/security/key-chain.t.cpp
index 5eae0c4..797ce01 100644
--- a/tests/unit-tests/security/key-chain.t.cpp
+++ b/tests/unit-tests/security/key-chain.t.cpp
@@ -26,42 +26,74 @@
 #include "boost-test.hpp"
 #include "dummy-keychain.hpp"
 #include "../util/test-home-environment-fixture.hpp"
+#include "key-chain-fixture.hpp"
+#include "identity-management-fixture.hpp"
 
 #include <boost/filesystem.hpp>
+#include <boost/algorithm/string.hpp>
+#include <fstream>
 
 namespace ndn {
 namespace security {
 namespace tests {
 
+using namespace ndn::tests;
+
 BOOST_FIXTURE_TEST_SUITE(SecurityKeyChain, util::TestHomeEnvironmentFixture)
 
-BOOST_AUTO_TEST_CASE(ConstructorNormalConfig)
+template<class Path>
+class TestHomeAndPibFixture : public PibDirFixture<Path>
 {
-  using namespace boost::filesystem;
+public:
+  TestHomeAndPibFixture()
+  {
+    setenv("TEST_HOME", this->m_pibDir.c_str(), true);
+    unsetenv("NDN_CLIENT_PIB");
+    unsetenv("NDN_CLIENT_TPM");
+  }
 
-  setenv("TEST_HOME", "tests/unit-tests/security/config-file-home", 1);
+  ~TestHomeAndPibFixture()
+  {
+    unsetenv("TEST_HOME");
+  }
+
+  void
+  createClientConf(std::initializer_list<std::string> lines)
+  {
+    boost::filesystem::create_directories(boost::filesystem::path(this->m_pibDir) / ".ndn");
+    std::ofstream of((boost::filesystem::path(this->m_pibDir) / ".ndn" / "client.conf").c_str());
+    for (auto line : lines) {
+      boost::replace_all(line, "%PATH%", this->m_pibDir);
+      of << line << std::endl;
+    }
+  }
+};
+
+struct PibPathSqlite3File
+{
+  const std::string PATH = "build/keys-sqlite3-file/";
+};
+
+BOOST_FIXTURE_TEST_CASE(ConstructorNormalConfig, TestHomeAndPibFixture<PibPathSqlite3File>)
+{
+  createClientConf({"pib=pib-sqlite3:%PATH%", "tpm=tpm-file:%PATH%"});
 
   BOOST_REQUIRE_NO_THROW(KeyChain());
 
   KeyChain keyChain;
-  BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(),
-                    "pib-sqlite3:/tmp/test/ndn-cxx/keychain/sqlite3-file/");
-  BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(),
-                    "tpm-file:/tmp/test/ndn-cxx/keychain/sqlite3-file/");
-  BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(),
-                    "tpm-file:/tmp/test/ndn-cxx/keychain/sqlite3-file/");
-
-  path pibPath(absolute(std::getenv("TEST_HOME")));
-  pibPath /= ".ndn/ndnsec-public-info.db";
-
-  boost::filesystem::remove(pibPath);
+  BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(), "pib-sqlite3:" + m_pibDir);
+  BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-file:" + m_pibDir);
+  BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-file:" + m_pibDir);
 }
 
-BOOST_AUTO_TEST_CASE(ConstructorEmptyConfig)
+struct PibPathSqlite3Empty
 {
-  using namespace boost::filesystem;
+  const std::string PATH = "build/keys-sqlite3-empty/";
+};
 
-  setenv("TEST_HOME", "tests/unit-tests/security/config-file-empty-home", 1);
+BOOST_FIXTURE_TEST_CASE(ConstructorEmptyConfig, TestHomeAndPibFixture<PibPathSqlite3Empty>)
+{
+  createClientConf({"pib=pib-sqlite3:%PATH%"});
 
 #if defined(NDN_CXX_HAVE_OSX_SECURITY)
   std::string oldHOME;
@@ -73,261 +105,225 @@
     HOME = std::getenv("HOME");
 
   if (!oldHOME.empty())
-    setenv("HOME", oldHOME.c_str(), 1);
+    setenv("HOME", oldHOME.c_str(), true);
   else
     unsetenv("HOME");
 #endif
 
   BOOST_REQUIRE_NO_THROW(KeyChain());
   KeyChain keyChain;
-  BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(),
-                    "pib-sqlite3:/tmp/test/ndn-cxx/keychain/sqlite3-empty/");
+  BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(), "pib-sqlite3:" + m_pibDir);
 
 #if defined(NDN_CXX_HAVE_OSX_SECURITY)
   BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-osxkeychain:");
   BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-osxkeychain:");
 #else
-  BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(),
-                    "tpm-file:");
-  BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(),
-                    "tpm-file:");
+  BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-file:");
+  BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-file:");
 #endif
 
 #if defined(NDN_CXX_HAVE_OSX_SECURITY)
   if (!HOME.empty())
-    setenv("HOME", HOME.c_str(), 1);
+    setenv("HOME", HOME.c_str(), true);
   else
     unsetenv("HOME");
 #endif
-
-  path pibPath(absolute(std::getenv("TEST_HOME")));
-  pibPath /= ".ndn/ndnsec-public-info.db";
-
-  boost::filesystem::remove(pibPath);
 }
 
-BOOST_AUTO_TEST_CASE(ConstructorEmpty2Config)
+struct PibPathEmptyFile
 {
-  using namespace boost::filesystem;
+  const std::string PATH = "build/keys-empty-file/";
+};
 
-  setenv("TEST_HOME", "tests/unit-tests/security/config-file-empty2-home", 1);
+BOOST_FIXTURE_TEST_CASE(ConstructorEmpty2Config, TestHomeAndPibFixture<PibPathEmptyFile>)
+{
+  createClientConf({"tpm=tpm-file:%PATH%"});
 
   BOOST_REQUIRE_NO_THROW(KeyChain());
 
   KeyChain keyChain;
-  BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(),
-                    "pib-sqlite3:");
-  BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(),
-                    "tpm-file:/tmp/test/ndn-cxx/keychain/empty-file/");
-  BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(),
-                    "tpm-file:/tmp/test/ndn-cxx/keychain/empty-file/");
-
-  path pibPath(absolute(std::getenv("TEST_HOME")));
-  pibPath /= ".ndn/ndnsec-public-info.db";
-
-  boost::filesystem::remove(pibPath);
+  BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(), "pib-sqlite3:");
+  BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-file:" + m_pibDir);
+  BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-file:" + m_pibDir);
 }
 
-BOOST_AUTO_TEST_CASE(ConstructorMalConfig)
+BOOST_FIXTURE_TEST_CASE(ConstructorMalConfig, TestHomeAndPibFixture<DefaultPibDir>)
 {
-  using namespace boost::filesystem;
-
-  setenv("TEST_HOME", "tests/unit-tests/security/config-file-malformed-home", 1);
+  createClientConf({"pib=lord", "tpm=ring"});
 
   BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected.
 }
 
-BOOST_AUTO_TEST_CASE(ConstructorMal2Config)
+BOOST_FIXTURE_TEST_CASE(ConstructorMal2Config, TestHomeAndPibFixture<DefaultPibDir>)
 {
-  using namespace boost::filesystem;
-
-  setenv("TEST_HOME", "tests/unit-tests/security/config-file-malformed2-home", 1);
-
+  createClientConf({"pib=pib-sqlite3:%PATH%", "tpm=just-wrong"});
   BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected.
 }
 
-BOOST_AUTO_TEST_CASE(ExportIdentity)
+BOOST_FIXTURE_TEST_CASE(ExportIdentity, IdentityManagementFixture)
 {
-  KeyChain keyChain;
-
   Name identity("/TestKeyChain/ExportIdentity/");
   identity.appendVersion();
-  keyChain.createIdentity(identity);
+  addIdentity(identity);
 
-  shared_ptr<SecuredBag> exported = keyChain.exportIdentity(identity, "1234");
+  shared_ptr<SecuredBag> exported = m_keyChain.exportIdentity(identity, "1234");
 
   Block block = exported->wireEncode();
 
-  Name keyName = keyChain.getDefaultKeyNameForIdentity(identity);
-  Name certName = keyChain.getDefaultCertificateNameForKey(keyName);
+  Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
+  Name certName = m_keyChain.getDefaultCertificateNameForKey(keyName);
 
-  keyChain.deleteIdentity(identity);
+  m_keyChain.deleteIdentity(identity);
 
-  BOOST_CHECK_EQUAL(keyChain.doesIdentityExist(identity), false);
-  BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName), false);
-  BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
-  BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName), false);
 
   SecuredBag imported;
   imported.wireDecode(block);
-  keyChain.importIdentity(imported, "1234");
+  m_keyChain.importIdentity(imported, "1234");
 
-  BOOST_CHECK(keyChain.doesIdentityExist(identity));
-  BOOST_CHECK(keyChain.doesPublicKeyExist(keyName));
-  BOOST_CHECK(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE));
-  BOOST_CHECK(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC));
-  BOOST_CHECK(keyChain.doesCertificateExist(certName));
-
-  keyChain.deleteIdentity(identity);
-
-  BOOST_CHECK_EQUAL(keyChain.doesIdentityExist(identity), false);
-  BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName), false);
-  BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
-  BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName), false);
+  BOOST_CHECK(m_keyChain.doesIdentityExist(identity));
+  BOOST_CHECK(m_keyChain.doesPublicKeyExist(keyName));
+  BOOST_CHECK(m_keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE));
+  BOOST_CHECK(m_keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC));
+  BOOST_CHECK(m_keyChain.doesCertificateExist(certName));
 }
 
-BOOST_AUTO_TEST_CASE(PrepareIdentityCertificate)
+BOOST_FIXTURE_TEST_CASE(PrepareIdentityCertificate, IdentityManagementFixture)
 {
-  KeyChain keyChain;
-
   Name identity("/TestKeyChain/PrepareIdentityCertificate/");
   identity.appendVersion();
-  keyChain.createIdentity(identity);
+  addIdentity(identity);
 
   std::vector<CertificateSubjectDescription> subjectDescription;
   Name lowerIdentity = identity;
   lowerIdentity.append("Lower").appendVersion();
-  Name lowerKeyName = keyChain.generateRsaKeyPair(lowerIdentity, true);
+  Name lowerKeyName = m_keyChain.generateRsaKeyPair(lowerIdentity, true);
   shared_ptr<IdentityCertificate> idCert =
-    keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
-                                                time::system_clock::now(),
-                                                time::system_clock::now() + time::days(365),
-                                                subjectDescription);
+    m_keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
+                                                  time::system_clock::now(),
+                                                  time::system_clock::now() + time::days(365),
+                                                  subjectDescription);
   BOOST_CHECK(static_cast<bool>(idCert));
   BOOST_CHECK_EQUAL(idCert->getName().getPrefix(5),
                     Name().append(identity).append("KEY").append("Lower"));
   BOOST_CHECK(idCert->getFreshnessPeriod() >= time::milliseconds::zero());
 
   shared_ptr<IdentityCertificate> idCert11 =
-    keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
-                                                time::system_clock::now(),
-                                                time::system_clock::now() + time::days(365),
-                                                subjectDescription,
-                                                lowerIdentity);
+    m_keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
+                                                  time::system_clock::now(),
+                                                  time::system_clock::now() + time::days(365),
+                                                  subjectDescription,
+                                                  lowerIdentity);
   BOOST_CHECK(static_cast<bool>(idCert11));
   BOOST_CHECK_EQUAL(idCert11->getName().getPrefix(6),
               Name().append(lowerIdentity).append("KEY"));
 
   Name anotherIdentity("/TestKeyChain/PrepareIdentityCertificate/Another/");
   anotherIdentity.appendVersion();
-  Name anotherKeyName = keyChain.generateRsaKeyPair(anotherIdentity, true);
+  Name anotherKeyName = m_keyChain.generateRsaKeyPair(anotherIdentity, true);
   shared_ptr<IdentityCertificate> idCert2 =
-    keyChain.prepareUnsignedIdentityCertificate(anotherKeyName, identity,
-                                                time::system_clock::now(),
-                                                time::system_clock::now() + time::days(365),
-                                                subjectDescription);
+    m_keyChain.prepareUnsignedIdentityCertificate(anotherKeyName, identity,
+                                                  time::system_clock::now(),
+                                                  time::system_clock::now() + time::days(365),
+                                                  subjectDescription);
   BOOST_CHECK(static_cast<bool>(idCert2));
   BOOST_CHECK_EQUAL(idCert2->getName().getPrefix(5), Name().append(anotherIdentity).append("KEY"));
 
 
   Name wrongKeyName1;
   shared_ptr<IdentityCertificate> idCert3 =
-    keyChain.prepareUnsignedIdentityCertificate(wrongKeyName1, identity,
-                                                time::system_clock::now(),
-                                                time::system_clock::now() + time::days(365),
-                                                subjectDescription);
+    m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName1, identity,
+                                                  time::system_clock::now(),
+                                                  time::system_clock::now() + time::days(365),
+                                                  subjectDescription);
   BOOST_CHECK_EQUAL(static_cast<bool>(idCert3), false);
 
 
   Name wrongKeyName2("/TestKeyChain/PrepareIdentityCertificate");
   shared_ptr<IdentityCertificate> idCert4 =
-    keyChain.prepareUnsignedIdentityCertificate(wrongKeyName2, identity,
-                                                time::system_clock::now(),
-                                                time::system_clock::now() + time::days(365),
-                                                subjectDescription);
+    m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName2, identity,
+                                                  time::system_clock::now(),
+                                                  time::system_clock::now() + time::days(365),
+                                                  subjectDescription);
   BOOST_CHECK_EQUAL(static_cast<bool>(idCert4), false);
 
 
   Name wrongKeyName3("/TestKeyChain/PrepareIdentityCertificate/ksk-1234");
   shared_ptr<IdentityCertificate> idCert5 =
-    keyChain.prepareUnsignedIdentityCertificate(wrongKeyName3, identity,
-                                                time::system_clock::now(),
-                                                time::system_clock::now() + time::days(365),
-                                                subjectDescription);
+    m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName3, identity,
+                                                  time::system_clock::now(),
+                                                  time::system_clock::now() + time::days(365),
+                                                  subjectDescription);
   BOOST_CHECK_EQUAL(static_cast<bool>(idCert5), false);
-
-  keyChain.deleteIdentity(identity);
-  keyChain.deleteIdentity(lowerIdentity);
-  keyChain.deleteIdentity(anotherIdentity);
 }
 
-BOOST_AUTO_TEST_CASE(Delete)
+BOOST_FIXTURE_TEST_CASE(Delete, IdentityManagementFixture)
 {
-  KeyChain keyChain;
-
   Name identity("/TestSecPublicInfoSqlite3/Delete");
   identity.appendVersion();
 
   Name certName1;
-  BOOST_REQUIRE_NO_THROW(certName1 = keyChain.createIdentity(identity));
+  BOOST_REQUIRE_NO_THROW(certName1 = m_keyChain.createIdentity(identity));
 
   Name keyName1 = IdentityCertificate::certificateNameToPublicKeyName(certName1);
   Name keyName2;
-  BOOST_REQUIRE_NO_THROW(keyName2 = keyChain.generateRsaKeyPairAsDefault(identity));
+  BOOST_REQUIRE_NO_THROW(keyName2 = m_keyChain.generateRsaKeyPairAsDefault(identity));
 
   shared_ptr<IdentityCertificate> cert2;
-  BOOST_REQUIRE_NO_THROW(cert2 = keyChain.selfSign(keyName2));
+  BOOST_REQUIRE_NO_THROW(cert2 = m_keyChain.selfSign(keyName2));
   Name certName2 = cert2->getName();
-  BOOST_REQUIRE_NO_THROW(keyChain.addCertificateAsKeyDefault(*cert2));
+  BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert2));
 
   Name keyName3;
-  BOOST_REQUIRE_NO_THROW(keyName3 = keyChain.generateRsaKeyPairAsDefault(identity));
+  BOOST_REQUIRE_NO_THROW(keyName3 = m_keyChain.generateRsaKeyPairAsDefault(identity));
 
   shared_ptr<IdentityCertificate> cert3;
-  BOOST_REQUIRE_NO_THROW(cert3 = keyChain.selfSign(keyName3));
+  BOOST_REQUIRE_NO_THROW(cert3 = m_keyChain.selfSign(keyName3));
   Name certName3 = cert3->getName();
-  BOOST_REQUIRE_NO_THROW(keyChain.addCertificateAsKeyDefault(*cert3));
+  BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert3));
   shared_ptr<IdentityCertificate> cert4;
-  BOOST_REQUIRE_NO_THROW(cert4 = keyChain.selfSign(keyName3));
+  BOOST_REQUIRE_NO_THROW(cert4 = m_keyChain.selfSign(keyName3));
   Name certName4 = cert4->getName();
-  BOOST_REQUIRE_NO_THROW(keyChain.addCertificateAsKeyDefault(*cert4));
+  BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert4));
   shared_ptr<IdentityCertificate> cert5;
-  BOOST_REQUIRE_NO_THROW(cert5 = keyChain.selfSign(keyName3));
+  BOOST_REQUIRE_NO_THROW(cert5 = m_keyChain.selfSign(keyName3));
   Name certName5 = cert5->getName();
-  BOOST_REQUIRE_NO_THROW(keyChain.addCertificateAsKeyDefault(*cert5));
+  BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert5));
 
-  BOOST_CHECK_EQUAL(keyChain.doesIdentityExist(identity), true);
-  BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName1), true);
-  BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName2), true);
-  BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName3), true);
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName1), true);
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName2), true);
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName3), true);
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName4), true);
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName5), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName1), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName2), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName3), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName1), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName2), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName3), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName4), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName5), true);
 
-  BOOST_REQUIRE_NO_THROW(keyChain.deleteCertificate(certName5));
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName5), false);
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName3), true);
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName4), true);
-  BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName3), true);
+  BOOST_REQUIRE_NO_THROW(m_keyChain.deleteCertificate(certName5));
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName5), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName3), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName4), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName3), true);
 
-  BOOST_REQUIRE_NO_THROW(keyChain.deleteKey(keyName3));
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName4), false);
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName3), false);
-  BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName3), false);
-  BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName2), true);
-  BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName1), true);
-  BOOST_CHECK_EQUAL(keyChain.doesIdentityExist(identity), true);
+  BOOST_REQUIRE_NO_THROW(m_keyChain.deleteKey(keyName3));
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName4), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName3), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName3), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName2), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName1), true);
+  BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), true);
 
-  BOOST_REQUIRE_NO_THROW(keyChain.deleteIdentity(identity));
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName2), false);
-  BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName2), false);
-  BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName1), false);
-  BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName1), false);
-  BOOST_CHECK_EQUAL(keyChain.doesIdentityExist(identity), false);
+  BOOST_REQUIRE_NO_THROW(m_keyChain.deleteIdentity(identity));
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName2), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName2), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName1), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName1), false);
+  BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), false);
 }
 
 BOOST_AUTO_TEST_CASE(KeyChainWithCustomTpmAndPib)
@@ -345,63 +341,62 @@
   BOOST_CHECK_EQUAL(keyChain.getDefaultIdentity(), "/dummy/key");
 }
 
-BOOST_AUTO_TEST_CASE(GeneralSigningInterface)
+BOOST_FIXTURE_TEST_CASE(GeneralSigningInterface, IdentityManagementFixture)
 {
-  KeyChain keyChain;
   Name id("/id");
-  Name certName = keyChain.createIdentity(id);
-  shared_ptr<IdentityCertificate> idCert = keyChain.getCertificate(certName);
+  Name certName = m_keyChain.createIdentity(id);
+  shared_ptr<IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
   Name keyName = idCert->getPublicKeyName();
-  keyChain.setDefaultIdentity(id);
+  m_keyChain.setDefaultIdentity(id);
 
   Name id2("/id2");
-  Name cert2Name = keyChain.createIdentity(id2);
-  shared_ptr<IdentityCertificate> id2Cert = keyChain.getCertificate(cert2Name);
+  Name cert2Name = m_keyChain.createIdentity(id2);
+  shared_ptr<IdentityCertificate> id2Cert = m_keyChain.getCertificate(cert2Name);
 
   // SigningInfo is set to default
   Data data1("/data1");
-  keyChain.sign(data1);
+  m_keyChain.sign(data1);
   BOOST_CHECK(Validator::verifySignature(data1, idCert->getPublicKeyInfo()));
   BOOST_CHECK_EQUAL(data1.getSignature().getKeyLocator().getName(), certName.getPrefix(-1));
 
   Interest interest1("/interest1");
-  keyChain.sign(interest1);
+  m_keyChain.sign(interest1);
   BOOST_CHECK(Validator::verifySignature(interest1, idCert->getPublicKeyInfo()));
   SignatureInfo sigInfo1(interest1.getName()[-2].blockFromValue());
   BOOST_CHECK_EQUAL(sigInfo1.getKeyLocator().getName(), certName.getPrefix(-1));
 
   // SigningInfo is set to Identity
   Data data2("/data2");
-  keyChain.sign(data2, SigningInfo(SigningInfo::SIGNER_TYPE_ID, id2));
+  m_keyChain.sign(data2, SigningInfo(SigningInfo::SIGNER_TYPE_ID, id2));
   BOOST_CHECK(Validator::verifySignature(data2, id2Cert->getPublicKeyInfo()));
   BOOST_CHECK_EQUAL(data2.getSignature().getKeyLocator().getName(), cert2Name.getPrefix(-1));
 
   Interest interest2("/interest2");
-  keyChain.sign(interest2, SigningInfo(SigningInfo::SIGNER_TYPE_ID, id2));
+  m_keyChain.sign(interest2, SigningInfo(SigningInfo::SIGNER_TYPE_ID, id2));
   BOOST_CHECK(Validator::verifySignature(interest2, id2Cert->getPublicKeyInfo()));
   SignatureInfo sigInfo2(interest2.getName()[-2].blockFromValue());
   BOOST_CHECK_EQUAL(sigInfo2.getKeyLocator().getName(), cert2Name.getPrefix(-1));
 
   // SigningInfo is set to Key
   Data data3("/data3");
-  keyChain.sign(data3, SigningInfo(SigningInfo::SIGNER_TYPE_KEY, keyName));
+  m_keyChain.sign(data3, SigningInfo(SigningInfo::SIGNER_TYPE_KEY, keyName));
   BOOST_CHECK(Validator::verifySignature(data3, idCert->getPublicKeyInfo()));
   BOOST_CHECK_EQUAL(data3.getSignature().getKeyLocator().getName(), certName.getPrefix(-1));
 
   Interest interest3("/interest3");
-  keyChain.sign(interest3);
+  m_keyChain.sign(interest3);
   BOOST_CHECK(Validator::verifySignature(interest3, idCert->getPublicKeyInfo()));
   SignatureInfo sigInfo3(interest1.getName()[-2].blockFromValue());
   BOOST_CHECK_EQUAL(sigInfo3.getKeyLocator().getName(), certName.getPrefix(-1));
 
   // SigningInfo is set to Cert
   Data data4("/data4");
-  keyChain.sign(data4, SigningInfo(SigningInfo::SIGNER_TYPE_CERT, certName));
+  m_keyChain.sign(data4, SigningInfo(SigningInfo::SIGNER_TYPE_CERT, certName));
   BOOST_CHECK(Validator::verifySignature(data4, idCert->getPublicKeyInfo()));
   BOOST_CHECK_EQUAL(data4.getSignature().getKeyLocator().getName(), certName.getPrefix(-1));
 
   Interest interest4("/interest4");
-  keyChain.sign(interest4, SigningInfo(SigningInfo::SIGNER_TYPE_CERT, certName));
+  m_keyChain.sign(interest4, SigningInfo(SigningInfo::SIGNER_TYPE_CERT, certName));
   BOOST_CHECK(Validator::verifySignature(interest4, idCert->getPublicKeyInfo()));
   SignatureInfo sigInfo4(interest4.getName()[-2].blockFromValue());
   BOOST_CHECK_EQUAL(sigInfo4.getKeyLocator().getName(), certName.getPrefix(-1));
@@ -409,32 +404,31 @@
 
   // SigningInfo is set to DigestSha256
   Data data5("/data5");
-  keyChain.sign(data5, SigningInfo(SigningInfo::SIGNER_TYPE_SHA256));
+  m_keyChain.sign(data5, SigningInfo(SigningInfo::SIGNER_TYPE_SHA256));
   BOOST_CHECK(Validator::verifySignature(data5, DigestSha256(data5.getSignature())));
 
   Interest interest5("/interest4");
-  keyChain.sign(interest5, SigningInfo(SigningInfo::SIGNER_TYPE_SHA256));
+  m_keyChain.sign(interest5, SigningInfo(SigningInfo::SIGNER_TYPE_SHA256));
   BOOST_CHECK(Validator::verifySignature(interest5,
                                          DigestSha256(Signature(interest5.getName()[-2].blockFromValue(),
                                                                 interest5.getName()[-1].blockFromValue()))));
 }
 
-BOOST_AUTO_TEST_CASE(EcdsaSigningByIdentityNoCert)
+BOOST_FIXTURE_TEST_CASE(EcdsaSigningByIdentityNoCert, IdentityManagementFixture)
 {
-  KeyChain keyChain;
   Data data("/test/data");
 
   Name nonExistingIdentity = Name("/non-existing/identity").appendVersion();
 
-  BOOST_CHECK_NO_THROW(keyChain.sign(data, signingByIdentity(nonExistingIdentity)));
+  BOOST_CHECK_NO_THROW(m_keyChain.sign(data, signingByIdentity(nonExistingIdentity)));
   BOOST_CHECK_EQUAL(data.getSignature().getType(),
                     KeyChain::getSignatureType(KeyChain::DEFAULT_KEY_PARAMS.getKeyType(),
                                                DIGEST_ALGORITHM_SHA256));
   BOOST_CHECK(nonExistingIdentity.isPrefixOf(data.getSignature().getKeyLocator().getName()));
 
   Name ecdsaIdentity = Name("/ndn/test/ecdsa").appendVersion();
-  Name ecdsaKeyName = keyChain.generateEcdsaKeyPairAsDefault(ecdsaIdentity, false, 256);
-  BOOST_CHECK_NO_THROW(keyChain.sign(data, signingByIdentity(ecdsaIdentity)));
+  Name ecdsaKeyName = m_keyChain.generateEcdsaKeyPairAsDefault(ecdsaIdentity, false, 256);
+  BOOST_CHECK_NO_THROW(m_keyChain.sign(data, signingByIdentity(ecdsaIdentity)));
   BOOST_CHECK_EQUAL(data.getSignature().getType(),
                     KeyChain::getSignatureType(EcdsaKeyParams().getKeyType(), DIGEST_ALGORITHM_SHA256));
   BOOST_CHECK(ecdsaIdentity.isPrefixOf(data.getSignature().getKeyLocator().getName()));
diff --git a/tests/unit-tests/security/sec-rule-relative.t.cpp b/tests/unit-tests/security/sec-rule-relative.t.cpp
index 8557cc9..a94e6c1 100644
--- a/tests/unit-tests/security/sec-rule-relative.t.cpp
+++ b/tests/unit-tests/security/sec-rule-relative.t.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -26,6 +26,8 @@
 namespace security {
 namespace tests {
 
+using namespace ndn::tests;
+
 BOOST_FIXTURE_TEST_SUITE(SecuritySecRuleRelative, IdentityManagementFixture)
 
 BOOST_AUTO_TEST_CASE(SecRuleRelativeTest)
diff --git a/tests/unit-tests/security/sec-rule-specific.t.cpp b/tests/unit-tests/security/sec-rule-specific.t.cpp
index 602a080..c1748fb 100644
--- a/tests/unit-tests/security/sec-rule-specific.t.cpp
+++ b/tests/unit-tests/security/sec-rule-specific.t.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -29,6 +29,8 @@
 namespace security {
 namespace tests {
 
+using namespace ndn::tests;
+
 BOOST_FIXTURE_TEST_SUITE(SecuritySecRuleSpecific, IdentityManagementFixture)
 
 BOOST_AUTO_TEST_CASE(SecRuleSpecificTest)
diff --git a/tests/unit-tests/security/signature-sha256-with-ecdsa.t.cpp b/tests/unit-tests/security/signature-sha256-with-ecdsa.t.cpp
index 2df573b..648af1d 100644
--- a/tests/unit-tests/security/signature-sha256-with-ecdsa.t.cpp
+++ b/tests/unit-tests/security/signature-sha256-with-ecdsa.t.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -31,7 +31,7 @@
 namespace tests {
 
 class SignatureSha256EcdsaTimeFixture : public UnitTestTimeFixture
-                                      , public security::IdentityManagementFixture
+                                      , public IdentityManagementFixture
 {
 public:
   SignatureSha256EcdsaTimeFixture()
diff --git a/tests/unit-tests/security/signature-sha256-with-rsa.t.cpp b/tests/unit-tests/security/signature-sha256-with-rsa.t.cpp
index 5c6f87d..ea3a40f 100644
--- a/tests/unit-tests/security/signature-sha256-with-rsa.t.cpp
+++ b/tests/unit-tests/security/signature-sha256-with-rsa.t.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -31,7 +31,7 @@
 namespace tests {
 
 class SignatureSha256RsaTimeFixture : public UnitTestTimeFixture
-                                    , public security::IdentityManagementFixture
+                                    , public IdentityManagementFixture
 {
 public:
   SignatureSha256RsaTimeFixture()
diff --git a/tests/unit-tests/security/validator-config.t.cpp b/tests/unit-tests/security/validator-config.t.cpp
index 813d28c..1c72e69 100644
--- a/tests/unit-tests/security/validator-config.t.cpp
+++ b/tests/unit-tests/security/validator-config.t.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -32,14 +32,15 @@
 #include "../identity-management-time-fixture.hpp"
 #include "boost-test.hpp"
 
-using namespace std;
-
 namespace ndn {
+namespace security {
 namespace tests {
 
-BOOST_AUTO_TEST_SUITE(SecurityValidatorConfig)
+using namespace ndn::tests;
 
-BOOST_FIXTURE_TEST_CASE(NameFilter, security::IdentityManagementFixture)
+BOOST_FIXTURE_TEST_SUITE(SecurityValidatorConfig, IdentityManagementFixture)
+
+BOOST_AUTO_TEST_CASE(NameFilter)
 {
   Name identity("/TestValidatorConfig/NameFilter");
   identity.appendVersion();
@@ -96,25 +97,24 @@
   const boost::filesystem::path CONFIG_PATH =
     (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
 
-
-  Face face;
+  Face face(nullptr, m_keyChain);
   ValidatorConfig validator(face);
   validator.load(CONFIG, CONFIG_PATH.native());
 
   validator.validate(*data1,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*data2,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(true); });
 
   const boost::filesystem::path CERT_PATH =
     (boost::filesystem::current_path() / std::string("trust-anchor-1.cert"));
   boost::filesystem::remove(CERT_PATH);
 }
 
-BOOST_FIXTURE_TEST_CASE(NameFilter2, security::IdentityManagementFixture)
+BOOST_AUTO_TEST_CASE(NameFilter2)
 {
   Name identity("/TestValidatorConfig/NameFilter2");
   identity.appendVersion();
@@ -177,29 +177,28 @@
   const boost::filesystem::path CONFIG_PATH =
     (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
 
-
-  Face face;
+  Face face(nullptr, m_keyChain);
   ValidatorConfig validator(face);
   validator.load(CONFIG, CONFIG_PATH.native());
 
   validator.validate(*data1,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*data2,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(true); });
 
   validator.validate(*data3,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
 
   const boost::filesystem::path CERT_PATH =
     (boost::filesystem::current_path() / std::string("trust-anchor-2.cert"));
   boost::filesystem::remove(CERT_PATH);
 }
 
-BOOST_FIXTURE_TEST_CASE(NameFilter3, security::IdentityManagementFixture)
+BOOST_AUTO_TEST_CASE(NameFilter3)
 {
   Name identity("/TestValidatorConfig/NameFilter3");
   identity.appendVersion();
@@ -262,29 +261,28 @@
   const boost::filesystem::path CONFIG_PATH =
     (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
 
-
-  Face face;
+  Face face(nullptr, m_keyChain);
   ValidatorConfig validator(face);
   validator.load(CONFIG, CONFIG_PATH.native());
 
   validator.validate(*data1,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(true); });
 
   validator.validate(*data2,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(true); });
 
   validator.validate(*data3,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
 
   const boost::filesystem::path CERT_PATH =
     (boost::filesystem::current_path() / std::string("trust-anchor-3.cert"));
   boost::filesystem::remove(CERT_PATH);
 }
 
-BOOST_FIXTURE_TEST_CASE(NameFilter4, security::IdentityManagementFixture)
+BOOST_AUTO_TEST_CASE(NameFilter4)
 {
   Name identity("/TestValidatorConfig/NameFilter4");
   identity.appendVersion();
@@ -346,29 +344,28 @@
   const boost::filesystem::path CONFIG_PATH =
     (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
 
-
-  Face face;
+  Face face(nullptr, m_keyChain);
   ValidatorConfig validator(face);
   validator.load(CONFIG, CONFIG_PATH.native());
 
   validator.validate(*data1,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*data2,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(true); });
 
   validator.validate(*data3,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
 
   const boost::filesystem::path CERT_PATH =
     (boost::filesystem::current_path() / std::string("trust-anchor-4.cert"));
   boost::filesystem::remove(CERT_PATH);
 }
 
-BOOST_FIXTURE_TEST_CASE(KeyLocatorNameChecker1, security::IdentityManagementFixture)
+BOOST_AUTO_TEST_CASE(KeyLocatorNameChecker1)
 {
   Name identity("/TestValidatorConfig/KeyLocatorNameChecker1");
   identity.appendVersion();
@@ -427,29 +424,28 @@
   const boost::filesystem::path CONFIG_PATH =
     (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
 
-
-  Face face;
+  Face face(nullptr, m_keyChain);
   ValidatorConfig validator(face);
   validator.load(CONFIG, CONFIG_PATH.native());
 
   validator.validate(*data1,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*data2,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(true); });
 
   validator.validate(*data3,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(true); });
 
   const boost::filesystem::path CERT_PATH =
     (boost::filesystem::current_path() / std::string("trust-anchor-5.cert"));
   boost::filesystem::remove(CERT_PATH);
 }
 
-BOOST_FIXTURE_TEST_CASE(FixedSignerChecker, security::IdentityManagementFixture)
+BOOST_AUTO_TEST_CASE(FixedSignerChecker)
 {
   Name identity("/TestValidatorConfig/FixedSignerChecker");
 
@@ -527,29 +523,28 @@
   const boost::filesystem::path CONFIG_PATH =
     (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
 
-
-  Face face;
+  Face face(nullptr, m_keyChain);
   ValidatorConfig validator(face);
   validator.load(CONFIG, CONFIG_PATH.native());
 
   validator.validate(*data1,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*data2,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(true); });
 
   validator.validate(*interest,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(true); });
 
   const boost::filesystem::path CERT_PATH =
     (boost::filesystem::current_path() / std::string("trust-anchor-7.cert"));
   boost::filesystem::remove(CERT_PATH);
 }
 
-BOOST_FIXTURE_TEST_CASE(Reset, security::IdentityManagementFixture)
+BOOST_AUTO_TEST_CASE(Reset)
 {
   Name root("/TestValidatorConfig/Reload");
   BOOST_REQUIRE_NO_THROW(addIdentity(root));
@@ -557,7 +552,7 @@
   shared_ptr<IdentityCertificate> rootCert = m_keyChain.getCertificate(rootCertName);
   io::save(*rootCert, "trust-anchor-8.cert");
 
-  Face face;
+  Face face(nullptr, m_keyChain);
 
   const std::string CONFIG =
     "rule\n"
@@ -617,7 +612,7 @@
   boost::filesystem::remove(CERT_PATH);
 }
 
-BOOST_FIXTURE_TEST_CASE(TrustAnchorWildcard, security::IdentityManagementFixture)
+BOOST_AUTO_TEST_CASE(TrustAnchorWildcard)
 {
   Name identity("/TestValidatorConfig/Wildcard");
   identity.appendVersion();
@@ -638,17 +633,16 @@
   const boost::filesystem::path CONFIG_PATH =
     (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
 
-
-  Face face;
+  Face face(nullptr, m_keyChain);
   ValidatorConfig validator(face);
   validator.load(CONFIG, CONFIG_PATH.native());
 
   validator.validate(*data1,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
 }
 
-BOOST_FIXTURE_TEST_CASE(SignedInterestTest, security::IdentityManagementFixture)
+BOOST_AUTO_TEST_CASE(SignedInterestTest)
 {
   Name identity("/TestValidatorConfig/SignedInterestTest");
 
@@ -700,22 +694,21 @@
   const boost::filesystem::path CONFIG_PATH =
     (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
 
-
-  Face face;
+  Face face(nullptr, m_keyChain);
   ValidatorConfig validator(face);
   validator.load(CONFIG, CONFIG_PATH.native());
 
   validator.validate(*interest1,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*interest2,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*interest1,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(true); });
 
   const boost::filesystem::path CERT_PATH =
     (boost::filesystem::current_path() / std::string("trust-anchor-9.cert"));
@@ -723,7 +716,7 @@
 }
 
 
-BOOST_FIXTURE_TEST_CASE(MaxKeyTest, security::IdentityManagementFixture)
+BOOST_AUTO_TEST_CASE(MaxKeyTest)
 {
   Name identity("/TestValidatorConfig/MaxKeyTest");
 
@@ -807,8 +800,7 @@
   const boost::filesystem::path CONFIG_PATH =
     (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
 
-
-  Face face;
+  Face face(nullptr, m_keyChain);
   ValidatorConfig validator(face,
                             ValidatorConfig::DEFAULT_CERTIFICATE_CACHE,
                             ValidatorConfig::DEFAULT_GRACE_INTERVAL,
@@ -819,24 +811,24 @@
 
   validator.validate(*interest1,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*interest2,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*interest1,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(true); });
 
   validator.validate(*interest3,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   // Should succeed because identity1's key has been cleaned up due to space limit.
   validator.validate(*interest1,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   const boost::filesystem::path CERT_PATH1 =
     (boost::filesystem::current_path() / std::string("trust-anchor-10-1.cert"));
@@ -851,7 +843,7 @@
   boost::filesystem::remove(CERT_PATH3);
 }
 
-BOOST_FIXTURE_TEST_CASE(MaxKeyTest2, security::IdentityManagementFixture)
+BOOST_AUTO_TEST_CASE(MaxKeyTest2)
 {
   Name identity("/TestValidatorConfig/MaxKeyTest");
 
@@ -955,8 +947,7 @@
   const boost::filesystem::path CONFIG_PATH =
     (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
 
-
-  Face face;
+  Face face(nullptr, m_keyChain);
   ValidatorConfig validator(face,
                             ValidatorConfig::DEFAULT_CERTIFICATE_CACHE,
                             ValidatorConfig::DEFAULT_GRACE_INTERVAL,
@@ -967,46 +958,46 @@
 
   validator.validate(*interest1,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*interest2,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*interest3,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*interest1,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(true); });
 
   validator.validate(*interest2,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(true); });
 
   validator.validate(*interest3,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(true); });
 
   sleep(2);
 
   validator.validate(*interest4,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   // Should succeed because identity1 and identity2's key has been cleaned up due to ttl limit.
   validator.validate(*interest1,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*interest2,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*interest3,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
 
   const boost::filesystem::path CERT_PATH1 =
@@ -1026,7 +1017,7 @@
   boost::filesystem::remove(CERT_PATH4);
 }
 
-BOOST_FIXTURE_TEST_CASE(FixedSignerChecker2, security::IdentityManagementFixture)
+BOOST_AUTO_TEST_CASE(FixedSignerChecker2)
 {
   Name rsaIdentity("/TestValidatorConfig/FixedSignerChecker2/Rsa");
   BOOST_REQUIRE_NO_THROW(addIdentity(rsaIdentity));
@@ -1104,26 +1095,25 @@
   const boost::filesystem::path CONFIG_PATH =
     (boost::filesystem::current_path() / std::string("unit-test.conf"));
 
-
-  Face face;
+  Face face(nullptr, m_keyChain);
   ValidatorConfig validator(face);
   validator.load(CONFIG, CONFIG_PATH.native());
 
   validator.validate(*dataEcdsa,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*dataRsa,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(true); });
 
   validator.validate(*interestEcdsa,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   validator.validate(*interestRsa,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(true); });
 
   const boost::filesystem::path CERT_PATH =
     (boost::filesystem::current_path() / std::string("trust-anchor-11.cert"));
@@ -1131,11 +1121,11 @@
 }
 
 
-struct FacesFixture : public security::IdentityManagementTimeFixture
+struct FacesFixture : public IdentityManagementTimeFixture
 {
   FacesFixture()
-    : face1(io, {true, true})
-    , face2(io, {true, true})
+    : face1(io, m_keyChain, {true, true})
+    , face2(io, m_keyChain, {true, true})
     , readInterestOffset1(0)
     , readDataOffset1(0)
     , readInterestOffset2(0)
@@ -1276,7 +1266,7 @@
   advanceClocks(time::milliseconds(2), 100);
   validator->validate(*data1,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
 
   do {
     advanceClocks(time::milliseconds(2), 10);
@@ -1284,7 +1274,7 @@
 
   validator->validate(*data2,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(true); });
 
   do {
     advanceClocks(time::milliseconds(2), 10);
@@ -1425,7 +1415,7 @@
   // should succeed
   validator->validate(*interest1,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   do {
     advanceClocks(time::milliseconds(2), 10);
@@ -1434,7 +1424,7 @@
   // should fail
   validator->validate(*interest2,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(true); });
 
   do {
     advanceClocks(time::milliseconds(2), 10);
@@ -1443,7 +1433,7 @@
   // should succeed
   validator->validate(*interest3,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(false); });
 
   do {
     advanceClocks(time::milliseconds(2), 10);
@@ -1452,7 +1442,7 @@
   // should fail
   validator->validate(*interest4,
     [] (const shared_ptr<const Interest>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Interest>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Interest>&, const std::string&) { BOOST_CHECK(true); });
 
   do {
     advanceClocks(time::milliseconds(2), 10);
@@ -1463,10 +1453,10 @@
   boost::filesystem::remove(CERT_PATH);
 }
 
-struct DirTestFixture : public security::IdentityManagementTimeFixture
+struct DirTestFixture : public IdentityManagementTimeFixture
 {
   DirTestFixture()
-    : face(io, {true, true})
+    : face(io, m_keyChain, {true, true})
     , validator(&face, ValidatorConfig::DEFAULT_CERTIFICATE_CACHE,
                 ValidatorConfig::DEFAULT_GRACE_INTERVAL, 0)
   {
@@ -1565,12 +1555,12 @@
   advanceClocks(time::milliseconds(10), 20);
   validator.validate(*data1,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
   advanceClocks(time::milliseconds(10), 20);
 
   validator.validate(*data2,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(false); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(true); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(true); });
   advanceClocks(time::milliseconds(10), 20);
 
   io::save(*secondCert, secondCertPath.string());
@@ -1578,16 +1568,17 @@
 
   validator.validate(*data1,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
   advanceClocks(time::milliseconds(10), 20);
 
   validator.validate(*data2,
     [] (const shared_ptr<const Data>&) { BOOST_CHECK(true); },
-    [] (const shared_ptr<const Data>&, const string&) { BOOST_CHECK(false); });
+    [] (const shared_ptr<const Data>&, const std::string&) { BOOST_CHECK(false); });
   advanceClocks(time::milliseconds(10), 20);
 }
 
 BOOST_AUTO_TEST_SUITE_END()
 
 } // namespace tests
+} // namespace security
 } // namespace ndn
diff --git a/tests/unit-tests/security/validator.t.cpp b/tests/unit-tests/security/validator.t.cpp
index b91e5d3..dd2ecd1 100644
--- a/tests/unit-tests/security/validator.t.cpp
+++ b/tests/unit-tests/security/validator.t.cpp
@@ -1,6 +1,6 @@
 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
 /**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
  *
  * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
  *
@@ -30,7 +30,7 @@
 
 using std::string;
 
-BOOST_FIXTURE_TEST_SUITE(SecurityValidator, security::IdentityManagementFixture)
+BOOST_FIXTURE_TEST_SUITE(SecurityValidator, IdentityManagementFixture)
 
 void
 onValidated(const shared_ptr<const Data>& data)