Acta Informatica Pragensia 2018, 7(1), 40-57 | DOI: 10.18267/j.aip.1135148

Classification and Evaluation of Cloud-Based Testing Tools: The Case Study of Web Applications’ Security Testing

Martin Lněnička, Jan Čapek
Institute of System Engineering and Informatics, Faculty of Economics and Administration, University of Pardubice, Studentska 84, 532 10 Pardubice, Czech Republic

The purpose of the article is to give a survey of research fields related to test and manage applications from the cloud, i.e. cloud-based testing, so that it can facilitate security requirements associated with the testing. This article has two main aims. The first one is the survey of published results attained by the synergy of these research fields – cloud-based testing, testing strategies and types of tests, and related architectures, which is followed by the classification of testing tools based on their testing strategies. The second part is focused on security testing of Fire and Rescue Service portals in the Czech Republic and identification of vulnerabilities in these portals. The results suggested that it is more appropriate to manage only one unified portal than a lot of portals on the regional level, also due to the economies of scale. Finally, the most suitable tool for cloud-based security testing was recommended based on these results and a typical cloud-based testing methodology was described.

Keywords: Cloud computing, Cloud-based testing, Web applications, Security, Case study

Accepted: December 5, 2017; Prepublished online: December 5, 2017; Published: June 30, 2018  Show citation

ACS AIP APA ASA Harvard Chicago Chicago Notes IEEE ISO690 MLA NLM Turabian Vancouver
Lněnička, M., & Čapek, J. (2018). Classification and Evaluation of Cloud-Based Testing Tools: The Case Study of Web Applications’ Security Testing. Acta Informatica Pragensia7(1), 40-57. doi: 10.18267/j.aip.113
Download citation
  • BibTeX (.bib)
  • Bookends (.ris)
  • EasyBib (.ris)
  • EndNote (.enw)
  • EndNote 8 (.xml)
  • ISI WoS (.isi)
  • Medlars (.medlars)
  • Mendeley (.ris)
  • MODS (.xml)
  • Papers (.ris)
  • RefWorks (.txt)
  • RefManager (.ris)
  • RIS (.ris)
  • MS Word (.xml)
  • Zotero (.ris)
    • Open full article

    References

    1. Ajay, D. M., & Umamaheswari, E. (2016). An Initiation for Testing the Security of a Cloud Service Provider. In V. Vijayakumar & V. Neelanarayanan (Eds.), Proceedings of the 3rd International Symposium on Big Data and Cloud Computing Challenges (pp. 33-41). Cham: Springer. doi: 10.1007/978-3-319-30348-2_3 Go to original source...
    2. Akerele O., Ramachandran M., & Dixon M. (2013). Testing in the Cloud: Strategies, Risks and Benefits. In Z. Mahmood & S. Saeed (Eds.), Software Engineering Frameworks for the Cloud Computing Paradigm. Computer Communications and Networks (pp. 165-185). London: Springer. doi: 10.1007/978-1-4471-5031-2_8 Go to original source...
    3. Bai, X., Li, M., Chen, B., Tsai, W.-T., & Gao, J. (2011). Cloud Testing Tools. In Proceedings of the IEEE 6th International Symposium on Service Oriented System Engineering (pp. 1-12). New York: IEEE. doi: 10.1109/SOSE.2011.6139087 Go to original source...
    4. Čapek, J. (2012). Cloud Computing and Information Security. Scientific Papers of the University of Pardubice, Series D, Faculty of Economics and Administration, 18(24), 23-30.
    5. Dai, W. W., Riliskis, L., Vyatkin, V., Osipov, E., & Delsing, J. (2014). A configurable cloud-based testing infrastructure for interoperable distributed automation systems. In Proceedings of the 40th Annual Conference of the IEEE Industrial Electronics Society (pp. 2492-2498). New York: IEEE. Go to original source...
    6. Gao, J., Bai, X., & Tsai, W. T. (2011). Cloud Testing - Issues, Challenges, Needs and Practice. Software Engineering: An International Journal, 1(1), 9-23.
    7. Gao, J., Bai, X., Tsai, W. T., & Uehara, T. (2013). Testing as a Service (TaaS) on Clouds. In Proceedings of the IEEE 7th International Symposium on Service Oriented System Engineering (pp. 212-223). New York: IEEE. doi: 10.1109/SOSE.2013.66 Go to original source...
    8. Harikrishna, P., & Amuthan, A. (2016). A Survey of Testing as a Service in Cloud computing. In Proceedings of the International Conference on Computer Communication and Informatics (pp. 1-5). New York: IEEE. doi: 10.1109/ICCCI.2016.7479949 Go to original source...
    9. Hsieh, S. J., Yuan, S. M., Luo, G. H., & Chen, H. W. (2014). A flexible public cloud based testing service for heterogeneous testing targets. In Proceedings of the 16th Asia-Pacific Network Operations and Management Symposium (pp. 1-3). New York: IEEE. doi: 10.1109/APNOMS.2014.6996521 Go to original source...
    10. Inçki, K., Ari, I., & Sözer, H. (2012). A Survey of Software Testing in the Cloud. In Proceedings of the IEEE Sixth International Conference on Software Security and Reliability Companion (pp. 18-23). New York: IEEE. doi: 10.1109/SERE-C.2012.32 Go to original source...
    11. Jun, W., & Meng, F. (2011). Software Testing Based on Cloud Computing. In Proceedings of the International Conference on Internet Computing Information Services (pp. 176-178). New York: IEEE. doi: 10.1109/ICICIS.2011.51 Go to original source...
    12. Kuo, J. Y., Liu, C. H., & Yu, W. T. (2015). The Study of Cloud-Based Testing Platform for Android. In Proceedings of the IEEE International Conference on Mobile Services (pp. 197-201). New York: IEEE. doi: 10.1109/MobServ.2015.36 Go to original source...
    13. Li, A., Yang, X., Kandula, S., & Zhang, M. (2010). CloudCmp: Comparing public cloud providers. In Proceedings of the 10th ACM SIGCOMM conference on Internet measurement (pp. 1-14). New York: ACM. Go to original source...
    14. Lněnička, M. (2013). Cloud-Based Testing of Business Applications and Web Services. Scientific Papers of the University of Pardubice, Series D, Faculty of Economics and Administration, 20(26), 66-78.
    15. Malhotra, R., & Jain, P. (2013). Testing Techniques and its Challenges in a Cloud Computing Environment. SIJ Transactions on Computer Science Engineering & its Applications, 1(3), 88-93. Go to original source...
    16. Nachiyappan, S., & Justus, S. (2015). Cloud Testing Tools and its Challenges: A Comparative Study. Procedia Computer Science, 50, 482-489. doi: 10.1016/j.procs.2015.04.018 Go to original source...
    17. Narayanan, C. V. (2010). Testing, the 'Cloud' Way. Siliconindia. Retrieved November 15, 2017, from https://www.siliconindia.com/magazine_articles/Testing_the_%E2%80%98Cloud%E2%80%99_Way-NLJO444799615.html
    18. Petticrew, M. & Roberts, H. (2006). Systematic Reviews in the Social Sciences: A Practical Guide. Malden: Blackwell Publishing. Go to original source...
    19. Priyanka, C., Chana, I., & Rana, A. (2012). Empirical Evaluation of Cloud-based Testing Techniques: A Systematic Review. ACM SIGSOFT Software Engineering Notes, 37(3), 1-9. doi: 10.1145/180921.2180938 Go to original source...
    20. Riungu, L. M., Taipale, O., & Smolander, K. (2010). Research Issues for Software Testing in the Cloud. In Proceedings of the IEEE Second International Conference on Cloud Computing Technology and Science (pp. 557-564). New York: IEEE. doi: 10.1109/CloudCom.2010.58 Go to original source...
    21. Riungu-Kalliosaari, L., Taipale, O., & Smolander, K. (2012). Testing in the Cloud: Exploring the Practice. IEEE Software, 29(2), 46-51. doi: 10.1109/MS.2011.132 Go to original source...
    22. Riungu-Kalliosaari, L., Taipale, O., Smolander, K., & Richardson, I. (2016). Adoption and use of cloud-based testing in practice. Software Quality Journal, 24(2), 337-364. doi: 10.1007/s11219-014-9256-0 Go to original source...
    23. Robinson, P., & Ragusa, C. (2011). Taxonomy and requirements rationalization for infrastructure in cloud-based software testing. In Proceedings of the IEEE Third International Conference on Cloud Computing Technology and Science (pp. 454-461). New York: IEEE. doi: 10.1109/CloudCom.2011.67 Go to original source...
    24. Shklar, L., & Rosen, R. (2009). Web Application Architecture: Principles, Protocols and Practices. Chichester: Wiley.
    25. Tung, Y. H., Lin, C. C., & Shan, H. L. (2014). Test as a Service: A framework for Web security TaaS service in cloud environment. In Proceedings of the IEEE 8th International Symposium on Service Oriented System Engineering (pp. 212-217). New York: IEEE. doi: 10.1109/SOSE.2014.36 Go to original source...
    26. Zech, P. (2011). Risk-Based Security Testing in Cloud Computing Environments. In Proceedings of the IEEE Fourth International Conference on Software Testing, Verification and Validation (pp. 411-414). New York: IEEE. doi: 10.1109/ICST.2011.23 Go to original source...
    27. Zech, P., Felderer, M., & Breu, R. (2012). Towards a Model-Based Security Testing Approach of Cloud Computing Environments. In Proceedings of the IEEE Sixth International Conference on Software Security and Reliability Companion (pp. 47-56). New York: IEEE. doi: 10.1109/SERE-C.2012.11 Go to original source...
    28. Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation Computer Systems, 28(3), 583-592. doi: 10.1016/j.future.2010.12.006 Go to original source...

    This is an open access article distributed under the terms of the Creative Commons Attribution 4.0 International License (CC BY 4.0), which permits use, distribution, and reproduction in any medium, provided the original publication is properly cited. No use, distribution or reproduction is permitted which does not comply with these terms.


    Return to the content