Literature Review of Mobile Applications Testing on Cloud from Information Security Perspective

Bahl, Shilpa; Chaturvedi, Madhav

doi:10.5120/13809-1799

Cited by 2 publications

(1 citation statement)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, the test case selection process, especially in MCC application penetration testing, is essential. This process will select specific test cases that reduce the required time and resources while retaining the accepted test cases coverage [77], [105].…”

Section: Rq4: What Are the Penetration Testing Process And The Benefits And Limitations Of Each Identified Model And Which Aspect Can Be mentioning

confidence: 99%

Systematic Literature Review on Penetration Testing for Mobile Cloud Computing Applications

et al. 2019

View full text Add to dashboard Cite

Mobile cloud computing (MCC) enables mobile devices to exploit seamless cloud services via offloading, and has numerous advantages and increased security and complexity. Penetration testing of mobile applications has become more complex and expensive due to several parameters, such as the platform, device heterogeneity, context event types, and offloading. Numerous studies have been published in the MCC domain, whereas few studies have addressed the common issues and challenges of MCC testing. However, current studies do not address MCC and penetration testing. Therefore, revisiting MCC and penetration testing domains is essential to overcoming the inherent complexity and reducing costs. Motivated by the importance of revisiting these domains, this paper pursues two objectives: to provide a comprehensive systematic literature review (SLR) of the MCC, security and penetration testing domains and to establish the requirements for penetration testing of MCC applications. This paper has systematically reviewed previous penetration testing models and techniques based on the requirements in Kitchenham's SLR guidelines. The SLR outcome has indicated the following deficiencies: the offloading parameter is disregarded; studies that address mobile, cloud, and web vulnerabilities are lacking; and a MCC application penetration testing model has not been addressed by current studies. In particular, offloading and mobile state management are two new and vital requirements that have not been addressed to reveal hidden security vulnerabilities, facilitate mutual trust, and enable developers to build more secure MCC applications. Beneficial review results that can contribute to future research are presented.INDEX TERMS Mobile cloud computing, penetration testing, offloading, mobile testing, cloud testing.

show abstract

Section: Rq4: What Are the Penetration Testing Process And The Benefits And Limitations Of Each Identified Model And Which Aspect Can Be mentioning

confidence: 99%

Systematic Literature Review on Penetration Testing for Mobile Cloud Computing Applications

et al. 2019

View full text Add to dashboard Cite

show abstract

Security Requirements Validation for Mobile Apps: A Systematic Literature Review

2015

View full text Add to dashboard Cite

Security requirements are important to increase the confidence of mobile users to perform many online transactions, such as banking, booking and payment via mobile devices. Objective: This study aims to identify the attributes of security requirements for mobile applications (mobile apps) and the existing tools, techniques and approaches used in security requirements. The gaps and limitations for each approach are also discussed. Method: We conducted a systematic literature review to identify and analyse related literatures on validation of security requirements for mobile apps. We identified 68 studies that provide relevant information on security requirements for mobile apps. Result: There were two main findings: (1) the attributes of security requirements that are relevant for mobile apps are authentication, confidentiality, authorization, access control and integrity; (2) Mobile security testing methods for validating security requirements of mobile apps were also identified. Finally, the gaps and limitation of each approach requirements in relation to mobile apps were also discussed. Conclusions: The main challenge of security requirements is to identify the most appropriate security attributes and security testing technique to validate security requirements for mobile apps. As such, requirements engineers should consider the challenges posed by security requirements such as testing when validating and developing security requirements for mobile apps testing technique. Further, correct security requirements for security attributes of security requirements need to be considered at the early stage of development of the mobile apps development.

show abstract

Literature Review of Mobile Applications Testing on Cloud from Information Security Perspective

Cited by 2 publications

References 25 publications

Systematic Literature Review on Penetration Testing for Mobile Cloud Computing Applications

Systematic Literature Review on Penetration Testing for Mobile Cloud Computing Applications

Security Requirements Validation for Mobile Apps: A Systematic Literature Review

Contact Info

Product

Resources

About