Risk-Based Security Testing in Cloud Computing Environments

Zech, Philipp

doi:10.1109/icst.2011.23

Cited by 37 publications

(25 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Each test case is prioritized on the basis of the product of risk exposure value manually determined by domain experts and the correlation between test cases and risks determined by mutation analysis. The effectiveness is shown by comparing the number and severity of faults detected to the approach of Chen et al 09 Zech [24] The approach is model-based and derives a risk model from a system model and a vulnerability knowledge base. On this basis a misuse case model is derived and test code generated from this model is executed.…”

Section: Risk-based Testing Approachesmentioning

confidence: 99%

A Risk Assessment Framework for Software Testing

Felderer

Haisjackl

Pekar

et al. 2014

Leveraging Applications of Formal Methods, Verification and Validation. Specialized Techniques and Applications

View full text Add to dashboard Cite

Abstract. In industry, testing has to be performed under severe pressure due to limited resources. Risk-based testing which uses risks to guide the test process is applied to allocate resources and to reduce product risks. Risk assessment, i.e., risk identification, analysis and evaluation, determines the significance of the risk values assigned to tests and therefore the quality of the overall risk-based test process. In this paper we provide a risk assessment model and its integration into an established test process. This framework is derived on the basis of best practices extracted from published risk-based testing approaches and applied to an industrial test process.

show abstract

Section: Risk-based Testing Approachesmentioning

confidence: 99%

A Risk Assessment Framework for Software Testing

Felderer

Haisjackl

Pekar

et al. 2014

Leveraging Applications of Formal Methods, Verification and Validation. Specialized Techniques and Applications

View full text Add to dashboard Cite

show abstract

“…[29], [30], [35], [36], [37] Migration to Cloud X [38], [39], [40], [41], [6] [6] X [38], [41], [6], [39], [40] [ mobile devices or check the applications' conformance to certain standards [11]. Unit testing activities are another area where on-demand software testing service can be utilized.…”

Section: Testing On the Cloudmentioning

confidence: 99%

A Survey of Software Testing in the Cloud

Arı

et al. 2012

2012 IEEE Sixth International Conference on Software Security and Reliability Companion

View full text Add to dashboard Cite

Abstract-Cloud computing has emerged as a new computing paradigm that impacts several different research fields, including software testing. Testing cloud applications has its own peculiarities that demand for novel testing methods and tools. On the other hand, cloud computing also facilitates and provides opportunities for the development of more effective and scalable software testing techniques. This paper reports on a systematic survey of published results attained by the synergy of these two research fields. We provide an overview regarding main contributions, trends, gaps, opportunities, challenges and possible research directions. We provide a review of software testing over the cloud literature and categorize the body of work in the field.

show abstract

“…In a cloud computing environment security testing should be applied on three layers: infrastructure, platform, and the service layer. Further, using PaaS or IaaS, the cloud provider itself cannot assure a customer's application security, as application specific code often introduces its own risks (Zech, 2011). This conflict in the security may be solved in the Service Level Agreement (SLA).…”

Section: Research Methodology and Methodsmentioning

confidence: 99%

Classification and Evaluation of Cloud-Based Testing Tools: The Case Study of Web Applications' Security Testing

Lněnička¹,

Čapek²

2018

AIP

View full text Add to dashboard Cite

The purpose of the article is to give a survey of research fields related to test and manage applications from the cloud, i.e. cloud-based testing, so that it can facilitate security requirements associated with the testing. This article has two main aims. The first one is the survey of published results attained by the synergy of these research fields -cloud-based testing, testing strategies and types of tests, and related architectures, which is followed by the classification of testing tools based on their testing strategies. The second part is focused on security testing of Fire and Rescue Service portals in the Czech Republic and identification of vulnerabilities in these portals. The results suggested that it is more appropriate to manage only one unified portal than a lot of portals on the regional level, also due to the economies of scale. Finally, the most suitable tool for cloud-based security testing was recommended based on these results and a typical cloud-based testing methodology was described.

show abstract

Risk-Based Security Testing in Cloud Computing Environments

Cited by 37 publications

References 7 publications

A Risk Assessment Framework for Software Testing

A Risk Assessment Framework for Software Testing

A Survey of Software Testing in the Cloud

Classification and Evaluation of Cloud-Based Testing Tools: The Case Study of Web Applications' Security Testing

Contact Info

Product

Resources

About