Classification and Evaluation of Cloud-Based Testing Tools: The Case Study of Web Applications' Security Testing

Abstract

The purpose of the article is to give a survey of research fields related to test and manage applications from the cloud, i.e. cloud-based testing, so that it can facilitate security requirements associated with the testing. This article has two main aims. The first one is the survey of published results attained by the synergy of these research fields – cloud-based testing, testing strategies and types of tests, and related architectures, which is followed by the classification of testing tools based on their testing strategies. The second part is focused on security testing of Fire and Rescue Service portals in the Czech Republic and identification of vulnerabilities in these portals. The results suggested that it is more appropriate to manage only one unified portal than a lot of portals on the regional level, also due to the economies of scale. Finally, the most suitable tool for cloud-based security testing was recommended based on these results and a typical cloud-based testing methodology was described.