基于云的测试工具分类与评估——以Web应用程序安全测试为例

IF 0.8 Q4 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS

Acta Informatica Pragensia Pub Date : 2018-06-30 DOI:10.18267/j.aip.113

Martin Lnenicka, J. Čapek

{"title":"基于云的测试工具分类与评估——以Web应用程序安全测试为例","authors":"Martin Lnenicka, J. Čapek","doi":"10.18267/j.aip.113","DOIUrl":null,"url":null,"abstract":"The purpose of the article is to give a survey of research fields related to test and manage applications from the cloud, i.e. cloud-based testing, so that it can facilitate security requirements associated with the testing. This article has two main aims. The first one is the survey of published results attained by the synergy of these research fields – cloud-based testing, testing strategies and types of tests, and related architectures, which is followed by the classification of testing tools based on their testing strategies. The second part is focused on security testing of Fire and Rescue Service portals in the Czech Republic and identification of vulnerabilities in these portals. The results suggested that it is more appropriate to manage only one unified portal than a lot of portals on the regional level, also due to the economies of scale. Finally, the most suitable tool for cloud-based security testing was recommended based on these results and a typical cloud-based testing methodology was described.","PeriodicalId":36592,"journal":{"name":"Acta Informatica Pragensia","volume":null,"pages":null},"PeriodicalIF":0.8000,"publicationDate":"2018-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Classification and Evaluation of Cloud-Based Testing Tools: The Case Study of Web Applications' Security Testing\",\"authors\":\"Martin Lnenicka, J. Čapek\",\"doi\":\"10.18267/j.aip.113\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The purpose of the article is to give a survey of research fields related to test and manage applications from the cloud, i.e. cloud-based testing, so that it can facilitate security requirements associated with the testing. This article has two main aims. The first one is the survey of published results attained by the synergy of these research fields – cloud-based testing, testing strategies and types of tests, and related architectures, which is followed by the classification of testing tools based on their testing strategies. The second part is focused on security testing of Fire and Rescue Service portals in the Czech Republic and identification of vulnerabilities in these portals. The results suggested that it is more appropriate to manage only one unified portal than a lot of portals on the regional level, also due to the economies of scale. Finally, the most suitable tool for cloud-based security testing was recommended based on these results and a typical cloud-based testing methodology was described.\",\"PeriodicalId\":36592,\"journal\":{\"name\":\"Acta Informatica Pragensia\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.8000,\"publicationDate\":\"2018-06-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Acta Informatica Pragensia\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.18267/j.aip.113\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Acta Informatica Pragensia","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.18267/j.aip.113","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}

引用次数: 2

摘要

本文的目的是对与从云(即基于云的测试)测试和管理应用程序相关的研究领域进行调查，以便促进与测试相关的安全需求。本文有两个主要目的。第一部分是对这些研究领域——基于云的测试、测试策略和测试类型以及相关架构——协同取得的已发表成果的调查，然后是根据测试策略对测试工具进行分类。第二部分侧重于捷克共和国消防和救援服务门户的安全测试以及这些门户中的漏洞识别。结果表明，由于规模经济的原因，仅管理一个统一的门户比在区域级别上管理许多门户更合适。最后，根据这些结果推荐了最适合基于云的安全测试的工具，并描述了一种典型的基于云的测试方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Classification and Evaluation of Cloud-Based Testing Tools: The Case Study of Web Applications' Security Testing

The purpose of the article is to give a survey of research fields related to test and manage applications from the cloud, i.e. cloud-based testing, so that it can facilitate security requirements associated with the testing. This article has two main aims. The first one is the survey of published results attained by the synergy of these research fields – cloud-based testing, testing strategies and types of tests, and related architectures, which is followed by the classification of testing tools based on their testing strategies. The second part is focused on security testing of Fire and Rescue Service portals in the Czech Republic and identification of vulnerabilities in these portals. The results suggested that it is more appropriate to manage only one unified portal than a lot of portals on the regional level, also due to the economies of scale. Finally, the most suitable tool for cloud-based security testing was recommended based on these results and a typical cloud-based testing methodology was described.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Acta Informatica Pragensia Social Sciences-Library and Information Sciences

CiteScore

1.70

自引率

0.00%

发文量

审稿时长

12 weeks