移动云计算应用渗透测试模型设计

Int. J. Inf. Comput. Secur. Pub Date : 2020-04-30 DOI:10.1504/ijics.2020.108849

A. Al-Ahmad, S. A. Aljunid, N. K. Ismail

{"title":"移动云计算应用渗透测试模型设计","authors":"A. Al-Ahmad, S. A. Aljunid, N. K. Ismail","doi":"10.1504/ijics.2020.108849","DOIUrl":null,"url":null,"abstract":"Mobile cloud computing (MCC) is a promising technology due to its features that mitigate mobile computing limitations and enhances cloud services. However, penetration testing is more challenging when conducted on MCC applications. These applications use offloading, and thus another layer of complexity in generating, selecting and executing test cases, which implies and requires an MCC applications penetration testing offloading-awareness model. To overcome these challenges, a penetration testing model for mobile cloud computing applications is designed. This model defines the process of penetration testing over MCC applications including penetration test preparation, test case generation, selection and execution processes. Key components of this offloading-awareness model are state management and mobile agent while other components are adapted from previous penetration testing models for the web, cloud or mobile applications. This model will enable penetration testers to tackle the mobile cloud computing complexity and uniqueness. Currently, we are preparing the evaluation of the model against these MCC applications.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"147 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Mobile cloud computing applications penetration testing model design\",\"authors\":\"A. Al-Ahmad, S. A. Aljunid, N. K. Ismail\",\"doi\":\"10.1504/ijics.2020.108849\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Mobile cloud computing (MCC) is a promising technology due to its features that mitigate mobile computing limitations and enhances cloud services. However, penetration testing is more challenging when conducted on MCC applications. These applications use offloading, and thus another layer of complexity in generating, selecting and executing test cases, which implies and requires an MCC applications penetration testing offloading-awareness model. To overcome these challenges, a penetration testing model for mobile cloud computing applications is designed. This model defines the process of penetration testing over MCC applications including penetration test preparation, test case generation, selection and execution processes. Key components of this offloading-awareness model are state management and mobile agent while other components are adapted from previous penetration testing models for the web, cloud or mobile applications. This model will enable penetration testers to tackle the mobile cloud computing complexity and uniqueness. Currently, we are preparing the evaluation of the model against these MCC applications.\",\"PeriodicalId\":164016,\"journal\":{\"name\":\"Int. J. Inf. Comput. Secur.\",\"volume\":\"147 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-04-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Int. J. Inf. Comput. Secur.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1504/ijics.2020.108849\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Inf. Comput. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/ijics.2020.108849","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

摘要

移动云计算(MCC)是一项很有前途的技术，因为它具有减轻移动计算限制和增强云服务的特性。然而，在MCC应用程序上进行渗透测试更具挑战性。这些应用程序使用卸载，因此在生成、选择和执行测试用例时又增加了一层复杂性，这意味着并需要MCC应用程序渗透测试卸载感知模型。为了克服这些挑战，设计了一个针对移动云计算应用的渗透测试模型。该模型定义了MCC应用程序上的渗透测试过程，包括渗透测试准备、测试用例生成、选择和执行过程。这个卸载感知模型的关键组件是状态管理和移动代理，而其他组件则改编自以前针对web、云或移动应用程序的渗透测试模型。该模型将使渗透测试人员能够解决移动云计算的复杂性和独特性。目前，我们正准备针对这些MCC应用程序对模型进行评估。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Mobile cloud computing applications penetration testing model design

Mobile cloud computing (MCC) is a promising technology due to its features that mitigate mobile computing limitations and enhances cloud services. However, penetration testing is more challenging when conducted on MCC applications. These applications use offloading, and thus another layer of complexity in generating, selecting and executing test cases, which implies and requires an MCC applications penetration testing offloading-awareness model. To overcome these challenges, a penetration testing model for mobile cloud computing applications is designed. This model defines the process of penetration testing over MCC applications including penetration test preparation, test case generation, selection and execution processes. Key components of this offloading-awareness model are state management and mobile agent while other components are adapted from previous penetration testing models for the web, cloud or mobile applications. This model will enable penetration testers to tackle the mobile cloud computing complexity and uniqueness. Currently, we are preparing the evaluation of the model against these MCC applications.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Int. J. Inf. Comput. Secur.

自引率

0.00%

发文量