Enabling automated integration testing of cloud application services in virtualized environments
Proceedings of the 2011 Conference of the Center for Advanced Studies on Collaborative Research
Empirical evaluation of cloud-based testing techniques: a systematic review
ACM SIGSOFT Software Engineering Notes
| Hi-index | 0.00 |
Assuring the security of a software system in terms of testing nowadays still is a quite tricky task to conduct. Security requirements are taken as a foundation to derive tests to be executed against a system under test. Yet, these positive requirements by far do not cover all the relevant security aspects to be considered. Hence, especially in the event of security testing, negative requirements, derived from risk analysis, are vital to be incorporated. If considering today's emerging trend in the adoption of cloud computing, security testing even has a more important significance. Due to a cloud's openness, in theory there exists an infinite number of tests. Hence, a concise technique to incorporate the results of risk analysis in security testing is inevitable. We therefore propose a new model-driven methodology for the security testing of cloud environments, ingesting misuse cases, defined by negative requirements derived from risk analysis.