Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad
Mobile cloud computing (MCC) technology possess features mitigating mobile limitations and enhancing cloud services. MCC application penetration testing issues are complex and unique which make the testing difficult for junior penetration testers. It is complex as MCC applications have three interse...
Saved in:
| Main Author: | |
|---|---|
| Format: | Book Section |
| Language: | English |
| Published: |
Institute of Graduate Studies, UiTM
2017
|
| Subjects: | |
| Online Access: | http://ir.uitm.edu.my/id/eprint/19704/1/ABS_AHMAD%20SALAH%20MAHMOUD%20AL-AHMAD%20TDRA%20VOL%2011%20IGS%2017.pdf http://ir.uitm.edu.my/id/eprint/19704/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.uitm.ir.19704 |
|---|---|
| record_format |
eprints |
| spelling |
my.uitm.ir.197042018-06-07T06:06:05Z http://ir.uitm.edu.my/id/eprint/19704/ Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad Mahmoud Al-Ahmad, Ahmad Salah Malaysia Mobile cloud computing (MCC) technology possess features mitigating mobile limitations and enhancing cloud services. MCC application penetration testing issues are complex and unique which make the testing difficult for junior penetration testers. It is complex as MCC applications have three intersecting vulnerability domains, namely mobile, web, and cloud. The offloading process adds uniqueness and complexity to the MCC application penetration testing in terms of generating, selecting and executing test cases. To solve these issues, this thesis constructs a model for MCC application penetration testing that reduces the complexity, tackles the uniqueness and assists junior testers in conducting penetration tests on MCC applications more effectively and efficiently. The main objectives of this thesis are to discover the issues in conducting penetration testing on MCC applications and to construct and evaluate MCC application penetration testing model. Design science research methodology is applied with four phases: (i) Theoretical framework construction phase (ii) Model construction phase entails designing the components and processes of MCC application penetration to reduce the complexity and address offloading; (iii) Model implementation phase implements the components and processes of the model into model guidelines and integrated tool called PT2-MCC. This tool manages the repositories, generates and selects test cases, and implements the mobile agent component; (iv) Model evaluation phase applies case study approach and uses an evaluation framework to evaluate the model against selected testing quality and performance attributes. In model evaluation phase, a junior penetration tester conducted two case studies on two MCC applications built by extending two open source native mobile applications… Institute of Graduate Studies, UiTM 2017 Book Section PeerReviewed text en http://ir.uitm.edu.my/id/eprint/19704/1/ABS_AHMAD%20SALAH%20MAHMOUD%20AL-AHMAD%20TDRA%20VOL%2011%20IGS%2017.pdf Mahmoud Al-Ahmad, Ahmad Salah (2017) Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad. In: The Doctoral Research Abstracts. IGS Biannual Publication, 11 (11). Institute of Graduate Studies, UiTM, Shah Alam. |
| institution |
Universiti Teknologi Mara |
| building |
Tun Abdul Razak Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Mara |
| content_source |
UiTM Institutional Repository |
| url_provider |
http://ir.uitm.edu.my/ |
| language |
English |
| topic |
Malaysia |
| spellingShingle |
Malaysia Mahmoud Al-Ahmad, Ahmad Salah Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad |
| description |
Mobile cloud computing (MCC) technology possess features mitigating mobile limitations and enhancing cloud services. MCC application penetration testing issues are complex and unique which make the testing difficult for junior penetration testers. It is complex as MCC applications have three intersecting vulnerability domains, namely mobile, web, and cloud. The offloading process adds uniqueness and complexity to the MCC application penetration testing in terms of generating, selecting and executing test cases. To solve these issues, this thesis constructs a model for MCC application penetration testing that reduces the complexity, tackles the uniqueness and assists junior testers in conducting penetration tests on MCC applications more effectively and efficiently. The main objectives of this thesis are to discover the issues in conducting penetration testing on MCC applications and to construct and evaluate MCC application penetration testing model. Design science research methodology is applied with four phases: (i) Theoretical framework construction phase (ii) Model construction phase entails designing the components and processes of MCC application penetration to reduce the complexity and address offloading; (iii) Model implementation phase implements the components and processes of the model into model guidelines and integrated tool called PT2-MCC. This tool manages the repositories, generates and selects test cases, and implements the mobile agent component; (iv) Model evaluation phase applies case study approach and uses an evaluation framework to evaluate the model against selected testing quality and performance attributes. In model evaluation phase, a junior penetration tester conducted two case studies on two MCC applications built by extending two open source native mobile applications… |
| format |
Book Section |
| author |
Mahmoud Al-Ahmad, Ahmad Salah |
| author_facet |
Mahmoud Al-Ahmad, Ahmad Salah |
| author_sort |
Mahmoud Al-Ahmad, Ahmad Salah |
| title |
Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad |
| title_short |
Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad |
| title_full |
Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad |
| title_fullStr |
Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad |
| title_full_unstemmed |
Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad |
| title_sort |
penetration testing model for mobile cloud computing applications / ahmad salah mahmoud al-ahmad |
| publisher |
Institute of Graduate Studies, UiTM |
| publishDate |
2017 |
| url |
http://ir.uitm.edu.my/id/eprint/19704/1/ABS_AHMAD%20SALAH%20MAHMOUD%20AL-AHMAD%20TDRA%20VOL%2011%20IGS%2017.pdf http://ir.uitm.edu.my/id/eprint/19704/ |
| _version_ |
1685649247337185280 |
| score |
13.2014675 |