Академический Документы
Профессиональный Документы
Культура Документы
I.
II.
I NTRODUCTION
In [1], the authors provide a high level overview of Cloud services testing and poses few research challenges in this regard.
In [2], the authors categorize different SaaS testing dimensions
and the challenges associated with it. They describe some high
level view on testing SaaS applications and categorize them in
a comprehensive manner.
There are several frameworks existing for testing some specific
aspects of Cloud testing. In [3], the author describes the framework used by Microsoft to test their Cloud platform Microsoft
Windows Azure. It describes the approach for testing both onpremise and azure run times. In [4], the author describes the
test mechanism for testing Google App Engines API Client
library.
L ITERATURE R EVIEW
Fig. 1.
Fig. 2.
C. Performance Testing
B. Security Testing
E. Multi-tenancy Testing
In addition to multi-tenant penetration testing and multitenant performance testing, we need to test several scenarios
136
Fig. 3.
under multi-tenant environments. Various levels of multitenancy are described in [24]. Rigid failure containment between tenants needs to be evaluated during the test phase.
According to [19], it means that failure of one tenant instance
does not cascade to other tenant instances, and that service
transition activities properly apply to individual application
instances rather than inadvertently impacting multiple tenant
application instances.
Multi-tenancy also introduces the risk of correlated or synchronized behaviors [20] that can stress the underlying virtualized
platform, such as when multiple application instances execute
the same recovery action or periodic maintenance actions
simultaneously. Finally, the service transition activity analysis
[19] should verify that no service transition activity impacts
active application instances that are not the explicit target of the
activity. In addition to traditional service transition activities,
the multi-tenancy analysis should also verify that there is no
service impact on other tenant instances when each and every
tenant-specific configuration parameter is changed.
B. Security Testing
In addition to above test dimensions, we need to perform compatibility testing, interoperability testing, integration testing and web portal testing. We need to test the
platform/application across multiple operating systems and
multiple browsers. Further, platforms might provide different
APIs for users to build applications. In such cases we need to
test for API integration.
IV.
PCTF A RCHITECTURE
137
C. Integration testing
[5]
Zeng Li, Liam OBrien, Rainbow Cai and He Zhang, Towards a Taxonomy of Performance Evaluation of Commercial Cloud Services, 2012
IEEE Fifth International Conference on Cloud Computing
[6] Liang Zhao, Evaluating Cloud Platform Architecture with the CARE
Framework, Software Engineering Conference (APSEC), 2010 17th Asia
Pacific, pp: 60-69,
[7] Nezih Yigitbasi, Alexandru Iosup, Dick Epema and Simon Ostermann,
C-Meter: A Framework for Performance Analysis of Computing Clouds,
9th IEEE/ACM International Symposium on Cluster Computing and the
Grid, 2009
[8] Scott Tilley, T. P. (2012). Software Testing in the Cloud: Migration and
Execution. Springer.
[9] Vincent C. Emeakaroha, Ivona Brandic, Michael Maurer, Schahram
Dustdar: Low level Metrics to High level SLAs - LoM2HiS framework:
Bridging the gap between monitored metrics and SLA parameters in
cloud environments. HPCS 2010: 48-54
[10] Angelo Ciampa, Corrado Aaron Visaggio, and Massimiliano Di Penta.
2010. A heuristic-based approach for detecting SQL-injection vulnerabilities in web applications. In Proceedings of the 2010 ICSE Workshop
on Software Engineering for Secure Systems (SESS 10). ACM, New
York, NY, USA, 43-49.
[11]
E. Load testing
For various elastic load testing, we need to generate loads
following different realistic web traffic scenarios. Examples of
such patterns include [23] long-tail traffic, Poisson distribution
and Zipf distribution. The Synthetic Load Generator will
generate the required load based on the configured settings
and perform the load testing.
[12]
[13]
F. Test Repository
[14]
[15]
[16]
[17]
C ONCLUSION
[18]
In this paper, we proposed an integrated Cloud test framework called PCTF which allows users to integrate different
independent test components into one framework. Further the
proposed model allows users to extend the model with other
test components as per their requirements without affecting
existing test components. It also allows users to select a
particular test suite or a set of test suites to run on the system
under test and collect consolidated results. We are currently
building this framework to test our Cloud platform and to
conduct various performance evaluation studies.
[19]
[20]
[21]
R EFERENCES
[1]
[2]
[3]
[4]
[22]
[23]
[24]
138
Philipp Zech, Michael Felderer, and Ruth Breu. 2012. Towards a Model
Based Security Testing Approach of Cloud Computing Environments.
In Proceedings of the 2012 IEEE Sixth International Conference on
Software Security and Reliability Companion (SERE-C 12). IEEE
Computer Society, Washington, DC, USA, 47-56.
Wei-Tek Tsai, Yu Huang, and Qihong Shao. 2011. Testing the scalability
of SaaS applications. In Proceedings of the 2011 IEEE International
Conference on Service-Oriented Computing and Applications (SOCA
11). IEEE Computer Society, Washington, DC, USA, 1-4.
Ewald Roodenrijs, TMap NEXT Testing Clouds, Sogeti Netherlands,
2011
Dustin Owens. 2010. Securing Elasticity in the Cloud. Queue 8,
5, Pages 10 (May 2010), 7 pages. DOI=10.1145/1794514.1794516
http://doi.acm.org/10.1145/1794514.1794516
Takabi, H.,Security and Privacy Challenges in Cloud Computing Environments, IEEE Security and Privacy, Vol 8, Issue 6, Pages 24-31,
2010
Jayanthi V, Neha M and Nithin D, SaaS Security Testing; Guidelines
and Evaluation Framework, 11th Annual International Software Testing
Conference, 2011, Infosys
Sharma, S, Jena, S K and K, Satyababu, New Approach for Testing
the Correctness of Access Control Policies, IEEE International Advance
Computing Conference 2009, Thapar University, Patiala, Punjab, India
Neil MacDonald, Joseph Feiman, Magic Quadrant for Dynamic Application Security Testing, Gartner Report, 2011
Eric Bauer, Randee Adams, Reliability and Availability of Cloud
Computing, IEEE Press, 2012
Saman Zonouz, Amir Houmansadr, Robin Berthier, Nikita Borisov,
William Sanders, Secloud: A Cloud-based Comprehensive and
Lightweight Security Solution for Smartphones, Computers and
Security, Available online 20 February 2013, ISSN 0167-4048,
10.1016/j.cose.2013.02.002.
William Jenkins, Sergiy Vilkomir, Puneet Sharma, and George Pirocanac. 2011. Framework for testing cloud platforms and infrastructures. In Proceedings of the 2011 International Conference on
Cloud and Service Computing (CSC 11). IEEE Computer Society, Washington, DC, USA, 134-140. DOI=10.1109/CSC.2011.6138511
http://dx.doi.org/10.1109/CSC.2011.6138511
Dan Sanderson, Programming Google App Engine, OReilly Press,
2010
W. Gong, Y.Liu, V. Misra, and D. Towsley. On the Tails of Web Filesize Distributions. In Proceedings of the Thirty-Ninth Annual Allerton
Conference on Communication, Control, and Computing, pp. 192201.
UrbanaChampaign, IL: Coordinated Science Laboratory, University of
Illinois, 2001.
Yefim V Natis, Reference Architecture for Multitenancy: Enterprise
Computing in the Cloud, Gartner Report 2008