Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad

Mobile cloud computing (MCC) technology possess features mitigating mobile limitations and enhancing cloud services. MCC application penetration testing issues are complex and unique which make the testing difficult for junior penetration testers. It is complex as MCC applications have three interse...

Full description

Bibliographic Details
Main Author: Mahmoud Al-Ahmad, Ahmad Salah
Format: Book Section
Language:English
Published: Institute of Graduate Studies, UiTM 2017
Subjects:
Online Access:http://ir.uitm.edu.my/id/eprint/19704/
http://ir.uitm.edu.my/id/eprint/19704/1/ABS_AHMAD%20SALAH%20MAHMOUD%20AL-AHMAD%20TDRA%20VOL%2011%20IGS%2017.pdf
id uitm-19704
recordtype eprints
spelling uitm-197042018-06-07T06:06:05Z http://ir.uitm.edu.my/id/eprint/19704/ Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad Mahmoud Al-Ahmad, Ahmad Salah Malaysia Mobile cloud computing (MCC) technology possess features mitigating mobile limitations and enhancing cloud services. MCC application penetration testing issues are complex and unique which make the testing difficult for junior penetration testers. It is complex as MCC applications have three intersecting vulnerability domains, namely mobile, web, and cloud. The offloading process adds uniqueness and complexity to the MCC application penetration testing in terms of generating, selecting and executing test cases. To solve these issues, this thesis constructs a model for MCC application penetration testing that reduces the complexity, tackles the uniqueness and assists junior testers in conducting penetration tests on MCC applications more effectively and efficiently. The main objectives of this thesis are to discover the issues in conducting penetration testing on MCC applications and to construct and evaluate MCC application penetration testing model. Design science research methodology is applied with four phases: (i) Theoretical framework construction phase (ii) Model construction phase entails designing the components and processes of MCC application penetration to reduce the complexity and address offloading; (iii) Model implementation phase implements the components and processes of the model into model guidelines and integrated tool called PT2-MCC. This tool manages the repositories, generates and selects test cases, and implements the mobile agent component; (iv) Model evaluation phase applies case study approach and uses an evaluation framework to evaluate the model against selected testing quality and performance attributes. In model evaluation phase, a junior penetration tester conducted two case studies on two MCC applications built by extending two open source native mobile applications… Institute of Graduate Studies, UiTM 2017 Book Section PeerReviewed text en http://ir.uitm.edu.my/id/eprint/19704/1/ABS_AHMAD%20SALAH%20MAHMOUD%20AL-AHMAD%20TDRA%20VOL%2011%20IGS%2017.pdf Mahmoud Al-Ahmad, Ahmad Salah (2017) Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad. In: The Doctoral Research Abstracts. IGS Biannual Publication, 11 (11). Institute of Graduate Studies, UiTM, Shah Alam.
repository_type Digital Repository
institution_category Local University
institution Universiti Teknologi MARA
building UiTM Institutional Repository
collection Online Access
language English
topic Malaysia
spellingShingle Malaysia
Mahmoud Al-Ahmad, Ahmad Salah
Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad
description Mobile cloud computing (MCC) technology possess features mitigating mobile limitations and enhancing cloud services. MCC application penetration testing issues are complex and unique which make the testing difficult for junior penetration testers. It is complex as MCC applications have three intersecting vulnerability domains, namely mobile, web, and cloud. The offloading process adds uniqueness and complexity to the MCC application penetration testing in terms of generating, selecting and executing test cases. To solve these issues, this thesis constructs a model for MCC application penetration testing that reduces the complexity, tackles the uniqueness and assists junior testers in conducting penetration tests on MCC applications more effectively and efficiently. The main objectives of this thesis are to discover the issues in conducting penetration testing on MCC applications and to construct and evaluate MCC application penetration testing model. Design science research methodology is applied with four phases: (i) Theoretical framework construction phase (ii) Model construction phase entails designing the components and processes of MCC application penetration to reduce the complexity and address offloading; (iii) Model implementation phase implements the components and processes of the model into model guidelines and integrated tool called PT2-MCC. This tool manages the repositories, generates and selects test cases, and implements the mobile agent component; (iv) Model evaluation phase applies case study approach and uses an evaluation framework to evaluate the model against selected testing quality and performance attributes. In model evaluation phase, a junior penetration tester conducted two case studies on two MCC applications built by extending two open source native mobile applications…
format Book Section
author Mahmoud Al-Ahmad, Ahmad Salah
author_facet Mahmoud Al-Ahmad, Ahmad Salah
author_sort Mahmoud Al-Ahmad, Ahmad Salah
title Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad
title_short Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad
title_full Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad
title_fullStr Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad
title_full_unstemmed Penetration testing model for mobile cloud computing applications / Ahmad Salah Mahmoud Al-Ahmad
title_sort penetration testing model for mobile cloud computing applications / ahmad salah mahmoud al-ahmad
publisher Institute of Graduate Studies, UiTM
publishDate 2017
url http://ir.uitm.edu.my/id/eprint/19704/
http://ir.uitm.edu.my/id/eprint/19704/1/ABS_AHMAD%20SALAH%20MAHMOUD%20AL-AHMAD%20TDRA%20VOL%2011%20IGS%2017.pdf
first_indexed 2023-09-18T23:03:06Z
last_indexed 2023-09-18T23:03:06Z
_version_ 1777418304628981760