The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Delivering software for the Cloud represents a challenge for both micro teams and Small Medium Enterprises (SMEs), in part due to the rapid release methods adopted and the numerous ways in which software defects can be detected. We study field defect detection rates in a framework where these rates are used to refocus in-house test resources. Using an enterprise dataset, we address the question of...
Continuous test-based cloud certification uses tests to automatically and repeatedly evaluate whether a cloud service satisfies customer requirements over time. However, inaccurate tests can decrease customers' trust in test results and can lead to providers disputing results of test-based certification techniques. In this paper, we propose an approach how to evaluate the performance of test-based...
Failing to promote the least privilege principle in administration can lead to substantial vulnerabilities in cloud computing. A malicious insider like a compromised cloud administrator can affect security of data and workloads belonging to cloud customers. Enforcing the least privilege principle in cloud administration can fairly restrict the permissions of administrators and reduce the attack surface...
Despite its immense benefits in terms of flexibility, resource consumption, and simplified management, cloud computing raises several concerns due to lack of trust and transparency. Like all computing paradigms based on outsourcing, the use of cloud computing is largely a matter of trust. There is an increasing pressure by cloud customers for solutions that would increase their confidence that a cloud...
Cloud computing is gaining significant attention, however, security is the biggest hurdle in its wide acceptance. Users of cloud services are under constant fear of data loss, security threats and availability issues. Recently, learning-based methods for security applications are gaining popularity in the literature with the advents in machine learning techniques. However, the major challenge in these...
This presentation entitled "Securing OpenStack Cloud with Bandit" talks about Bandit, a security scanner from OpenStack Security Group. This presentation will cover details on Bandit, and how it can be used to secure OpenStack cloud and advantages of Bandit.
Through automatically checking whether cloud services satisfy customers' requirements, cloud service certification promises cloud providers competitive advantages, e.g. by attracting new customers. However, certification can increase costs of cloud providers, creating incentives for fraudulent providers to save costs by only pretending to satisfy customers' requirements. Opportunistic providers are...
Penetration Testing is a security research and study of exploitation methods with counter measures to protect web applications from attacks and intruders. It is the art of exploiting the weakness that has been identified in the system under test. Identifying the insecure areas is the major task; the goal is to protect sensitive and the valuable data. All the safety vulnerabilities which are present...
In this work we attempt to present the Cloud PAAS security by realizing in terms of Docker container security, we make a deep dive of the PAAS security and also try to analyse, compare and contrast the PAAS Docker container security, with other container technologies, and also with Virtual machine security with and without Hypervisor, and current security level of Dockers container and In this work...
The Service Level Management [SLM] is the process of managing the cloud resources and services. Also, it is the process of managing and deploying the recourses, providing the services based on demand, control the service, monitor the service and report the service. The Service Level Management defines the process of allocating the resources, managing the resources, SLA negation, controlling the service,...
A service level agreement (SLA) is a negotiated agreement between consumers and service providers in order to guarantee the quality of the negotiated service level. Therefore, many companies used contract to specify the desired service level agreement. SLA may specify the levels of availability, serviceability, performance, operation, security, or other attributes of the service. However, due to the...
The purpose of this paper is to present a framework from which Automated Test Equipment (ATE) manufacturers can use to help them develop, integrate, and deliver ATE cloud-based applications to the consumers of their products. In order to create these applications, the developer can utilize Commercial Web Services (CWS) as a means to help access compute power, storage devices, and other services that...
Software development is not only a single motive process as development but also have to handle number of different issues as like security. For basic software development, we generally use SDLC models for development like web projects, applications, services etc. but in this development process we are not taking care of security issues which are demand of these days. There is no central body who...
In this paper, we present a novel scheme for auditing Service Level Agreement (SLA) in a semi-trusted or untrusted cloud. A SLA is a contract formed between a cloud service provider (CSP)and a user which specifies, in measurable terms, what resources a the CSP will provide the user. CSP's being profit based companies have incentive to cheat on the SLA. By providing a user with less resources than...
As Cloud Computing continues to evolve the majority of research tends to lean towards optimising, securing and improving Cloud technologies. Less work appears which leverages the architectural and economic advantages of the Cloud. This paper examines the Cloud as a security testing environment, having a number of purposes such as penetration testing, and the dynamic creation and testing of environments...
With the rapid growth of Internet, the amount of malicious codes is exploding. Some security software vendors provide new cloud-based safeguard software for client users. These software, as part of Internet ware, consist of many modules with different functions and Internet behaviors. The Trojan scanning module, for instance, is based on cloud scanning function, which is achieved by collecting a large...
Vulnerability exploits will result in security breaches or violations of the system's security policy causing information leakage or economic losses. Although many detection methods such as static analysis, dynamic analysis and fuzz testing have been presented, the vulnerabilities are still difficult to detect. In this paper, we propose a new detection cloud service Vulcloud, which is scalable and...
Today's ongoing trend towards intense usage of web service based applications in daily business and everybody's daily life poses new challenges for security testing. Additionally, such applications mostly not execute in their own runtime environment but instead are deployed in some data center, run alongside multiple other applications, and serve different purposes for sundry user domains with diverging...
Cloud computing has become one of the most crucial part in accessing the set of resources when it comes to Information Technology (IT) domain, where it reduces the cost of their resource ownership and its services. Since cloud computing is believed to be a suitable and adaptable one for small business, the public cloud dominates in storing an organization resource with ease. However one of the most...
'Cloud testing' or 'Testing on the Cloud' means transforming the traditional testing lifecycle phases while adapting to the new quality risks in the cloud environment. Additional testing almost always involves the use of the time and energy of resources and personnel, which comes at a cost. Hence, automating this testing provides significant benefits in terms of cost and time savings. Test Automation-as-a-Service...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.