摘要
With respect to security, the use of various terminals in the mobile Internet environment is problematic.Traditional terminal testing methods cannot simulate actual testing environments; thus, the test results do not accurately reflect the security of terminals. To address this problem, we designed and developed a cloud platform based automated testing system for the mobile Internet. In this system, virtualization and automation technology are utilized to integrate mobile terminals into the cloud platform as a resource, to achieve a novel cloud service called Testing as a Service(Taa S). The system consists of three functional modules: web front-end module, testing environment module, and automated testing module. We adopted the permeable automated testing tool Metasploit to perform security testing. In our test experiments, we selected 100 apps with diverse vulnerability levels, ranging from secure to vulnerable, to perform a series of functional tests. The experimental results show that this system can correctly test both the number of vulnerable apps and their corresponding vulnerability levels. As such, the designed system can flexibly configure various testing environments for different testing cases or projects, and thereby perform security testing automatically.
With respect to security, the use of various terminals in the mobile Internet environment is problematic.Traditional terminal testing methods cannot simulate actual testing environments; thus, the test results do not accurately reflect the security of terminals. To address this problem, we designed and developed a cloud platform based automated testing system for the mobile Internet. In this system, virtualization and automation technology are utilized to integrate mobile terminals into the cloud platform as a resource, to achieve a novel cloud service called Testing as a Service(Taa S). The system consists of three functional modules: web front-end module, testing environment module, and automated testing module. We adopted the permeable automated testing tool Metasploit to perform security testing. In our test experiments, we selected 100 apps with diverse vulnerability levels, ranging from secure to vulnerable, to perform a series of functional tests. The experimental results show that this system can correctly test both the number of vulnerable apps and their corresponding vulnerability levels. As such, the designed system can flexibly configure various testing environments for different testing cases or projects, and thereby perform security testing automatically.
基金
supported by the National Natural Science Foundation of China (No. 61202431)
the National High-Tech Research and Development (863) Program of China (No. 2013AA014702)
Beijing Higher Education Young Elite Teacher Project (No. YETP0535)
the Open Project Program of Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks
the Scientific Research Foundation for the Returned Overseas Chinese Scholars, Ministry of Education
