Systematic Literature Review on Penetration Testing for Mobile Cloud Computing Applications

Ahmad Salah Al-Ahmad*, Hasan Kahtan, Fadhl Hujainah, Hamid A. Jalab

*Awdur cyfatebol y gwaith hwn

Allbwn ymchwil: Cyfraniad at gyfnodolynErthygl adolyguadolygiad gan gymheiriaid

32 Dyfyniadau (Scopus)

Crynodeb

Mobile cloud computing (MCC) enables mobile devices to exploit seamless cloud services via offloading, and has numerous advantages and increased security and complexity. Penetration testing of mobile applications has become more complex and expensive due to several parameters, such as the platform, device heterogeneity, context event types, and offloading. Numerous studies have been published in the MCC domain, whereas few studies have addressed the common issues and challenges of MCC testing. However, current studies do not address MCC and penetration testing. Therefore, revisiting MCC and penetration testing domains is essential to overcoming the inherent complexity and reducing costs. Motivated by the importance of revisiting these domains, this paper pursues two objectives: to provide a comprehensive systematic literature review (SLR) of the MCC, security and penetration testing domains and to establish the requirements for penetration testing of MCC applications. This paper has systematically reviewed previous penetration testing models and techniques based on the requirements in Kitchenham's SLR guidelines. The SLR outcome has indicated the following deficiencies: the offloading parameter is disregarded; studies that address mobile, cloud, and web vulnerabilities are lacking; and a MCC application penetration testing model has not been addressed by current studies. In particular, offloading and mobile state management are two new and vital requirements that have not been addressed to reveal hidden security vulnerabilities, facilitate mutual trust, and enable developers to build more secure MCC applications. Beneficial review results that can contribute to future research are presented.

Iaith wreiddiolSaesneg
Rhif yr erthygl8917986
Tudalennau (o-i)173524-173540
Nifer y tudalennau17
CyfnodolynIEEE Access
Cyfrol7
Dynodwyr Gwrthrych Digidol (DOIs)
StatwsCyhoeddwyd - 29 Tach 2019
Cyhoeddwyd yn allanolIe

Dyfynnu hyn