Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cloud Testing Shilpi Chugh.

Similar presentations


Presentation on theme: "Cloud Testing Shilpi Chugh."— Presentation transcript:

1 Cloud Testing Shilpi Chugh

2 What is “Cloud "and Cloud Computing?
Cloud is just an analogy of Internet. Cloud Computing is a technology by means of which store and access data from remote locations with the use of internet

3 Features Scalability & flexibility On Demand Availability QoS
OpEx instead of CapEx. (tenancy instead of occupancy)

4 Types of clouds Private cloud Public cloud Community cloud
The cloud is managed by an organization . Public cloud The cloud infrastructure is owned and managed by a Cloud Service Provider . Community cloud The cloud is managed by several organizations and supports a specific community that has the same interest. Hybrid cloud The cloud infrastructure is composed of two or more of the above models

5 Different Service Models
Software as a Service (SaaS): It offers renting application functionality from a service provider rather than buying, installing and running software by the user. Platform as a Service (PaaS) : It provides a platform in the cloud, upon which applications can be developed and executed. Infrastructure as a Service (IaaS) : CSP offer computing power and storage space on demand

6 Challenges in Cloud Testing
Security Performance Integration System Crashes Lack of Standard Procedures

7 Security testing Security layers Physical Data Application Network

8 Physical Security Weakness in physical security can lead to an attack on infrastructure which in turn can shut down all the data related services Following measures can be taken for ensuring Physical security: Evaluate security controls on physical infrastructure with a physical security Surveillance cameras and an alarm system Restricted access points for employees Sensors for natural disasters Redundancy of data across locations

9 Data related Security Data plays an important role in cloud computing. So, security of data becomes the primary responsibility.

10 Data related Security cont..
Data Integrity – Gives high quality accessible data which is stored in cloud privacy environment. Data must not be changed in transit by unauthorized access. To achieve this goal monitoring mechanism must be strong. For verifying the integrity there is a framework “proof of Retrievability” is available in market to do a spot check of data which is proposed by Kevin D. Bowers.

11 Data related Security cont..
Encryption Distributive Storage Authentication techniques Data concealment Data Confidentiality Data confidentiality -Possess set of rules that limits access of information. Following measures as mentioned in below figure can be taken in order to maintain confidentiality

12 Data related Security cont..
Data Availability - Itself tells that data which is stored on cloud must be available when required. In case of any damage or network failure the data can be properly recovered. The data storage must be transparent and shared with the respective users. Different measures can be taken for the same such as: Reliable storage Agreement/Disaster Recovery plan Reliable devices used for backup such as hard drives. Data privacy: Cloud computing comes with the risk that unauthorized users might access your information. Also, it refers to the right of self -determination- “what is known about them”. To protect against this happening, cloud computing services offer PETs (Privacy Enhancing Tools) which provide encryption, anonymization etc., as well as TETs (Transparency enhancing tools) which provides information about private polices access to their data.

13 Network related security
Earlier when organisations worked individually they had a control on their networks but now in cloud architecture data moves to and from organization and cloud which is exposed to internet and configuration modes for virtual networks are “bridged” and “routed”. Network related attacks: DNS Attacks IP Spoofing Network Sniffing etc.

14 Application Related Security
Today the world runs on applications and applications are links between data and the user Application Level Threats : SQL injection Backdoor and debug options Hidden field manipulation Cross site scripting Man in the middle attack etc

15 Performance Related Issues and Crashes
As everyone is moving to cloud for their services and applications, multiple users can use or hit the same application at same time, which in turn increases the traffic on internet. Now it is a concern regarding the network bandwidth offered by Cloud services. following measures can be taken to overcome performance related issues: Testing can be done with Realistic Load, testing in ideal conditions, which you will never get after deploying on production. Testing can be done with increased stress, testing beyond the boundary value which can make sure application will not crash in worst conditions. Comprehensive Testing, End-to-End testing should be performed to create complete process chain. Testing Elasticity and scalability, to test whether the performance meets the defined SLAs.

16 Data Migration & Integration from Existing System
It is process of transferring data from one system to another while changing the storage or database. It typically happens during upgrades or transferring to new system Storage Migration Database Migration Application Migration

17 Lack of Standard Procedures and Practices
Today more and more businesses are looking for moving to hosted solutions provided by different vendors to cut down on the cost spent having their own IT infrastructure but the problem starts when they start looking out for the solutions offered but since the field is still evolving it becomes difficult to have a comparison between 2 solutions because they all have different standards. New organizations which are thinking to migrate to Cloud are planning for their own standards during and after migration.

18 thanks


Download ppt "Cloud Testing Shilpi Chugh."

Similar presentations


Ads by Google