Gartner report says, Cloud computing is most hyped word in Technology world in 2012, since starting from small to big company, everyone wants to be mobile and accessible everywhere and Cloud Computing seems like morning-pill to provide all advantages to user. More and more people think that cloud means applications in Browser, and only need is a system that can handle middle-ware that helps linking between end user and cloud. Companies like Amazon, Microsoft, Google, IBM and many others are providing an easy way to run generic to complex application in browser that could be access even from mobiles, Tablets and on Desktops with the same ease as it could be as other desktop or web applications.
With such kind of applications, large number of users may hit the application at same time, performances gets imperiled and annoy users, so more and more business gets impacted from performance. This could be overcome by testing server’s load and some intelligence should be provided to servers so that they could run as per the load like autonomic computing. To resolve this performance problem almost all cloud service provider provides Load balancing capability with their cloud services.
Security and privacy are few more testing areas, because user keeps his/her data online on some other company’s storage space and serve. So authorization and authentication measures should be strong enough to keep data of end user from any kind of hack.One more thing In general we spend near about 53 percent of our testing effort in functional testing and near about 23% time in performance testing but we just contribute only near about 15-18 % effort on Security testing. This is the cause of 48 Billion Dollars loss and since this is the only area that can spoil the ethos of already tested application. We should keep more tab while testing security on these areas like
- Network Testing
- Host Security
- Application Security testing
Before deploying any application on cloud more and more intense testing should be done on Web Vulnerabilities like
- Cross Site Scripting (XSS)
- SQL Injection
- Cookie issues
- Session issues
- Authentication and Authorization issues
- Directory traversal
- Information leakage
- Cross Site Request Forgery (XSRF/CSRF )
Web Vulnerabilities is not a small section that could bind up in such a small post. So I will try to bring more and more detail about these topics separately.
Last things that I would like to mention is “Control of cloud over operating system”, If user is using older version of Windows or Linux then he might get trouble in using cloud application and this is called dating issue.
This is just a small effort to bring certain pain point that should be dealt with care and with intense testing methods.