The reliability of cloud is fine-tuned with automatic testing
Radamsa, developed by the University of Oulu, is an efficient automated toolbox for data security specialists.
Hundreds of millions of people are already using services which utilise cloud technology over the Internet without realising it. With cloud technology, the number of interfaces and therefore risk factors increases, which also poses a major challenge for the data security of the future.
The data security and reliability of cloud technology are the biggest concern of companies considering the use of cloud technology. Insecurity is understandable when even the more critical operations use the cost effective cloud computing. Pekka Pietikäinen from the University of Oulu data security development team trusts in the future in any case.
“Cloud technology is an important element for companies when they want to do big things cost effectively, and its data security issues can be solved,” says Pietikäinen. “As with any new technology, the companies adopting cloud must assess carefully their risk-taking ability and the benefits that cloud can produce.”
Agile data security for the entire life span
The agile principle methods cause problems in the testing phases of software development, which usually are time-consuming. When work is done in short sprints, it is essential that testing is also adapted to the fast working pace. Radamsa offers help for the testing of data security development work. It can be used to test the ability of the program to run and tolerate hostile input.
Pekka Pietikäinen explains that the key concept is being systematic. Data security is examined throughout the life span of software development, so that it is already included in the requirement specification stage. A process has been created for each phase of the life span, where all issues specified in advance are examined systematically.
“Data security must not be some kind of an afterthought. Instead, it must be taken considered throughout the life span of software development. Every time a string of code is completed, it will be tested with the automatic testing system”, Pietikänen describes the progress.
The operating principle of the testing system is to take specimens of all possible data which is input for the software to be tested, like a browser or a cloud service, and create test cases of them. Partners of the project have already used Radamsa in their own testing. There will certainly be commercial potential for Radamsa.
Radamsa is a fully automated testing tool of data security, which deduces structures and creates test cases. It was developed by the University of Oulu. It combines the best features of the previously developed automated data security testing tools. Corporate partners of the project have included Ericsson, Nokia, F-Secure, Google, Mozilla Foundation and WebKit.org. Radamsa is based on open source code.
https://www.ee.oulu.fi/research/ouspg/Radamsa
