Please use this identifier to cite or link to this item: http://hdl.handle.net/10316/100830
DC FieldValueLanguage
dc.contributor.authorLaranjeiro, Nuno-
dc.contributor.authorAgnelo, João-
dc.contributor.authorBernardino, Jorge-
dc.date.accessioned2022-07-13T12:04:48Z-
dc.date.available2022-07-13T12:04:48Z-
dc.date.issued2021-
dc.identifier.issn2169-3536pt
dc.identifier.urihttp://hdl.handle.net/10316/100830-
dc.description.abstractREST services are nowadays being used to support many businesses, with most major companies exposing their services via REST interfaces (e.g., Google, Amazon, Instagram, and Slack). In this type of scenarios, heterogeneity is prevalent and software is sometimes exposed to unexpected conditions that may activate residual bugs, leading service operations to fail. Such failures may lead to nancial or reputation losses (e.g., information disclosure). Although techniques and tools for assessing robustness have been thoroughly studied and applied to a large diversity of domains, REST services still lack practical approaches that specialize in robustness evaluation. In this paper, we present a tool (named bBOXRT) for performing robustness tests over REST services, solely based on minimal information expressed in their interface descriptions.We used bBOXRT to evaluate an heterogeneous set of 52 REST services that comprise 1,351 operations and t in distinct categories (e.g., public, private, in-house).We were able to disclose several different types of robustness problems, including issues in services with strong reliability requirements and also a few security vulnerabilities. The results show that REST services are being deployed preserving software defects that harm service integration, and also carrying security vulnerabilities that can be exploited by malicious users.pt
dc.language.isoengpt
dc.relationFCT project CISUC - UID/CEC/00326/2020pt
dc.relationEuropean Social Fund, through the Regional Operational Program Centro 2020pt
dc.relationEuropean Union's Horizon 2020 research and innovation program under the Marie Sklodowska-Curie grant agreement No 823788 (project ADVANCEpt
dc.relationproject MobiWise P2020SAICTPAC/0011/2015 co-financed by COMPETE 2020, Portugal 2020pt
dc.relationFEDER Regional Operational Programme of Lisbon (POR LISBOA 2020pt
dc.relationProject 5G with Nr.024539 (POCI-01-0247-FEDER-024539)pt
dc.relationproject ``Voice Architecture over Distributed Network'' (reference:POCI-01-0247-FEDER-039676)pt
dc.rightsopenAccesspt
dc.rights.urihttp://creativecommons.org/licenses/by/4.0/pt
dc.subjectRESTpt
dc.subjectRESTfulpt
dc.subjectweb APIpt
dc.subjectweb servicespt
dc.subjectrobustness testingpt
dc.titleA Black Box Tool for Robustness Testing of REST Servicespt
dc.typearticle-
degois.publication.firstPage24738pt
degois.publication.lastPage24754pt
degois.publication.titleIEEE Accesspt
dc.peerreviewedyespt
dc.identifier.doi10.1109/ACCESS.2021.3056505pt
degois.publication.volume9pt
dc.date.embargo2021-01-01*
uc.date.periodoEmbargo0pt
item.fulltextCom Texto completo-
item.grantfulltextopen-
item.languageiso639-1en-
crisitem.author.researchunitCISUC - Centre for Informatics and Systems of the University of Coimbra-
crisitem.author.parentresearchunitFaculty of Sciences and Technology-
crisitem.author.orcid0000-0001-9660-2011-
Appears in Collections:I&D CISUC - Artigos em Revistas Internacionais
Files in This Item:
File Description SizeFormat
A_Black_Box_Tool_for_Robustness_Testing_of_REST_Services.pdf5.48 MBAdobe PDFView/Open
Show simple item record

Google ScholarTM

Check

Altmetric

Altmetric


This item is licensed under a Creative Commons License Creative Commons