Testing the Internet state management mechanism

  • Author / Creator
    Tappenden, Andrew
  • This thesis presents an extensive survey of 100,000 websites as the basis for understanding the deployment of cookies across the Internet. The survey indicates cookie deployment on the Internet is approaching universal levels. The survey identifies the presence of P3P policies and dynamic web technologies as major predictors of cookie usage, and a number of significant relationships are established between the origin of the web application and cookie deployment. Large associations are identified between third-party persistent cookie usage and a country’s e-business environment. Cookie collection testing (CCT), a strategy for testing web applications, is presented. Cookies maintained in a browser are explored in light of anti random testing techniques, culminating in the definition of seeding vectors as the basis for a scalable test suite. Essentially CCT seeks to verify web application robustness against the modification—intentional or otherwise—of an application's internal state variables. Automation of CCT is outlined through the definition of test oracles and evaluation criterion. Evolutionary adaptive random (eAR) testing is proposed for application to the cookie collection testing strategy. A simulation study is undertaken to evaluate eAR against the current state-of-the-art in adaptive random testing—fixed size candidate set, restricted random testing, quasi-random testing, and random testing. eAR is demonstrated to be superior to the other techniques for block pattern simulations. For fault patterns of increased complexity, eAR is shown to be comparable to the other methods. An empirical investigation of CCT is undertaken. CCT is demonstrated to reveal defects within web applications, and is found to have a substantial fault-triggering rate. Furthermore, CCT is demonstrated to interact with the underlying application, not just the technological platform upon which an application is implemented. Both seeding and generated vectors are found to be useful in triggering defects. A synergetic relationship is found to exist between the seeding and generated vectors with respect to distinct fault detection. Finally, a large significant relationship is established between structural and content similarity measures of web application responses, with a composite of the two similarity measures observed to be superior in the detection of faults.

  • Subjects / Keywords
  • Graduation date
  • Type of Item
  • Degree
    Doctor of Philosophy
  • DOI
  • License
    This thesis is made available by the University of Alberta Libraries with permission of the copyright owner solely for non-commercial purposes. This thesis, or any portion thereof, may not otherwise be copied or reproduced without the written consent of the copyright owner, except to the extent permitted by Canadian copyright law.