TY - GEN
T1 - A certification process for android applications
AU - Kalutarage, Harsha K.
AU - Krishnan, Padmanabhan
AU - Shaikh, Siraj Ahmed
PY - 2014
Y1 - 2014
N2 - The last decade has seen the emergence of mobile platform for software applications. An important factor in the remarkable growth in this area is the development of Android and a community of mobile application developers sharing open sourced and free software. While the emphasis for Android has been openness and user control, this brings with it challenges of validating and securing mobile apps. Development of dedicated tools and techniques to test mobile apps for functional and nonfunctional properties has been limited so far. Such an effort is made more difficult given frequent version updates for Android in its short history (over ten in ten years). The need for better security and assurance for mobile apps, on the other hand, is ever so more as apps providing important services such as banking, navigation, and identity management emerge. This paper attempts to converge on current concepts and practices of testing mobile apps. We provide a structured checklist approach to vulnerability assessment and permission mapping of mobile apps, which is underpinned by a set of available tools, and ultimately contribute to a framework for certification of mobile apps. The proposed certification process combines diverse sources and has a focus on automation.
AB - The last decade has seen the emergence of mobile platform for software applications. An important factor in the remarkable growth in this area is the development of Android and a community of mobile application developers sharing open sourced and free software. While the emphasis for Android has been openness and user control, this brings with it challenges of validating and securing mobile apps. Development of dedicated tools and techniques to test mobile apps for functional and nonfunctional properties has been limited so far. Such an effort is made more difficult given frequent version updates for Android in its short history (over ten in ten years). The need for better security and assurance for mobile apps, on the other hand, is ever so more as apps providing important services such as banking, navigation, and identity management emerge. This paper attempts to converge on current concepts and practices of testing mobile apps. We provide a structured checklist approach to vulnerability assessment and permission mapping of mobile apps, which is underpinned by a set of available tools, and ultimately contribute to a framework for certification of mobile apps. The proposed certification process combines diverse sources and has a focus on automation.
UR - http://www.scopus.com/inward/record.url?scp=84958534756&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-54338-8_24
DO - 10.1007/978-3-642-54338-8_24
M3 - Conference contribution
AN - SCOPUS:84958534756
SN - 9783642543371
VL - 7991 LNCS
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 288
EP - 303
BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PB - Springer Verlag
T2 - 10th International Conference on Software Engineering and Formal Methods, SEFM 2012, 1st International Symposium on InSuEdu 2012, 1st International Symposium on MoKMaSD 2012, 6th International Workshop on Foundations and Techniques for OpenCert 2012
Y2 - 1 October 2012 through 5 October 2012
ER -