SECURITY RISKS AND THEIR PREVENTION CAPABILITIES IN MOBILE APPLICATION DEVELOPMENT

• Authors: Michalska Aneta , Poniszewska-Maranda Aneta
• Languages of publication: EN

Abstracts

EN

Mobile applications fulfill the more and more significant role in everyday life of the rapidly growing number of Smartphone users. IT companies try to establish new standards of data management as well as create mobile applications extending the functionalities of existing systems to enable the users to benefit from the newest technological advances. The paper presents a review of the known mobile application vulnerabilities for the two most popular mobile platforms, Apple's iOS and Google's Android, and proposes the secure development model to overcome the ex-isting threats faced by mobile application developers.

Keywords

EN

Mobile Application Development; Security of Mobile Applications; IOS Platform; Android Platform

• Publisher: Katedra Informatyki Szkoła Główna Gospodarstwa Wiejskiego w Warszawie
• Journal: Information Systems in Management
• Year: 2015
• Volume: 4
• Issue: 2
• Pages: 123-134

Dates

published

2015

Contributors

author

Michalska Aneta

• Institute of Information Technology, Lodz University of Technology, Poland

author

Poniszewska-Maranda Aneta

• Institute of Information Technology, Lodz University of Technology, Poland

References

• Porter Felt A., Finifter M., Chin E., Hanna S., Wagner D. (2011) A survey of mobile malware in the wild, 1st ACM workshop on Security and privacy in smartphones and mobile devices, 3-14.
• Apple (2014) iOS Security.
• Souppaya M. P., Scarfone K. A. (2013) Guidelines for Managing the Security of Mobile Devices in the Enterprise, NIST.
• Agarwal Y., Hall M. (2013) ProtectMyPrivacy: Detecting and Mitigating Privacy Leaks on iOS Devices Using Crowdsourcing, 1th Annual International Conference on Mobile systems, applications, and services, 97-110.
• Zhou Y., Jiang X. (2012) Dissecting Android Malware: Characterization and Evolution, 33rd IEEE Symposium on Security and Privacy.
• Vidas T., Votipka D., Christin N. (2011) All Your Droid Are Belong to Us: A Survey of Current Android Attacks, 5th USENIX Workshop on Offensive Technologies.
• Seriot N. (2010) iPhone Privacy, In Black Hat DC, USA.
• Enck W., Ongtang M., McDaniel P. (2009) Understanding Android Security, Security & Privacy, IEEE, Vol. 7, Issue 1, 50-57.
• Porter Felt A., Wang H. J., Moshchuk A., Hanna S., ChinE (2011) Permission Re-Delegation: Attacks and Defenses, 20th USENIX Security Symposium.
• Ongtang M., McLaughlin S., Enck W., McDaniel P. (2009) Semantically Rich Application-Centric Security in Android, Computer Security Applications Conference.
• Enck W., Octeau D., McDaniel P., Chaudhuri S. (2011) A Study of Android Application Security, 20th USENIX Security Symposium.
• Park M. (2012) Mobile Application Security: Who, How and Why, Trustwave SpiderLabs.
• Fitzgerald W. M., Neville U., Foley S. N. (2013) MASON: Mobile autonomic security for network access controls, Journal of Information Security and Applications, Vol. 18, Issue 1, 14-29.
• Zdziarski J. (2012) Hacking and Securing iOS Applications. Stealing Data, Hijacking Software, and How to Prevent It, O’Reilly Media.
• Alhamed M., Amir K., Omari M., Le W (2013) Comparing Privacy Control Methods for Smartphone Platforms, Engineering of Mobile-Enabled Systems, MOBS.
• Gianchandani P. (2013) IOS Application Security Part 12 – Dumping Keychain Data. Keychanin basics, Infosec Institute.
• Benedict C. (2012) Under the Hood: Reversing Android Applications, Infosec.
• Khan S., Nauman M., Othman A. T., Musa S. (2012) How secure is your smartphone: an analysis of smartphone security mechanisms, International conference on cyber security, cyber warfare and digital forensic, 76–81.

Identifiers

ISSN

2084-5537