Abstract
The last decade has seen the emergence of mobile platform for software applications. An important factor in the remarkable growth in this area is the development of Android and a community of mobile application developers sharing open sourced and free software. While the emphasis for Android has been openness and user control, this brings with it challenges of validating and securing mobile apps. Development of dedicated tools and techniques to test mobile apps for functional and nonfunctional properties has been limited so far. Such an effort is made more difficult given frequent version updates for Android in its short history (over ten in ten years). The need for better security and assurance for mobile apps, on the other hand, is ever so more as apps providing important services such as banking, navigation, and identity management emerge. This paper attempts to converge on current concepts and practices of testing mobile apps. We provide a structured checklist approach to vulnerability assessment and permission mapping of mobile apps, which is underpinned by a set of available tools, and ultimately contribute to a framework for certification of mobile apps. The proposed certification process combines diverse sources and has a focus on automation.
Original language | English |
---|---|
Title of host publication | Information Technology and Open Source |
Subtitle of host publication | Applications for Education, Innovation, and Sustainability - SEFM 2012 Satellite Events, InSuEdu, MoKMaSD, and OpenCert, Revised Selected Papers |
Publisher | Springer |
Pages | 288-303 |
Number of pages | 16 |
ISBN (Print) | 9783642543371 |
DOIs | |
Publication status | Published - 1 Jan 2014 |
Event | 10th International Conference on Software Engineering and Formal Methods, SEFM 2012, 1st International Symposium on InSuEdu 2012, 1st International Symposium on MoKMaSD 2012, 6th International Workshop on Foundations and Techniques for OpenCert 2012 - Thessaloniki, Greece Duration: 1 Oct 2012 → 5 Oct 2012 https://dl.acm.org/citation.cfm?id=2404232&picked=prox |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 7991 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 10th International Conference on Software Engineering and Formal Methods, SEFM 2012, 1st International Symposium on InSuEdu 2012, 1st International Symposium on MoKMaSD 2012, 6th International Workshop on Foundations and Techniques for OpenCert 2012 |
---|---|
Country/Territory | Greece |
City | Thessaloniki |
Period | 1/10/12 → 5/10/12 |
Internet address |