Wei Guo
ABSTRACT
Most mobile Internet application security issues are introduced in the development process. How to effectively prevent security problems and solve them as soon as possible in the development process of mobile application development is the key to the security of mobile Internet. This paper introduces the design and implementation of a management and control platform for secure mobile application development. For Android applications and iOS applications, security standards are provided for different application types in the form of security baselines, and the application security baseline standards are managed in the form of security knowledge base. The security baseline points are mapped to specific application security technical specifications and security verification technical points. It provides an effective solution for secure mobile application development.
- Qing Y, Ge P, Paolo G, et al. MEG: Memory and Energy Efficient Garbled Circuit Evaluation on Smartphones{J}. IEEE Transactions on Information Forensics and Security, 2018:1--1.Google Scholar
- Lin Y D, Huang C Y, Wright M, et al. Mobile Application Security{J}. Computer, 2014, 47(6):21--23.Google ScholarCross Ref
- He D, Chan S, Guizani M. Mobile application security: malware threats and defenses{J}. Wireless Communications IEEE, 2015, 22(1):138--144.Google ScholarDigital Library
- Sardasht M, Bakhtiar M, Rebwar M. Mobile Application Security Platforms Survey{J}. International Journal of Computer Applications, 2016, 133.Google Scholar
- Zhou Z, Sun C, Lu J, et al. Research and Implementation of Mobile Application Security Detection Combining Static and Dynamic{C}// 2018 10th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA). 2018.Google Scholar
- Yang X Y, Guo-Ai X U. Construction Method on Mobile Application Security Ecological Chain{J}. Journal of Software, 2017.Google Scholar
- Xu Y, Wang G, Ren J, et al. An adaptive and configurable protection framework against android privilege escalation threats{J}. Future Generation Computer Systems, 2018.Google Scholar
- Wu L, Zhang Y, Yong X, et al. An Efficient and Secure Identity-Based Authentication and Key Agreement Protocol with User Anonymity for Mobile Devices{J}. Wireless Personal Communications, 2016:1--17. Google ScholarDigital Library
- Ma Z, Wang X, Ma R. Integrating Gaze Tracking and Head-Motion Prediction for Mobile Device Authentication: A Proof of Concept{J}. Sensors, 18(9):2894-.Google Scholar
- https://echarts.baidu.com/Google Scholar
Index Terms
- Management system for secure mobile application development
Recommendations
Security During Application Development: an Application Security Expert Perspective
CHI '18: Proceedings of the 2018 CHI Conference on Human Factors in Computing SystemsMany of the security problems that people face today, such as security breaches and data theft, are caused by security vulnerabilities in application source code. Thus, there is a need to understand and improve the experiences of those who can prevent ...
Secure Mobile Application Development
The author reviews how and why threat models differ between mobile applications and traditional Web applications and discusses a few of the best practices associated with secure mobile development.
Research on Mobile Application Stereo Defense Technology
ICITEE '18: Proceedings of the International Conference on Information Technology and Electrical Engineering 2018The rapid development of mobile devices and mobile Internet has brought a wide range of market for mobile applications, but produced various mobile security issues as well. Risk factors come from various aspects related to mobile applications, including ...
Reviews
Shailesh Rangari
Our increasing reliance on mobile apps elevates their insecurities and shines a spotlight on their vulnerabilities. The author introduces a secure mobile app development approach that is proactive and provides verifiable security. Application security is usually assessed outside of (or at the end of) the development life cycle and incurs a heavy cost on productivity and security. Traditional security development approaches do not align well with the mobile application development world due to myriad differences between mobile and desktop systems. The author's approach prescribes a security baseline for mobile app development and technical controls that verify the security provided by the baselines. The idea of shifting security left in the development life cycle is not novel, but the presented secure verifiable approach is desirable and moves the needle in the right direction. The overall schema developed by the author is impressive and worth using as a reference to emulate these results in commercial or production development environments to reduce the security exposure of mobile apps.
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments