Privacy vulnerability analysis for Android Applications: A practical approach
Abstract:
This investigation proposes a methodology with a practical approach for privacy vulnerability analysis on Android Applications. The methodology combines the controls of the OWASP Mobile Security Project [1], Open Android Security Assessment Methodology [2], and good practices from the current state of the art. The proposed assessment is composed of the following stages: collection of information, logon and encryption, data transfer between dispositive, and development of android applications. Next, it is presented the practical approach of the assessment using a variety of tools for the vulnerability analysis. The tests were performed using mobile applications from public institutions of the Republic of Ecuador. Although Android makes the necessary efforts to prevent security issues in mobile applications, security will be always a shared responsibility with the developers, since after the performed analysis, critical vulnerabilities were found, which are related to the application development.
Año de publicación:
2017
Keywords:
- OWASP
- Mobile
- security
- OASAM
- android
- privacy
Fuente:
scopusTipo de documento:
Conference Object
Estado:
Acceso restringido
Áreas de conocimiento:
- Ingeniería de software
- Ciencias de la computación
Áreas temáticas:
- Ciencias de la computación
- Programación informática, programas, datos, seguridad
- Funcionamiento de bibliotecas y archivos
