Application Security for Mobile Devices

Application Security for Mobile Devices

Gabriele Costa (Università degli Studi di Genova, Italy), Aliaksandr Lazouski (Consiglio Nazionale delle Ricerche, Italy), Fabio Martinelli (Consiglio Nazionale delle Ricerche, Italy) and Paolo Mori (Consiglio Nazionale delle Ricerche, Italy)
DOI: 10.4018/978-1-4666-6359-6.ch022
OnDemand PDF Download:
No Current Special Offers


In these last years, mobile devices, such as mobile phones and tablets, have become very popular. Moreover, mobile devices have become very powerful and commonly run fairly complex applications such as 3D games, Internet browsers, e-mail clients, social network clients, and many others. Hence, an adequate security support is required on these devices to avoid malicious application damage or unauthorized accesses to personal data (such as personal contacts or business email). This chapter describes the security support of the current commercial mobile devices along with a set of approaches that have been proposed in the scientific literature to enhance the security of mobile applications.
Chapter Preview

Security Of The Modern Mobile Platforms: An Overview

This section describes the application security support provided by the two main mobile OS, Android and iOS, and of Java ME. According to Garner Inc. (2013), in the third quarter of 2013 Android and iOS had 94% of the global market share. This makes them very appealing for both attackers and researchers. Moreover, since Android is based on an open source project, several authors focused on it when proposing techniques and tools.

Key Terms in this Chapter

Trust Management: The representation and management of the expectation that an actor behaves dependably.

Static Verification: The process of verifying whether an application abstraction complies with a security policy.

Android Security: Security support provided by Android OS.

iOS Security: Security support provided by Apple iOS.

Java ME Security: Security support provided by the lightweight Java version for resource constrained devices (Java Micro Edition).

Mobile Devices Security: Security of mobile devices such as mobile phones and Personal Digital Assistants (PDAs).

Security Contracts: Formal, correct and complete definition of the behaviour of a system in terms of security relevant actions.

Security Policy: Formal description of the security requirements of a system.

Runtime Monitoring: The activity of guarding that a running system behaves according to a security policy.

Complete Chapter List

Search this Book: