Title :
Applying Security Assurance Techniques to a Mobile Phone Application: An Initial Approach
Author :
Krishnan, Padmanabhan ; Hafner, Sergej ; Zeiser, Andreas
Author_Institution :
Centre for Software Assurance, Bond Univ., Gold Coast, QLD, Australia
Abstract :
As users download applications to their mobile phones, security is a critical issue. In this paper we present a process for the security assurance of applications. It uses existing vulnerability databases and application development guidelines to identify potential security issues. The identified issues are then validated using a variety of techniques including black-box testing, unit testing code inspection and static analysis. This process is illustrated using an application for the Android platform.
Keywords :
database management systems; mobile computing; mobile radio; operating systems (computers); program diagnostics; program testing; telecommunication security; Android platform; application development guidelines; black-box testing; mobile phone application; security assurance techniques; security issues; static analysis; unit testing code inspection; vulnerability databases; Androids; Databases; Guidelines; Humanoid robots; Mobile handsets; Security; Testing; Android; Assurance; QA process; Security;
Conference_Titel :
Software Testing, Verification and Validation Workshops (ICSTW), 2011 IEEE Fourth International Conference on
Conference_Location :
Berlin
Print_ISBN :
978-1-4577-0019-4
Electronic_ISBN :
978-0-7695-4345-1
DOI :
10.1109/ICSTW.2011.10
