• DocumentCode
    2303542
  • Title

    Applying Security Assurance Techniques to a Mobile Phone Application: An Initial Approach

  • Author

    Krishnan, Padmanabhan ; Hafner, Sergej ; Zeiser, Andreas

  • Author_Institution
    Centre for Software Assurance, Bond Univ., Gold Coast, QLD, Australia
  • fYear
    2011
  • fDate
    21-25 March 2011
  • Firstpage
    545
  • Lastpage
    552
  • Abstract
    As users download applications to their mobile phones, security is a critical issue. In this paper we present a process for the security assurance of applications. It uses existing vulnerability databases and application development guidelines to identify potential security issues. The identified issues are then validated using a variety of techniques including black-box testing, unit testing code inspection and static analysis. This process is illustrated using an application for the Android platform.
  • Keywords
    database management systems; mobile computing; mobile radio; operating systems (computers); program diagnostics; program testing; telecommunication security; Android platform; application development guidelines; black-box testing; mobile phone application; security assurance techniques; security issues; static analysis; unit testing code inspection; vulnerability databases; Androids; Databases; Guidelines; Humanoid robots; Mobile handsets; Security; Testing; Android; Assurance; QA process; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Testing, Verification and Validation Workshops (ICSTW), 2011 IEEE Fourth International Conference on
  • Conference_Location
    Berlin
  • Print_ISBN
    978-1-4577-0019-4
  • Electronic_ISBN
    978-0-7695-4345-1
  • Type

    conf

  • DOI
    10.1109/ICSTW.2011.10
  • Filename
    5954462
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2303542