论文信息 - Security Verification Framework for e-GOV Mobile App

Security Verification Framework for e-GOV Mobile App

Recently smart phones have been proliferating widely and quickly. Since the number of mobile apps that are being developed and deployed to domestic/international app stores is rising, more apps are being installed and deleted by users without any difficulty. The deployed apps are each attested through distinct verification framework of specific app stores. However, such verification frameworks are insufficient in checking security concerns. Unfortunately, the security verification framework is necessary since the incidents of leaking privacy and confidential information are being increased in lately. The aim of this paper is to provide the security verification framework that assures security and reliability of the e-government mobile apps. In order to verify proposed verification framework, a few apps were selected and inspected through proposed framework and these inspection results are included in this paper.

Rhan Ha | Hong-Geun Kim | Ji-Ho Bang | Pil-Yong Kang

[1] Patrick D. McDaniel,et al. Understanding Android Security , 2009, IEEE Security & Privacy Magazine.

[2] Jan Trobitius,et al. Anwendung der "Common Criteria for Information Technology Security Evaluation" (CC) / ISO 15408 auf ein SOA Registry-Repository , 2007, Informatiktage.

[3] Yuval Elovici,et al. Google Android: A Comprehensive Security Assessment , 2010, IEEE Security & Privacy.

[4] Patrick D. McDaniel,et al. On lightweight mobile phone application certification , 2009, CCS.

[5] Seungyeop Han,et al. Privacy Revelations for Web and Mobile Apps , 2011, HotOS.

[6] Byung-Gon Chun,et al. Vision: automated security validation of mobile apps at app markets , 2011, MCS '11.

[7] Christopher Krügel,et al. PiOS: Detecting Privacy Leaks in iOS Applications , 2011, NDSS.

[8] Steve Hanna,et al. A survey of mobile malware in the wild , 2011, SPSM '11.