期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2021
卷号:21
期号:5
页码:217-221
DOI:10.22937/IJCSNS.2021.21.5.30
出版社:International Journal of Computer Science and Network Security
摘要:Recent studies have indicated that mobile markets harbor applications (apps) that are either malicious or vulnerable, compromising millions of devices. Some studies indicate that 96% of companies’ employees have used at least one malicious app. Some app stores do not employ security quality attributes regarding authorization, which is the function of specifying access rights to access control resources. However, well-defined access control policies can prevent mobile apps from being malicious. The problem is that those who oversee app market sites lack the mechanisms necessary to assess mobile app security. Because thousands of apps are constantly being added to or updated on mobile app market sites, these security testing mechanisms must be automated. This paper, therefore, introduces a new mechanism for testing mobile app security, using white-box testing in a way that is compatible with Bring Your Own Device (BYOD) working environments. This framework will benefit end-users, organizations that oversee app markets, and employers who implement the BYOD trend.
关键词:Authorization; BYOD; Mobile Applications; Testing
