To search, Click below search items. |
| All Published Papers Search Service |
|
|
|
Title |
A Proposed Framework for the Automated Authorization Testing of Mobile Applications |
|
Author |
Ahmed Mohammed Alghamdi and Khalid Almarhabi |
| Citation |
Vol. 21 No. 5 pp. 217-221 |
|
Abstract |
Recent studies have indicated that mobile markets harbor applications (apps) that are either malicious or vulnerable, compromising millions of devices. Some studies indicate that 96% of companies¡¯ employees have used at least one malicious app. Some app stores do not employ security quality attributes regarding authorization, which is the function of specifying access rights to access control resources. However, well-defined access control policies can prevent mobile apps from being malicious. The problem is that those who oversee app market sites lack the mechanisms necessary to assess mobile app security. Because thousands of apps are constantly being added to or updated on mobile app market sites, these security testing mechanisms must be automated. This paper, therefore, introduces a new mechanism for testing mobile app security, using white-box testing in a way that is compatible with Bring Your Own Device (BYOD) working environments. This framework will benefit end-users, organizations that oversee app markets, and employers who implement the BYOD trend. |
|
Keywords |
Authorization; BYOD; Mobile Applications, Testing |
|
URL |
|
|
Title |
A Proposed Framework for the Automated Authorization Testing of Mobile Applications |
|
Author |
Ahmed Mohammed Alghamdi and Khalid Almarhabi |
| Citation |
Vol. 21 No. 5 pp. 217-221 |
|
Abstract |
Recent studies have indicated that mobile markets harbor applications (apps) that are either malicious or vulnerable, compromising millions of devices. Some studies indicate that 96% of companies¡¯ employees have used at least one malicious app. Some app stores do not employ security quality attributes regarding authorization, which is the function of specifying access rights to access control resources. However, well-defined access control policies can prevent mobile apps from being malicious. The problem is that those who oversee app market sites lack the mechanisms necessary to assess mobile app security. Because thousands of apps are constantly being added to or updated on mobile app market sites, these security testing mechanisms must be automated. This paper, therefore, introduces a new mechanism for testing mobile app security, using white-box testing in a way that is compatible with Bring Your Own Device (BYOD) working environments. This framework will benefit end-users, organizations that oversee app markets, and employers who implement the BYOD trend. |
|
Keywords |
Authorization; BYOD; Mobile Applications, Testing |
|
URL |
