Towards an Authorization Framework for App Security Checking

Joseph Hallett, David Aspinall

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Apps don't come with any guarantees that they are not malicious. This paper introduces a PhD project designing the authorization framework used for App Guarden. App Guarden is a new project that uses a exible assurance framework based on distribution of evidence, attestation and checking algorithms to make explicit why an app isn't dangerous and to allow users to describe how they want apps on their devices to behave. We use the SecPAL policy language to implement a device policy and give a brief example of a policy being used. Finally we use SecPAL to describe some of the differences between current app markets.
Original languageEnglish
Title of host publicationProceedings of the 2014 ESSoS Doctoral Symposium co-located with the International Symposium on Engineering Secure Software and Systems (ESSoS 2014), Munich, Germany, February 26, 2014.
Number of pages6
Publication statusPublished - 2014

Fingerprint

Dive into the research topics of 'Towards an Authorization Framework for App Security Checking'. Together they form a unique fingerprint.

Cite this