Edinburgh Research Explorer

Towards an Authorization Framework for App Security Checking

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Related Edinburgh Organisations

Open Access permissions

Open

Documents

http://ceur-ws.org/Vol-1298/paper10.pdf
Original languageEnglish
Title of host publicationProceedings of the 2014 ESSoS Doctoral Symposium co-located with the International Symposium on Engineering Secure Software and Systems (ESSoS 2014), Munich, Germany, February 26, 2014.
Number of pages6
Publication statusPublished - 2014

Abstract

Apps don't come with any guarantees that they are not malicious. This paper introduces a PhD project designing the authorization framework used for App Guarden. App Guarden is a new project that uses a exible assurance framework based on distribution of evidence, attestation and checking algorithms to make explicit why an app isn't dangerous and to allow users to describe how they want apps on their devices to behave. We use the SecPAL policy language to implement a device policy and give a brief example of a policy being used. Finally we use SecPAL to describe some of the differences between current app markets.

Download statistics

No data available

ID: 19347358