Zusammenfassung
We review the security architectures of currently available Smartphone operating systems, with a focus on application security. Our insights are compared to security of today's Smartphones. This leads to a research agenda and features allowing for new security architectures that can address existing security problems in future Smartphone operating systems.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
[Apple10] Apple Inc. Security Overview. Cupertino, CA, USA. July 2010.
[EGC+09] William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, Anmol N. Sheth. Taintdroid: An information-flow Tracking System for Realtime Privacy Monitoring on Smartphones. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation. October 2009.
[ENISA10] European Network and Information Security Agency. Smartphones: Information security risks, opportunities and recommendations for users. December 2010.
[EOM09a] William Enck, Machigar Ongtang, and Patrick McDaniel. Understanding Android Security. In IEEE Security & Privacy, IEEE Computer Society. 2009.
[EOM09b] William Enck, Machigar Ongtang, Patrick McDaniel. On lightweight mobile phone application certi_cation. In: Proceedings of the 16th ACM Conference on Computer and Communications Security. November 2009.
[FS10a] F-Secure. Warning On Possible Android Mobile Trojans. Available online: www.f-secure.com/weblog/archives/00001852.html. January 2010.
[FS10b] F-Secure. Android Games Isn't Actually a Game. Online: www.fsecure.com/weblog/archives/00002011.html. August 2010.
[Heath10] Craig Heath. Symbian OS Platform Security, Software Development Using the Symbian OS Security Architecture. John Wiley & Sons Ltd. 2006.
[HS10] Cedric Halbronn and Jean Sigwald. iPhone Security model & vulnerabilities. Hack in the Box, SecConf 2010.
[iGR10] iGR Inc. Smartphone Security for the Enterprise: Encryption, Remote Features, ad Compliance. Austin, Texas, USA. August 2010.
[Jaqu10] Andrew Jaquith, Apple's iPhone And iPad: Secure Enough For Business. Forrester Research Inc. Cambridge, USA. August 2010.
[LYL+10] Hong Lu, Jun Yang, Zhigang Liu, Nicholas D. Lane, Tanzeen Chondhury, and Andrew T. Campbell. The Jigsaw – Continuous Sensing Engine for Mobile Phone Applications. In Proceedings of the 8th International Conference on Embedded Network Sensor Systems, SenSys 2010. pp. 71–81. ACM. Zurich, Switzerland. Nov 2010.
[Mills10] Elinor Mills. Malware found lurking in apps for Windows Mobile. Online: www.news.cnet.com/8301-27080_3-20006882-245.html. CNET. June 2010.
[OBM10] Machigar Ongtang, Kevin Butler, Patrick McDaniel: Porscha: Policy Oriented Secure Content Handling in Android. In Proceedings of the 26th Annual Computer Security Applications Conference. December 2010.
[OMEM09] Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel: Semantically Rich Application-Centric Security in Android. In Proceedings of the 25th Annual Computer Security Applications Conference, December 2009.
[RIM09] Research in Motion Limited. BlackBerry Enterprise Solution, Security Technical Overview for BlackBerry Enterprise Server Version 4.1 Service Pack 6 and BlackBerry Device Software Version 4.6. Canada. March 2009.
[Schleg11] Roman Schlegel, Kehuan Zhang, Xiaoyong Zhou, Mehool Intwala, Apu Kapadia, XiaoFeng Wang: Soundminer: A Stealthy and Context-Aware Sound Trojan for Smartphones, 18th Annual Network & Distributed System Security Symposium (NDSS '11), San Diego, CA, February 6–9, 2011.
[Seriot10] Nicolas Seriot. iPhone Privacy. In Proceedings of Black Hat DC 2010. Arlington, Virginia, USA. August 2010.
[Smith10] Chris Smith. Application Sensor Logger Test. Online: www..androlib.com/android.application.uk-co-md87-android-sensorloggerwnqz. aspx. 2010.
[Shields10] Tyler Shields. Blackberry Mobile Spyware – The Monkey Steals the Berries. February 2010.
[SFK+10] Asaf Shabati, Yuval Fledel, Uri Kanonov, Yuval Elovici, Shlomi Dolev, and Chanan Glezer. Google Android: A Comprehensive Security Assessment. In Mo bile Device Security, Copublished by IEEE Computer and Reliability Societies. March/April 2010.
[TCG11] Trusted Computing Group, www.trustedcomputinggroup.org/
[VS10] Tony Vennern, David Stoop. Threat Analysis of the Android Market. Online: www.threatcenter.smobilesystems.com/wp-content/uploads/2010/06/Android-Market-Threat-Analysis-6-22-10-v1.pdf. SMobile Systems, Columbus, Ohio, USA. June 2010.
[WAP 98] Wireless Application Protocol Forum: WAP 1.0 Specification. Available from www.wapforum.org/DTD/pap_1.0.dtd. 1998.
[WR08] Wolfgang Effing and Wolfgang Rankl. Handbuch der Chipkarten. Carl Hanser Verlag, München, Wien, 2008.
Editor information
Rights and permissions
Copyright information
© 2011 Vieweg+Teubner Verlag | Springer Fachmedien Wiesbaden GmbH
About this chapter
Cite this chapter
Posegga, J., Schreckling, D. (2011). Next Generation Mobile Application Security. In: Bub, U., Wolfenstetter, KD. (eds) IT-Sicherheit zwischen Regulierung und Innovation. Vieweg+Teubner Verlag. https://doi.org/10.1007/978-3-8348-8256-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-8348-8256-1_10
Publisher Name: Vieweg+Teubner Verlag
Print ISBN: 978-3-8348-1729-7
Online ISBN: 978-3-8348-8256-1
eBook Packages: Computer Science and Engineering (German Language)