Android Security Analysis and Protection in Finance and Healthcare
Android Security Analysis and Protection in Finance and Healthcare
Author(s): Felix Rohrer, Nebiyu Feleke, Yuting Zhang, Kenneth Nimley, Lou Chitkushev, Tanya ZlatevaSubject(s): Education, ICT Information and Communications Technologies
Published by: Нов български университет
Keywords: Mobile; Android; Security; Analysis; Protection; Role-based; Access Control; Finance; Healthcare;
Summary/Abstract: Smartphones have become an emerging platform for both personal and business applications. As the most popular mobile operating system for smartphones, Android offers great flexibility not only for users but also for application developers. However, this flexibility exposes users to additional security threats. This is particularly dangerous for finance and healthcare applications which require high security for sensitive information and transactions. We created two proof-of-concept applications to demonstrate current attacks on Android applications. Moreover, we downloaded the top 200 free financial and healthcare applications and created a simple tool to extract and analyze their security information such as permission labels. To investigate the possible protection solutions, we surveyed recent security work and analyzed over a dozen solutions proposed by various research groups. We also propose a role-based access control (Rbac) mechanism to enhance Android’s currently limited access control system. We describe several scenarios to show how our proposed approach can be used to enhance security to both individuals and large corporations.
Journal: Computer Science and Education in Computer Science
- Issue Year: 8/2012
- Issue No: 1
- Page Range: 80-89
- Page Count: 10
- Language: English
