Google Android: A Comprehensive Security Assessment
IEEE Security and Privacy
Permission re-delegation: attacks and defenses
SEC'11 Proceedings of the 20th USENIX conference on Security
A survey of mobile malware in the wild
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Specification and Standardization of a Java Trusted Computing API
Software—Practice & Experience
| Hi-index | 0.00 |
Smartphone platforms are fast becoming the de-facto method of online communication. Android is one of the most promising smartphone platforms with backing of both the finances of industry leaders and the technical skills and expertise of the open source community. These two factors combined with the usability of application design on the Android platform has propelled the platform in the fore-front of technological innovations. However, along with this wide acceptance by the community come large risks associated with privacy, security and trust. Users share very sensitive data of a very personal nature on their smartphones. Protection of this data is of immense importance if the adoption of smartphones is to be continued. Similar threats on the pc have been countered using the concepts of Trusted Computing -- a highly flexible trust mechanism with strong security properties. The Android platform has yet to see any Trusted Computing applications primarily because of the difficulty in adopting the relatively new paradigm of security. In this paper, we present the design of a high-level api that allows existing Android developers to adopt Trusted Computing and use it in their applications without having to learn the intricate details of how Trusted Computing works. The api will help the developers to increase the security of their applications and the data that they consume.