Android Security Analysis and Protection in Finance and Healthcare Cover Image

Android Security Analysis and Protection in Finance and Healthcare
Android Security Analysis and Protection in Finance and Healthcare

Author(s): Felix Rohrer, Nebiyu Feleke, Yuting Zhang, Kenneth Nimley, Lou Chitkushev, Tanya Zlateva
Subject(s): Education, ICT Information and Communications Technologies
Published by: Нов български университет
Keywords: Mobile; Android; Security; Analysis; Protection; Role-based; Access Control; Finance; Healthcare;

Summary/Abstract: Smartphones have become an emerging platform for both personal and business applications. As the most popular mobile operating system for smartphones, Android offers great flexibility not only for users but also for application developers. However, this flexibility exposes users to additional security threats. This is particularly dangerous for finance and healthcare applications which require high security for sensitive information and transactions. We created two proof-of-concept applications to demonstrate current attacks on Android applications. Moreover, we downloaded the top 200 free financial and healthcare applications and created a simple tool to extract and analyze their security information such as permission labels. To investigate the possible protection solutions, we surveyed recent security work and analyzed over a dozen solutions proposed by various research groups. We also propose a role-based access control (Rbac) mechanism to enhance Android’s currently limited access control system. We describe several scenarios to show how our proposed approach can be used to enhance security to both individuals and large corporations.

  • Issue Year: 8/2012
  • Issue No: 1
  • Page Range: 80-89
  • Page Count: 10
  • Language: English