Mobile Application Security
The proportion of mobile devices providing open platform functionality is expected to continue to increase in future. The openness of these platforms offers significant opportunities to all parts of the mobile eco-system by delivering the ability for flexible program and service delivery options that may be installed, removed or refreshed multiple times in line with the user’s needs and requirements. However, with openness comes responsibility and unrestricted access to mobile resources and APIs by applications of unknown or untrusted origin could result in damage to the user, the device, the network or all of these, if not managed by suitable security architectures and network precautions. Application security is provided in some form on most open OS mobile devices (Symbian OS, Microsoft, BREW, etc.). Industry groups have also created recommendations including the GSM Association and Open Mobile Terminal Platform (OMTP).
There are several strategies to enhance mobile application security including
- Application white listing
- Ensuring transport layer security
- Strong authentication and authorization
- Encryption of data when written to memory
- Sandboxing of applications
- Granting application access on a per-API level
- Processes tied to a user ID
- Predefined interactions between the mobile application and the OS
- Requiring user input for privileged/elevated access
- Proper session handling
Read more about this topic: Application Security
Famous quotes containing the words mobile, application and/or security:
“From three to six months, most babies have settled down enough to be fun but aren’t mobile enough to be getting into trouble. This is the time to pay some attention to your relationship again. Otherwise, you may spend the entire postpartum year thinking you married the wrong person and overlooking the obvious—that parenthood can create rough spots even in the smoothest marriage.”
—Anne Cassidy (20th century)
“Most people, no doubt, when they espouse human rights, make their own mental reservations about the proper application of the word “human.””
—Suzanne Lafollette (1893–1983)
“Our security depends on the Allied Powers winning against aggressors. The Axis Powers intend to destroy democracy, it is anathema to them. We cannot provide that aid if the public are against it; therefore, it is our responsibility to persuade the public that aid to the victims of aggression is aid to American security. I expect the members of my administration to take every opportunity to speak to this issue wherever they are invited to address public forums in the weeks ahead.”
—Franklin D. Roosevelt (1882–1945)