The objective of this edited book is to gather best practices in the development and management of mobile apps projects. Mobile Apps Engineering aims to provide software engineering lecturers, students and researchers of mobile computing a starting point for developing successful mobile apps. To achieve these objectives, the book's contributors emphasize the essential concepts of the field, such as apps design, testing and security, with the intention of offering a compact, self-contained book which shall stimulate further research interest in the topic. The editors hope and believe that their efforts in bringing this book together can make mobile apps engineering an independent discipline inspired by traditional software engineering, but taking into account the new challenges posed by mobile computing.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.

No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.

Perlego offers two plans: Essential and Complete

Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.

Both plans are available with monthly, semester, or annual billing cycles.

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.

Yes, you can access Mobile Apps Engineering by Ghita K. Mostefaoui, Faisal Tariq, Ghita K. Mostefaoui,Faisal Tariq in PDF and/or ePUB format, as well as other popular books in Informatica & Reti di computer. We have over one million books available in our catalogue for you to explore.

Information

Publisher

Year

eBook ISBN

Topic

Subtopic

Chapter 1

An Introduction to Mobile Device Security

António Lima, Pedro Borges, Bruno Sousa, Paulo Simões, and Tiago Cruz

Contents

1.1Introduction

1.2Security Risks and Open Challenges

1.2.1Evolution of Mobile Device Complexity

1.2.2Information Risks

1.2.3Threat Taxonomy

1.2.4Case Studies on Security Threats in Mobile Devices

1.3Fundamental Concepts

1.3.1Device Security and Application Security

1.3.2Consumer vs. Corporate Environments

1.3.3Stakeholders

1.3.4Mobile Device and Application Management

1.3.5Security Life Cycle for Mobile Devices

1.3.5.1Prevention

1.3.5.2Monitoring

1.3.5.3Mitigation

1.3.5.4Analysis and Comparison

1.4Mobile Device and Application Management

1.4.1Remote Deployment of Security Policies

1.4.2Dedicated Application Stores

1.4.3Remote Device Control

1.4.4Remote Application Deployment

1.5Security Hardening and Preventive Techniques

1.5.1Application Development Aspects

1.5.1.1Data Protection

1.5.1.2Resource Usage

1.5.1.3Event Management

1.5.1.4Exploits and Malicious Applications, Devices, or Users

1.5.2Security Policies

1.5.3Official Secure Application Stores

1.5.4Operating Systems Recommendations

1.5.5Data Storage

1.5.6Authentication

1.5.7Isolation and Trust

1.5.7.1Virtualization

1.5.7.2Trusted Execution Environment

1.6Monitoring, Detection, and Reaction

1.6.1Monitoring

1.6.2IDS and IDPS (Detection and Reaction)

1.7Conclusion

References

1.1Introduction

This chapter provides a state-of-the-art overview regarding available solutions and best practices for mobile device and mobile application security. It provides a broad perspective of the security aspects involved in mobile applications, encompassing the whole ecosystem (user, operator, operating system, mobile application, and user and application data). Besides providing guidelines and best practices for the development of secure mobile applications, it also includes information on how to apply such solutions in Android and iOS mobile operating systems.

This chapter includes several techniques that can be applied by different players, including application developers (to design and develop secure mobile applications) and administrators of corporate systems (to enforce security policies on mobile devices). The myriad of uses for mobile devices raises security threats that require solutions involving the full chain: device manufactures (e.g., Samsung), services providers (e.g., Google with Play Store), applications developers, and consumers (end-users). As such, a broad perspective is required encompassing the design and development of secure mobile applications, including selection of appropriate platforms (operating systems, mobile devices, telco support, mobile device management frameworks), best practices for developing secure mobile applications, and a clear understanding of the different stakeholders’ roles in provisioning secure mobile applications. For instance, consumers need to understand the risks associated with different uses of their mobile device(s), and corporations need to provide adequate security mechanisms for their devices or for the devices owned by consumers but employed for professional activities—in line with the Bring Your Own Device (BYOD) paradigm, which extends the possibilities of mobile device use even in mission-critical scenarios [33], but leads to issues regarding the management of security by corporations.

Several security approaches can be pursued to prevent attacks (e.g., installation of malware), to monitor the behavior of applications and use of mobile devices (e.g., applications sending frequent data to remote sites without user permission) and to mitigate potential threats (e.g., malware accessing personal data). In particular, the Mobile Device and Application Management (MDAM) frameworks (e.g., Samsung Know, Android for Work) are essential tools for corporate environments, to enforce security policies.

1.2Security Risks and Open Challenges

The increased computing, communications, and interface capabilities have allowed mobile devices to progressively evolve towards becoming diversified digital assistants. Nevertheless, such newly acquired roles have also shown themselves to be a hindrance in terms of security as they have increased the value of the mobile device as a target for attackers.

The motivation for this chapter is many-fold. First, to bring users awareness of the security risks associated with the use of the mobile devices. Second, to provide an introduction to the security mechanisms that can be employed to prevent and mitigate security threats. Third, to highlight how corporations can manage devices and applications running in corporate devices or even accommodate new trends such as Bring Your Own Device, especially in mission critical scenarios such as public protection and disaster relief where security requirements are more stringent. Fourth, to discuss how device manufacturers can design and incorporate secu...

Cover
Half Title
Title Page
Copyright Page
Contents
Preface
Acknowledgments
Editors
Contributors
Chapter 1: An Introduction to Mobile Device Security
Chapter 2: Model-Driven Design of Connectivity-Aware Mobile Applications
Chapter 3: Mobile App Testing: Tools, Frameworks, and Challenges
Chapter 4: City Tour App: A Step-by-Step Development of an e-Commerce Platform
Chapter 5: Teaching Hygiene and Responsible Antibiotic Use through a Mobile Game for Children
Index

About this book

Frequently asked questions

Information

Table of contents