Risk-driven security metrics for an Android smartphone application

Research output: Contribution to journalArticleScientificpeer-review

Abstract

Security management in Android smartphone platforms is a challenge. This challenge can be overcome at least partially by developing systematically risk-driven security objectives and controls for the target system, and determining how to offer sufficient evidence of its security performance via metrics. The target system of our investigation is an Android platform utilised for public safety and security mobile networks. We develop and analyse the security objectives and controls for these systems based on a technological risk analysis. In addition, we investigate how effective and efficient security metrics can be developed for the target system, and describe implementation details of enhanced security controls for authentication, authorisation, and integrity objectives. Our analysis includes implementation details of selected security controls and a discussion of their security effectiveness. It also includes conceptualisation and description of adaptive security for an Android platform which can improve the flexibility and effectiveness of these security controls and end-users confidence in service providers.
Original languageEnglish
Pages (from-to)297-324
Number of pages28
JournalInternational Journal of Electronic Business
Volume15
Issue number4
DOIs
Publication statusPublished - Nov 2020
MoE publication typeA1 Journal article-refereed

Keywords

  • android
  • security objectives
  • security metrics
  • security effectiveness
  • risk analysis

Fingerprint Dive into the research topics of 'Risk-driven security metrics for an Android smartphone application'. Together they form a unique fingerprint.

Cite this