Enabling trusted stores for android.

In the Android ecosystem, the process of verifying the integrity of downloaded apps is left to the user. Different from other systems, e.g., Apple App Store, Google does not provide any certified vetting process for the Android apps. This choice has a lot of advantages but it is also the open door to possible attacks as the recent one shown by Bluebox. To address this issue, this demo presents how to enable the deployment of application certification service, we called TruStore, for the Android platform. In our approach, the TruStore client enabled on the end-user device ensures that only the applications, which have been certified by the TruStore server, are installed on the user smartphone. We envisage trusted markets (TruStore servers, which can be, e.g., corporate application markets) that guarantee security by enabling an application vetting process. The TruStore infrastructure maintains the open nature of the Android ecosystem and requires minor modifications to Android stack. Moreover, it is backward-compatible and transparent for developers, and does not change the application management process on a device.



Titolo: Enabling trusted stores for android.
Autori: Y. Zhauniarovich; O. Gadyatskaya; B. Crispo
Autori Unitn: 
Zhauniarovich, Yury
Crispo, Bruno
mostra contributor esterni 
Titolo del volume contenente il saggio: ACM Conference on Computer and Communications Security
Luogo di edizione: USA
Casa editrice: ACM
Anno di pubblicazione: 2013
Codice identificativo Scopus: 2-s2.0-84889046937
ISBN: 978-1-4503-2477-9
Handle: http://hdl.handle.net/11572/67397
Appare nelle tipologie:04.1 Saggio in atti di convegno (Paper in proceedings)

File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
 
 
 
Powered by IRIS-about IRIS-Utilizzo dei cookie
Logo CINECA  Copyright © 2020