ACM

Communications of the ACM

Home/News/Researchers Hope to Secure Development of Mobile Apps.../Full Text

ACM TechNews

Researchers Hope to Secure Development of Mobile Apps With Faster Code Scans

By IDG News Service
March 18, 2014
Comments

View as: Print Mobile App Share:

A representation of mobile apps. — Researchers at the Fraunhofer Institute are developing tools that will help evaluate or enhance the security of mobile apps.

Credit: Bizboostpros.com

Fraunhofer Institute researchers are developing three new tools to evaluate or enhance the security of mobile apps.

Appicaptor is a service to help businesses identify apps that threaten security or that could breach corporate data-protection policies.

App-Ray, which performs similar functions to Appicaptor, is available as either a hosted service or as a virtual machine IT departments can deploy on their own servers. "We find stuff that is not problematic per se, but may be a problem in a company environment," says Fraunhofer's Dennis Titze.

Meanwhile, CodeScan is still a prototype, and the researchers are adding to its ability to identify flaws in code through a combination of static and dynamic scanning. Fraunhofer's Eric Bodden says CodeScan runs within the Integrated Development Environment, and aims "to do that degree of analysis in a few milliseconds, as you save your code." CodeScan looks for flaws in the riskiest part of the code first, instead of performing a deep analysis of all the code, which saves time. "Most errors are in the misuse of APIs or in the area of data flow," Bodden notes.

He also says another big area of their research is privacy leaks, particularly sensitive data such as passwords.

From IDG News Service
View Full Article

No entries found

Researchers Hope to Secure Development of Mobile Apps With Faster Code Scans

Defending the Business

U.S. Copyright Office's Questions about Generative AI

Unlocking the Potential of Zero-Knowledge Proofs in Blockchain