Sign In

Communications of the ACM

ACM TechNews

Researchers Hope to Secure Development of Mobile Apps With Faster Code Scans


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A representation of mobile apps.

Researchers at the Fraunhofer Institute are developing tools that will help evaluate or enhance the security of mobile apps.

Credit: Bizboostpros.com

Fraunhofer Institute researchers are developing three new tools to evaluate or enhance the security of mobile apps.

Appicaptor is a service to help businesses identify apps that threaten security or that could breach corporate data-protection policies.

App-Ray, which performs similar functions to Appicaptor, is available as either a hosted service or as a virtual machine IT departments can deploy on their own servers. "We find stuff that is not problematic per se, but may be a problem in a company environment," says Fraunhofer's Dennis Titze.

Meanwhile, CodeScan is still a prototype, and the researchers are adding to its ability to identify flaws in code through a combination of static and dynamic scanning. Fraunhofer's Eric Bodden says CodeScan runs within the Integrated Development Environment, and aims "to do that degree of analysis in a few milliseconds, as you save your code." CodeScan looks for flaws in the riskiest part of the code first, instead of performing a deep analysis of all the code, which saves time. "Most errors are in the misuse of APIs or in the area of data flow," Bodden notes.

He also says another big area of their research is privacy leaks, particularly sensitive data such as passwords.

From IDG News Service
View Full Article

 

Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account