Mobile Software Assurance Informed through Knowledge Graph Construction: The OWASP Threat of Insecure Data Storage
作者机构:St.John's UniversityUnited States Pace UniversityUnited States
出 版 物:《Journal of Computer Science Research》 (计算机科学研究(英文))
年 卷 期:2020年第2卷第2期
页 面:17-29页
学科分类:08[工学] 0812[工学-计算机科学与技术(可授工学、理学学位)]
主 题:Cybersecurity Secure software development Penetration testing Risk assessment
摘 要:Many organizations,to save costs,are moving to the Bring Your Own Mobile Device(BYOD)model and adopting applications built by third-parties at an unprecedented *** research examines software assurance methodologies specifically focusing on security analysis coverage of the program analysis for mobile malware detection,mitigation,and *** research focuses on secure software development of Android applications by developing knowledge graphs for threats reported by the Open Web Application Security Project(OWASP).OWASP maintains lists of the top ten security threats to web and mobile *** develop knowledge graphs based on the two most recent top ten threat years and show how the knowledge graph relationships can be discovered in mobile application source *** analyze 200+healthcare applications from GitHub to gain an understanding of their software assurance of their developed software for one of the OWASP top ten mobile threats,the threat of“Insecure Data Storage.We find that many of the applications are storing personally identifying information(PII)in potentially vulnerable places leaving users exposed to higher risks for the loss of their sensitive data.
维普期刊数据库