PHRiMA: A permission-based hybrid risk management framework for android apps
作者: Xinwen HuYi Zhuang
作者单位: 1The College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, No. 29 Jiangjun Rd., Nanjing, Jiangsu 211106, China
刊名: Computers & Security, 2020, Vol.94
来源数据库: Elsevier Journal
DOI: 10.1016/j.cose.2020.101791
关键词: Android appsModel-based risk managementMARTE profileUML extensionZ notation
原始语种摘要: Abstract(#br)Android applications (apps) are ubiquitous, operate in complex environment. Managing their risk at the early stage of software development can effectively reduce potential security flaws, testing and maintenance cost, thus becomes an important challenge in model-based development (MBD). This paper introduces a P ermission-based H ybrid Ri sk M anagement framework for A ndroid apps (PHRiMA), which is a novel guided framework to perform risk management on Android apps by evaluating the permission-based software design. This framework customizes the standard risk management process of ISO/IEC 27005 :2018 as a hybrid of the semi-formal modeling phase and the formal analysis phase. In the semi-formal phase, a R isk A nalysis and M odeling (RAM) package based on UML/MARTE is...
全文获取路径: Elsevier  (合作)
影响因子:1.158 (2012)

  • android 男性样的
  • permission 许可
  • based 基于
  • framework 构架
  • management 管理
  • formal 形式的
  • software 软件
  • security 可靠性
  • development 开发
  • modeling 制祝型