Name
Abstract | ||
|---|---|---|
Mobile Cross-Platform Tools (CPTs) provide an alternative to native application development that allows mobile app developers to drastically reduce the development time and cost when targeting multiple platforms. They allow sharing a significant part of the application codebase between the implementations for the targeted platforms (e.g. Android, iOS, Windows Phone). Although CPTs provide significant benefits for developers, there can introduce several disadvantages. The CPT software layers and translation steps can impact the security of the produced applications. One of the most well-known and often-used CPTs is Cordova, formerly known as PhoneGap. Cordova has, over the years, taken several steps to reduce the attack surface and introduced several mechanisms that allow developers to increase the security of Cordova applications. This paper gives a statistical overview of the adoption of Cordova security best practices and mechanisms in Cordova applications downloaded from the Google Play Store. For the analysis, over a thousand Cordova application were downloaded. The research shows that the poor adoption of these mechanisms leads to a significant number of insecure Cordova applications. |
Year | DOI | Venue |
|---|---|---|
2017 | 10.1145/3098954.3103162 | ARES |
Keywords | Field | DocType |
Cordova, Mobile application development, Security, Google play | Codebase,World Wide Web,Attack surface,Best practice,Android (operating system),Computer science,Computer security,Implementation,Security analysis,Phone,Abstraction layer | Conference |
ISBN | Citations | PageRank |
978-1-4503-5257-4 | 0 | 0.34 |
References | Authors | |
7 | 3 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Michiel Willocx | 1 | 0 | 0.34 |
| Jan Vossaert | 2 | 13 | 5.00 |
| Vincent Naessens | 3 | 86 | 19.70 |