DCM: A Developers Certification Model for Mobile Ecosystems
Paulo Trezentos, Ricardo Capote, Tiago Teodoro, Jo\~ao Carneiro
TL;DR
This paper proposes DCM, a trust model inspired by SSL/TLS, to enhance app developer verification in Android and iOS ecosystems, supporting multiple app stores while maintaining user safety with minimal OS modifications.
Contribution
It introduces a distributed trust model for app developers that enables multiple app stores and improves security without major OS changes.
Findings
Supports coexistence of multiple app stores
Enhances trustworthiness of app developers
Inspired by SSL/TLS certification protocol
Abstract
This article introduces a distributed model of trust for app developers in Android and iOS mobile ecosystems. The model aims to allow the co-existence of multiple app stores and distribution channels while retaining a high level of safety for mobile device users and minimum changes to current mobile operating systems. The Developers Certification Model (DCM) is a trust model for Android and iOS that aims to distinguish legit applications from security threats to user safeness by answering the question: "is the developer of this app trustable"? It proposes security by design, where safety relies on a chain of trust mapping real-world levels of trust across organizations. For the technical implementation, DCM is heavily inspired by SSL/TLS certification protocol, as a proven model that has been working for over 30 years.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Access Control and Trust · Cloud Data Security Solutions