مشخصات مقاله | |
ترجمه عنوان مقاله | امنیت ذخیره سازی داده های اندروید: بازبینی |
عنوان انگلیسی مقاله | Android data storage security: A review |
انتشار | مقاله سال 2018 |
تعداد صفحات مقاله انگلیسی | 10 صفحه |
هزینه | دانلود مقاله انگلیسی رایگان میباشد. |
پایگاه داده | نشریه الزویر |
نوع نگارش مقاله |
مقاله مروری (review article) |
مقاله بیس | این مقاله بیس نمیباشد |
نمایه (index) | scopus – DOAJ – Master ISC |
نوع مقاله | ISI |
فرمت مقاله انگلیسی | |
شاخص H_index | 13 در سال 2018 |
شاخص SJR | 0.435 در سال 2018 |
رشته های مرتبط | مهندسی کامپیوتر |
گرایش های مرتبط | مهندسی نرم افزار، امنیت اطلاعات |
نوع ارائه مقاله |
ژورنال |
مجله / کنفرانس | مجله دانشگاه شاه سعود – علوم کامپیوتر و اطلاعات – Journal of King Saud University – Computer and Information Sciences |
دانشگاه | Department of Information Technology – King Saud University – Saudi Arabia |
کلمات کلیدی | امنیت اندروید، ذخیره سازی داده های اندروید، تهدیدات فیزیکی، تهدیدات نرم افزاری، رمزگذاری اندروید |
کلمات کلیدی انگلیسی | Android security, Android data storage, Physical threats, Software threats, Android encryption |
شناسه دیجیتال – doi |
https://doi.org/10.1016/j.jksuci.2018.07.004 |
کد محصول | E10141 |
وضعیت ترجمه مقاله | ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید. |
دانلود رایگان مقاله | دانلود رایگان مقاله انگلیسی |
سفارش ترجمه این مقاله | سفارش ترجمه این مقاله |
فهرست مطالب مقاله: |
Abstract Keywords 1 Introduction 2 Android data storage model 3 Android data storage threat model 4 Solutions for Android data storage threats 5 Conclusion References |
بخشی از متن مقاله: |
abstract
The broad adoption of smartphones has superseded the desktop computers and laptops as a primary computing platform, due to mobility, constant connectivity and application diversity. Mobile devices encompass storage of extensive information including sensitive ones such as authentication credentials, pictures, videos, personal data, work information, and many more. Thus, securing data stored on mobile devices becomes a critical issue. In this review, we investigate the security of Android storage model between 2013 and 2018. Several threats are found in the literature that can be categorized as physical or software threats. Additionally, the existing solutions for each category are highlighted. Although Android provides valuable encryption systems including full disk encryption and keychain to enhance the data storage security, the encryption key, which is stored in the device, is still vulnerable to physical threats. Introduction According to ‘‘Mobile Security Project” under ‘‘The Open Web Application Security Project (OWASP)” (‘‘OWASP Mobile Security Project – OWASP”, Owasp.org, 2016), insecure data storage is one of the leading top 10 security issues in smartphones since sensitive information can be revealed if it is not protected carefully. Unskilled Developers assume that access to the internal memory stores cannot be gained, but an attacker who accesses the device physically can attach the phone to a computer and retrieve sensitive personal information. Moreover, malware applications (apps) and legitimate vulnerable apps can be a threat to sensitive information leakage. A Trojan horse hidden behind legitimate app can perform imperceptible activities with the aim to steal user’s information. Furthermore, attackers who want to access the data might exploit vulnerable apps, such as apps with over-privileged permissions. Smartphone security has been subjected to intensive research work in the past years. Existing review papers presents the state of the art of popular smartphone operating systems (Khan et al., 2015) (Ahvanooey et al., 2017) (Zaidi et al., 2016). Khan et al. showed that mobile malware, similar to Personal Computer (PC) malware, can cause system corruption or reveal private user information (Khan et al., 2015). Also, they demonstrated vital points to ensure mobile security based on restricting malicious activities at several levels; application developer level, application’s store level, and operating system level. Different types of mobile operating systems and software attacks have been discussed in (Ahvanooey et al., 2017). The authors provided a comprehensive overview of mobile threats, vulnerabilities, and countermeasures by reviewing published papers during the period 2011–2017. Authors in (Zaidi et al., 2016) studied smartphone security within 2010–2015. The authors categorized attacks into old and new attacks and presented possible solutions for each category. Moreover, they showed an estimation of mobile malware growth in 2020. |