software components for secure mobile web application
play

Software Components for Secure Mobile Web Application Platforms - PowerPoint PPT Presentation

Jun 23, 2023 •435 likes •531 views

Software Components for Secure Mobile Web Application Platforms Patrik Persson & Bjrn Johansson Ericsson Research Mobile Platforms, Lund, Sweden About us Ericsson Research in Lund, Sweden Device security, application

  1. Software Components for Secure Mobile Web Application Platforms Patrik Persson & Björn Johansson Ericsson Research Mobile Platforms, Lund, Sweden

  2. About us  Ericsson Research in Lund, Sweden – Device security, application environments, ... – Working tightly with Ericsson Mobile Platforms (EMP)  EMBRACE: Ericsson Mobile Browser Research And Cool Extensions – Prototype Widget-based terminal – EMP 3G platform, Linux kernel, Webkit, W3C- style Widgets W3C workshop, London 2 2008-12-11

  3. Motivation: Separation of concerns  Need separation of – Platform – Browser engine – Device APIs – Access control  Need a vendor-neutral access control mechanism – Assuming policy defined by operator, manufacturer, community, or other  Software component technology W3C workshop, London 3 2008-12-11

  4. Why software components?  Software component models – Separation of platform and application (separate address spaces possible) – Single entry point  centralized access control (method interception) – Can be fairly light-weight (e.g., COM/ECM)  Interfaces described in IDL (interface description language) – Translated to glue code in JavaScript, C/C++, Java, ... – Language independence (with limitations) W3C workshop, London 4 2008-12-11

  5. COM/IDL translation example Interface Description Language Generated proxy (IDL) (JavaScript) interface ICall { function ICall (...) { int start (char * nbr); function start (nbr) { ... }; void stop (int session); function stop (session) { ... }; void answer (int session); function answer (session) { ... }; void reject (int session); function reject (session) { ... }; } }  Automatic IDL-to-JavaScript translator – COM interface instances  JavaScript proxy components – COM callback interfaces  JavaScript event handlers  Some IDL limitations apply (e.g., regarding void*) W3C workshop, London 5 2008-12-11

  6. Basic architecture JavaScript apps Application Layer Javascript (possibly Implements (de-facto) standard APIs untrusted) Shim Layer in terms of platform primitives Maintains identity of currently Context Layer executing application Trusted Access decision: Access Control Layer platform Map interface  required access domain API functionality Platform Layer W3C workshop, London 6 2008-12-11

  7. Conclusions  Advantages – Separation of concerns – Language independence (C/C++, Java, JavaScript, Python, Ruby, ...) – Single entry point  centralized access control – ECM (COM-like) proven in mobile devices  Challenges – Maintaining run-time identity – Dynamically downloadable shim layers? – Performance & footprint – User experience W3C workshop, London 7 2008-12-11

  8. W3C workshop, London 8 2008-12-11

Recommend

CS371m - Mobile Computing Anatomy of an Android App and the App Lifecycle Application Components

CS371m - Mobile Computing Anatomy of an Android App and the App Lifecycle Application Components

CS371m - Mobile Computing Anatomy of an Android App and the App Lifecycle Application Components four primary components (plus one) different purposes and different lifecycles Activity single screen with a user interface, app may

646 views • 33 slides
iOS App Components CS 4720 Mobile Application Development CS 4720 iOS Architecture CS 4720

iOS App Components CS 4720 Mobile Application Development CS 4720 iOS Architecture CS 4720

iOS App Components CS 4720 Mobile Application Development CS 4720 iOS Architecture CS 4720 2 Building Blocks UIApplication The main entry point for your app Each app has exactly one instance of this class Provides the

427 views • 25 slides
SECURE PROGRAMMING A.A. 2018/2019 TERMINOLOGY System, Social and Mobile Security SECURITY FLAWS

SECURE PROGRAMMING A.A. 2018/2019 TERMINOLOGY System, Social and Mobile Security SECURITY FLAWS

SECURE PROGRAMMING A.A. 2018/2019 TERMINOLOGY System, Social and Mobile Security SECURITY FLAWS Software engineering has long been concerned with the elimination of software defects. A software defect is the encoding of a human error into

1.75k views • 156 slides
Android'Applica,on'Components:' Lifecycle'and'State' ' Mobile'and'Ubiquitous'Compu,ng'

Android'Applica,on'Components:' Lifecycle'and'State' ' Mobile'and'Ubiquitous'Compu,ng'

Android'Applica,on'Components:' Lifecycle'and'State' ' Mobile'and'Ubiquitous'Compu,ng' MEIC/MERC'2015/16' ' ' Nuno'Santos' 1.#APPLICATION#COMPONENTS# Mobile'and'Ubiquitous'Compu,ng'2015/16' Android'Components'

704 views • 35 slides
Engineering Secure Software The Basics of Software Security Terminology Vulnerabilities Trust

Engineering Secure Software The Basics of Software Security Terminology Vulnerabilities Trust

Engineering Secure Software The Basics of Software Security Terminology Vulnerabilities Trust Boundary Attacks Threats Application Attacker Exploit Vulnerability : a software defect with security consequences Threat : a potential danger to

1.54k views • 80 slides
Secure Mobile Mobile Gambling Gambling Secure RSA Conference 2001 San Francisco,

Secure Mobile Mobile Gambling Gambling Secure RSA Conference 2001 San Francisco,

Secure Mobile Mobile Gambling Gambling Secure RSA Conference 2001 San Francisco, California, April 2001 Markus Jakobsson David Pointcheval David Pointcheval Adam Young Dept dInformatique Lockheed Martin Bell Laboratories Lucent

429 views • 7 slides
Applied Cryptography (Pt. 1) Engineering Secure Software Last Revised: October 13, 2020

Applied Cryptography (Pt. 1) Engineering Secure Software Last Revised: October 13, 2020

Applied Cryptography (Pt. 1) Engineering Secure Software Last Revised: October 13, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 Networks, Cryptography, and You Most application developers Dont implement networking

333 views • 30 slides
Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key

Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key

Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key Components SKE, MAC Public-Key Components PKE, Digital Signatures Building blocks: Block-ciphers (AES), Hash-functions (SHA-3), Trapdoor PRG/OWP for PKE

1.07k views • 72 slides
Mobile Edge Computing Wei-Yu Chen Outline 5G Communication Components Computation

Mobile Edge Computing Wei-Yu Chen Outline 5G Communication Components Computation

Mobile Edge Computing Wei-Yu Chen Outline 5G Communication Components Computation Offloading Mobility Management and Service Migration 5G Communication Components Software Defined Network(SDN) Network Function

621 views • 23 slides
Secure Web Application Development METHODOLOGIES AND AUTOMATED TOOLS MURAT KAYA SOFTWARE

Secure Web Application Development METHODOLOGIES AND AUTOMATED TOOLS MURAT KAYA SOFTWARE

Secure Web Application Development METHODOLOGIES AND AUTOMATED TOOLS MURAT KAYA SOFTWARE SECURITY SPECIALIST Agenda Software Security Overview Software Security Methodologies Security Test Methods Analysis Tools Tools

497 views • 25 slides
Secure Scalable CCT Secure Scalable CCTV, Mobile, and W Mobile, and Wearable earable Video F

Secure Scalable CCT Secure Scalable CCTV, Mobile, and W Mobile, and Wearable earable Video F

WSB-2017 17 J January 2 2017 17 Secure Scalable CCT Secure Scalable CCTV, Mobile, and W Mobile, and Wearable earable Video F Video Face R ce Recognition cognition Brian Lo Brian Lovell ll The Univer The Univ ersity of Queensland

784 views • 62 slides
CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and

CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and

CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and Design 8 January 2019 OSU CSE 1 Restated Learning Outcomes Theme 1: software engineering concepts Be familiar with sound software engineering

535 views • 17 slides
What is Secure? Engineering Secure Software Last Revised: August 19, 2020 SWEN-331: Engineering

What is Secure? Engineering Secure Software Last Revised: August 19, 2020 SWEN-331: Engineering

What is Secure? Engineering Secure Software Last Revised: August 19, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 Recent Security Incidents Garmin Ransomware -- $10 million Sync servers down for many days

506 views • 21 slides
Secure Mobile Ad-hoc Interactions: Reasoning About Out-Of-Band (OOB) Channels Ronald Kainda, Ivan

Secure Mobile Ad-hoc Interactions: Reasoning About Out-Of-Band (OOB) Channels Ronald Kainda, Ivan

Introduction Framework Application Conclusion Secure Mobile Ad-hoc Interactions: Reasoning About Out-Of-Band (OOB) Channels Ronald Kainda, Ivan Flechais, A.W. Roscoe International Workshop on Security and Privacy in Spontaneous Interaction

539 views • 17 slides
CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Mobile Security Issues Introduction So many cool mobile apps Access to web, personal information, social media, etc

1.05k views • 55 slides
The NAI Mobile Application Code: Extending Third-Party Compliance into the Mobile Ecosystem Why

The NAI Mobile Application Code: Extending Third-Party Compliance into the Mobile Ecosystem Why

The NAI Mobile Application Code: Extending Third-Party Compliance into the Mobile Ecosystem Why a Mobile Application Code? Extend the NAI compliance program into the mobile application space Provide extra flexibility for this rapidly

319 views • 18 slides
CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and

CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and

CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and Design 7 January 2020 OSU CSE 1 Welcome to CSE 2231! Class attendance is required . You will be allowed 4 lecture absences and 4 lab

863 views • 7 slides
Network Components Component Names Component Function Example Application, or app, user Uses

Network Components Component Names Component Function Example Application, or app, user Uses

Network Components Component Names Component Function Example Application, or app, user Uses the network Skype, iTunes, Amazon Host, or end-system, edge Supports apps Laptop, mobile, desktop device, node, source, sink Router, or switch,

1.25k views • 37 slides
Why Components? Software components are binary units of independent production, acquisition,

Why Components? Software components are binary units of independent production, acquisition,

Why Components? Software components are binary units of independent production, acquisition, and deployment that interact to form a functioning system (Szyperski 1997) The rationale behind component software: Largely pushed by desktop

475 views • 13 slides
Why Components? Software components are binary units of independent production, acquisition,

Why Components? Software components are binary units of independent production, acquisition,

Why Components? Software components are binary units of independent production, acquisition, and deployment that interact to form a functioning system (Szyperski 1997) The rationale behind component software: Largely pushed by desktop

768 views • 25 slides
Software components software re-use libraries, etc. inter-language linkage the

Software components software re-use libraries, etc. inter-language linkage the

Software components software re-use libraries, etc. inter-language linkage the Microsoft way COM: the Component Object Model Visual Basic: scripting, embedding, viruses .NET C# other approaches to components

442 views • 5 slides
VoltMobi LLC. Mobile application and information system development About VoltMobi LLC.

VoltMobi LLC. Mobile application and information system development About VoltMobi LLC.

VoltMobi LLC. Mobile application and information system development About VoltMobi LLC. Founded in 2011 in Russia, Moscow. Custom software development and own projects. Focus: mobile applications development. 35+ employees. 60+

372 views • 20 slides
A software stack for mobile devices: OS kernel, system libraries, application frameworks &

A software stack for mobile devices: OS kernel, system libraries, application frameworks &

A software stack for mobile devices: OS kernel, system libraries, application frameworks & key apps Android SDK for creating apps Libraries & development tools Lots of documentation. Start browsing today! See:

1.17k views • 75 slides
distinct components Call centre services - Ansaback Software - CallScripter Network

distinct components Call centre services - Ansaback Software - CallScripter Network

Our business is split into the following distinct components Call centre services - Ansaback Software - CallScripter Network telephony services - IP3 Telecom Secure credit card payments - PCI-PAL ABOUT OUR COMPANY IPPlus PLC

849 views • 40 slides

More recommend