Abstract
With the advancement in technology, the installation and usage of diverse applications and softwares on various Operating Systems (OS) have become a very common practice. Owing to technical flaws, misconfigurations, hidden vulnerabilities etc, these applications/ softwares are highly susceptible to cyber-attacks. The installation of such applications on critical systems may compromise the security of the systems as well as the resident data. Numerous standards and guidelines already exist that help determine the authenticity of software applications, but they are very specific to an OS or a single point of check. Furthermore, the tools, available in this regard, are used to target a very specific issue while others are not freely available. This research work, after the critical analysis of such frameworks and tools, proposes an integrated framework to check the application's authenticity before its installation. It covers the aspects of confidentiality, integrity, availability and authentication. This is a general framework for all kinds of organizations, but critical organizations with high security objectives specifically, may use this framework to increase their security. The framework has been applied and validated on data sets of six PDF readers, taken from "CVE Details".
Original language | English |
---|---|
Pages (from-to) | 268-275 |
Number of pages | 8 |
Journal | Procedia Computer Science |
Volume | 155 |
DOIs | |
Publication status | Published - 2019 |
Externally published | Yes |
Event | 16th International Conference on Mobile Systems and Pervasive Computing, MobiSPC 2019, 14th International Conference on Future Networks and Communications, FNC 2019, 9th International Conference on Sustainable Energy Information Technology, SEIT 2019 - Halifax, Canada Duration: Aug 19 2019 → Aug 21 2019 |
Keywords
- Applications' credibility
- Authenticity
- Cyber security
- Risk Analysis
- Vulnerability analysis
ASJC Scopus subject areas
- General Computer Science