From Needs to Actions to Secure Apps? : The Effect of Requirements and Developer Practices on App Security

Weir, Charles and Hermann, Ben and Fahl, Sascha (2020) From Needs to Actions to Secure Apps? : The Effect of Requirements and Developer Practices on App Security. In: USENIX Security '20 Proceedings :. USENIX Association, USA, pp. 289-305. ISBN 9781939133175

[thumbnail of Paper: From Needs to Actions to Secure Apps]

Text (Paper: From Needs to Actions to Secure Apps)
SurveyPaper.pdf - Accepted Version
Available under License Creative Commons Attribution-NonCommercial-NoDerivs.
Download (1MB)

Abstract

Increasingly mobile device users are being hurt by security or privacy issues with the apps they use. App developers can help prevent this; inexpensive security assurance techniques to do so are now well established, but do developers use them? And if they do so, is that reflected in more secure apps? From a survey of 335 successful app developers, we conclude that less than a quarter of such professionals have access to security experts; that less than a third use assurance techniques regularly; and that few have made more than cosmetic changes as a result of the European GDPR legislation. Reassuringly, we found that app developers tend to use more assurance techniques and make more frequent security updates when (1) they see more need for security, and (2) there is security expert or champion involvement.

Item Type:

Contribution in Book/Report/Proceedings

Subjects:

?? mobile systems security; survey; mobile apps; developer centered security ??

Departments:

Faculty of Science and Technology > School of Computing & Communications

ID Code:

142148

Deposited By:

ep_importer_pure

Deposited On:

10 Mar 2020 09:30

Refereed?:

Yes

Published?:

Published

Last Modified:

27 Oct 2024 00:40

URI:

https://eprints.lancs.ac.uk/id/eprint/142148