Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Implementation and Security Evaluation of User-Customized Content in a Mobile Application
Linköping University, Department of Computer and Information Science.
2019 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Companies offering a service application targeting a broad audience often have difficulties meeting all user requirements since many users have unique needs. Allowing users to define and create content for service applications themselves, which addresses their specific needs, would be a welcomed solution. This would allow developers to focus on the main aspects of the service application, whereas the users themselves can include individual end-user aspects. User-customized content can be used as a selling point for the companies and opens up possibilities for providing a better user experience for each unique end user. This thesis describes the process of creating a prototype system that provides a solution for including user-customized content in a mobile application service system. First, we describe requirement elicitation followed by design and the actual implementation. Furthermore, security is a frequent topic whenever a digital application is discussed today. Therefore, the system creation process is followed up with an investigation of how the resulting application security aspect can be evaluated. After investigating different possibilities, a security evaluation case study on the application is performed. The results show a functioning system that allows customers to customize the content that is rendered inside a cross-platform mobile application. The results from the security evaluation investigation also show that the Open Web Application Security Project (OWASP) Mobile Security Testing Guide (MSTG) framework can be adapted and used for security evaluation of a cross-platform mobile application, even though it targets native applications. The resulting system satisfies most of the requirements for the targeted security level but does not satisfy all requirements for a normal production level mobile application according to the OWASP Mobile Application Security Verification Standard (MASVS). However, the results indicate that there is potential to reach the desired security level by adapting the system to use pure React Native with some native code additions.

Place, publisher, year, edition, pages
2019. , p. 68
National Category
Computer Engineering
Identifiers
URN: urn:nbn:se:liu:diva-158495ISRN: LIU-IDA/LITH-EX-A--19/053—SEOAI: oai:DiVA.org:liu-158495DiVA, id: diva2:1334227
External cooperation
Senion
Subject / course
Computer Engineering
Presentation
2019-06-13, Muhammad al-Khwarizmi, Linköpings universitet 581 83, Linköping, 13:15 (English)
Examiners
Available from: 2019-09-04 Created: 2019-07-02 Last updated: 2019-09-04Bibliographically approved

Open Access in DiVA

fulltext(4711 kB)13 downloads
File information
File name FULLTEXT01.pdfFile size 4711 kBChecksum SHA-512
c9ccf5ebe9b0c621a2613632bde527da4c9a1b5eed83161fc511cf90132a9a42f6b12be0b58a52283b80d6f0e3e1dc730baf00b39ee83ad3ccf98eaae2a34a14
Type fulltextMimetype application/pdf

By organisation
Department of Computer and Information Science
Computer Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 13 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 219 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf