Home > Research > Publications & Outputs > From Needs to Actions to Secure Apps?

Electronic data

Links

View graph of relations

From Needs to Actions to Secure Apps?: The Effect of Requirements and Developer Practices on App Security

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published
Close
Publication date12/08/2020
Host publication USENIX Security '20 Proceedings
PublisherUSENIX Association
Pages289-305
Number of pages17
ISBN (print)9781939133175
<mark>Original language</mark>English
EventUSENIX Security '20 - Boston, United States
Duration: 12/08/202014/08/2020
Conference number: 29

Conference

ConferenceUSENIX Security '20
Abbreviated titleUSENIX Security
Country/TerritoryUnited States
CityBoston
Period12/08/2014/08/20

Conference

ConferenceUSENIX Security '20
Abbreviated titleUSENIX Security
Country/TerritoryUnited States
CityBoston
Period12/08/2014/08/20

Abstract

Increasingly mobile device users are being hurt by security or privacy issues with the apps they use. App developers can help prevent this; inexpensive security assurance techniques to do so are now well established, but do developers use them? And if they do so, is that reflected in more secure apps? From a survey of 335 successful app developers, we conclude that less than a quarter of such professionals have access to security experts; that less than a third use assurance techniques regularly; and that few have made more than cosmetic changes as a result of the European GDPR legislation. Reassuringly, we found that app developers tend to use more assurance techniques and make more frequent security updates when (1) they see more need for security, and (2) there is security expert or champion involvement.