Home > Research > Publications & Outputs > From Needs to Actions to Secure Apps?

Research

Associated organisational units

Electronic data

Links

Keywords

View graph of relations

From Needs to Actions to Secure Apps?: The Effect of Requirements and Developer Practices on App Security

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published

Standard

From Needs to Actions to Secure Apps? The Effect of Requirements and Developer Practices on App Security. / Weir, Charles; Hermann, Ben; Fahl, Sascha.
USENIX Security '20 Proceedings. USENIX Association, 2020. p. 289-305.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Harvard

Weir, C, Hermann, B & Fahl, S 2020, From Needs to Actions to Secure Apps? The Effect of Requirements and Developer Practices on App Security. in USENIX Security '20 Proceedings. USENIX Association, pp. 289-305, USENIX Security '20, Boston, Massachusetts, United States, 12/08/20. <https://www.usenix.org/conference/usenixsecurity20/presentation/weir>

APA

Weir, C., Hermann, B., & Fahl, S. (2020). From Needs to Actions to Secure Apps? The Effect of Requirements and Developer Practices on App Security. In USENIX Security '20 Proceedings (pp. 289-305). USENIX Association. https://www.usenix.org/conference/usenixsecurity20/presentation/weir

Vancouver

Weir C, Hermann B, Fahl S. From Needs to Actions to Secure Apps? The Effect of Requirements and Developer Practices on App Security. In USENIX Security '20 Proceedings. USENIX Association. 2020. p. 289-305

Author

Weir, Charles ; Hermann, Ben ; Fahl, Sascha. / From Needs to Actions to Secure Apps? The Effect of Requirements and Developer Practices on App Security. USENIX Security '20 Proceedings. USENIX Association, 2020. pp. 289-305

Bibtex

@inproceedings{0a0613a5fafd4cada77e1a2c531c53c5,
title = "From Needs to Actions to Secure Apps?: The Effect of Requirements and Developer Practices on App Security",
abstract = "Increasingly mobile device users are being hurt by security or privacy issues with the apps they use. App developers can help prevent this; inexpensive security assurance techniques to do so are now well established, but do developers use them? And if they do so, is that reflected in more secure apps? From a survey of 335 successful app developers, we conclude that less than a quarter of such professionals have access to security experts; that less than a third use assurance techniques regularly; and that few have made more than cosmetic changes as a result of the European GDPR legislation. Reassuringly, we found that app developers tend to use more assurance techniques and make more frequent security updates when (1) they see more need for security, and (2) there is security expert or champion involvement.",
keywords = "Mobile systems security; survey; mobile apps; developer centered security",
author = "Charles Weir and Ben Hermann and Sascha Fahl",
year = "2020",
month = aug,
day = "12",
language = "English",
isbn = "9781939133175",
pages = "289--305",
booktitle = "USENIX Security '20 Proceedings",
publisher = "USENIX Association",
note = "USENIX Security '20, USENIX Security ; Conference date: 12-08-2020 Through 14-08-2020",

}

RIS

TY - GEN

T1 - From Needs to Actions to Secure Apps?

T2 - USENIX Security '20

AU - Weir, Charles

AU - Hermann, Ben

AU - Fahl, Sascha

N1 - Conference code: 29

PY - 2020/8/12

Y1 - 2020/8/12

N2 - Increasingly mobile device users are being hurt by security or privacy issues with the apps they use. App developers can help prevent this; inexpensive security assurance techniques to do so are now well established, but do developers use them? And if they do so, is that reflected in more secure apps? From a survey of 335 successful app developers, we conclude that less than a quarter of such professionals have access to security experts; that less than a third use assurance techniques regularly; and that few have made more than cosmetic changes as a result of the European GDPR legislation. Reassuringly, we found that app developers tend to use more assurance techniques and make more frequent security updates when (1) they see more need for security, and (2) there is security expert or champion involvement.

AB - Increasingly mobile device users are being hurt by security or privacy issues with the apps they use. App developers can help prevent this; inexpensive security assurance techniques to do so are now well established, but do developers use them? And if they do so, is that reflected in more secure apps? From a survey of 335 successful app developers, we conclude that less than a quarter of such professionals have access to security experts; that less than a third use assurance techniques regularly; and that few have made more than cosmetic changes as a result of the European GDPR legislation. Reassuringly, we found that app developers tend to use more assurance techniques and make more frequent security updates when (1) they see more need for security, and (2) there is security expert or champion involvement.

KW - Mobile systems security; survey; mobile apps; developer centered security

M3 - Conference contribution/Paper

SN - 9781939133175

SP - 289

EP - 305

BT - USENIX Security '20 Proceedings

PB - USENIX Association

Y2 - 12 August 2020 through 14 August 2020

ER -