Ponencia
Guidelines towards secure SSL pinning in mobile applicationsand
Autor/es | Ramírez López, Francisco José
Varela Vaca, Ángel Jesús Ropero Rodríguez, Jorge Carrasco Muñoz, Alejandro |
Coordinador/Director | Caro Lindo, Andrés
García Villalba, Luis Javier Sandoval Orozco, Ana Lucila |
Departamento | Universidad de Sevilla. Departamento de Lenguajes y Sistemas Informáticos Universidad de Sevilla. Departamento de Tecnología Electrónica |
Fecha de publicación | 2019 |
Fecha de depósito | 2020-06-02 |
Publicado en |
|
ISBN/ISSN | 978-84-09-12121-2 |
Resumen | Security is a major concern in web applications
for so long, but it is only recently that the use of mobile
applications has reached the level of web services. This way,
we are taking OWASP Top 10 Mobile as our starting ... Security is a major concern in web applications for so long, but it is only recently that the use of mobile applications has reached the level of web services. This way, we are taking OWASP Top 10 Mobile as our starting point to secure mobile applications. Insecure communication is one of the most important topics to be considered. In fact, many mobile applications do not even implement SSL/TLS validations or may have SSL/TLS vulnerabilities. This paper explains how an application can be fortified using secure SSL pinning, and offers a three-step process as an improvement of OWASP Mobile recommendations to avoid SSL pinning bypassing. Therefore, following the process described in this paper, mobile application developers may establish a secure SSL/TLS communication. |
Identificador del proyecto | ECLIPSE RTI2018-094283-B-C33 |
Cita | Ramírez López, F., Varela Vaca, Á.J., Ropero Rodríguez, J. y Carrasco Muñoz, A. (2019). Guidelines towards secure SSL pinning in mobile applicationsand. En V Jornadas Nacionales de Investigación en Ciberseguridad (JNIC 2019) (203-), Cáceres (España): Universidad de Extremadura. |
Ficheros | Tamaño | Formato | Ver | Descripción |
---|---|---|---|---|
ropero-rodriguez_ponencia_cace ... | 388.8Kb | [PDF] | Ver/ | |