dc.contributor.editor | Caro Lindo, Andrés | es |
dc.contributor.editor | García Villalba, Luis Javier | es |
dc.contributor.editor | Sandoval Orozco, Ana Lucila | es |
dc.creator | Ramírez López, Francisco José | es |
dc.creator | Varela Vaca, Ángel Jesús | es |
dc.creator | Ropero Rodríguez, Jorge | es |
dc.creator | Carrasco Muñoz, Alejandro | es |
dc.date.accessioned | 2020-06-02T08:33:30Z | |
dc.date.available | 2020-06-02T08:33:30Z | |
dc.date.issued | 2019 | |
dc.identifier.citation | Ramírez López, F., Varela Vaca, Á.J., Ropero Rodríguez, J. y Carrasco Muñoz, A. (2019). Guidelines towards secure SSL pinning in mobile applicationsand. En V Jornadas Nacionales de Investigación en Ciberseguridad (JNIC 2019) (203-), Cáceres (España): Universidad de Extremadura. | |
dc.identifier.isbn | 978-84-09-12121-2 | es |
dc.identifier.uri | https://hdl.handle.net/11441/97330 | |
dc.description.abstract | Security is a major concern in web applications
for so long, but it is only recently that the use of mobile
applications has reached the level of web services. This way,
we are taking OWASP Top 10 Mobile as our starting point
to secure mobile applications. Insecure communication is one
of the most important topics to be considered. In fact, many
mobile applications do not even implement SSL/TLS validations
or may have SSL/TLS vulnerabilities. This paper explains how
an application can be fortified using secure SSL pinning, and
offers a three-step process as an improvement of OWASP Mobile
recommendations to avoid SSL pinning bypassing. Therefore,
following the process described in this paper, mobile application
developers may establish a secure SSL/TLS communication. | es |
dc.description.sponsorship | Ministry of Science and Technology of Spain ECLIPSE RTI2018-094283-B-C33 | es |
dc.description.sponsorship | Junta de Andalucía the PIRAMIDE and METAMORFOSIS projects | es |
dc.description.sponsorship | European Regional Development Fund (ERDF/FEDER) | es |
dc.description.sponsorship | Universidad de Sevilla Cátedra de Telefónica “Inteligencia en la red“ | es |
dc.format | application/pdf | es |
dc.format.extent | 7 p. | es |
dc.language.iso | eng | es |
dc.publisher | Universidad de Extremadura | es |
dc.relation.ispartof | V Jornadas Nacionales de Investigación en Ciberseguridad (JNIC 2019) (2019), p 203-. | |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Internacional | * |
dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/ | * |
dc.subject | SSL pinning | es |
dc.subject | Security | es |
dc.subject | Mobile applications | es |
dc.subject | Certificate | es |
dc.subject | OWASP | es |
dc.title | Guidelines towards secure SSL pinning in mobile applicationsand | es |
dc.type | info:eu-repo/semantics/conferenceObject | es |
dcterms.identifier | https://ror.org/03yxnpp24 | |
dc.type.version | info:eu-repo/semantics/publishedVersion | es |
dc.rights.accessRights | info:eu-repo/semantics/openAccess | es |
dc.contributor.affiliation | Universidad de Sevilla. Departamento de Lenguajes y Sistemas Informáticos | es |
dc.contributor.affiliation | Universidad de Sevilla. Departamento de Tecnología Electrónica | es |
dc.relation.projectID | ECLIPSE RTI2018-094283-B-C33 | es |
dc.relation.publisherversion | https://2019.jnic.es/Actas_JNIC2019.pdf | es |
dc.contributor.group | Universidad de Sevilla. TIC258: Data-Centric Computing Research Hub | es |
dc.contributor.group | Universidad de Sevilla. TIC150: Tecnología Electrónica e Informática Industrial | es |
dc.publication.initialPage | 203 | es |
dc.eventtitle | V Jornadas Nacionales de Investigación en Ciberseguridad (JNIC 2019) | es |
dc.eventinstitution | Cáceres (España) | es |
dc.relation.publicationplace | Cáceres | es |