Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Smartphone: Examination of TLS protocol in Appified World
Högskolan Väst, Institutionen för ingenjörsvetenskap, Avdelningen för data-, elektro- och lantmäteriteknik.
2015 (engelsk)Independent thesis Basic level (degree of Bachelor), 10 poäng / 15 hpOppgave
Abstract [en]

It is evident that users are more comfortable today with using mobile applications rather than web service since the rapid evolution of smartphone and communication services. Due to this, almost all companies have further enhanced, expanded and converted their services into mobile applications in order to accommodate their services with users needs.

Unfortunately, many studies have revealed that a huge amount of those applications are vulnerable to Man-In-The-Middle attack (MITMA) due to wrong coding or wrong configuration of SSL/TLS (Transport Layer Security) protocol which could leak data.

This study aims to highlight and examine the SSL/TLS protocol used by applications that are always connected from three different perspectives. Firstly, Android and iOS APIs, library and sample code were examined to evaluate the tools and code provided by both platforms. Secondly, applications were examined by applying the TLS implementation tips provided by both platforms and by performing MITMA on different users smartphones. Finally, the user behavior was examined by performing a live demo at the center of Gothenburg city to understand the users awareness of TLS certificate validation warning message.

The result concluded that misunderstanding of TLS implementation increases the level of unsecure applications that leak data. Performing different MITMA scenarios in this paper proved this. Also, both platforms suffer from high percentage of applications that uses HTTP rather than HTTPS.

The high percentage of found vulnerable applications during this study proves that developers are unaware to rightly implement the TLS protocol in smartphones applications.

Furthermore, the results of the live demo revealed that users are unaware of TLS warning message and are also unaware of how to secure their personal data

sted, utgiver, år, opplag, sider
2015. , s. 45
Emneord [en]
SSL, TLS, Smartphone, Security, MITMA
HSV kategori
Identifikatorer
URN: urn:nbn:se:hv:diva-7777Lokal ID: EXD500OAI: oai:DiVA.org:hv-7777DiVA: diva2:826939
Fag / kurs
Technology
Utdanningsprogram
Datateknisk systemutveckling
Veileder
Examiner
Tilgjengelig fra: 2015-08-17 Laget: 2015-06-26 Sist oppdatert: 2015-08-17bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler i DiVA

Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric

urn-nbn
Totalt: 112 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf