Propuesta metodológica de evaluación de seguridad para aplicaciones de Mobile Cloud Computing

Authors

Keywords:

cloud computing, mobile cloud computing, MCC, quality, security

Abstract

Mobile devices are increasingly used to perform complex tasks due to technological advances in mobile devices. However, there are issues that limit their use in processes that demand a lot of resources due to their processing limitations, the charge cycle of the battery among others. Hence a suitable option is the use of cloud computing to perform tasks of high complexity and transfer the results to the mobile device. Mobile Cloud Computing has become a good and appropriate solution. Given its adoption in many applications, the issue of security has been considered a critical issue, which is often the main limitation for its massive acceptance. This paper proposes a methodology for evaluating mobile applications based on cloud computing platforms. To do so, we propose a quality model based on the characteristics of ISO/IEC 25010, and designed finally a formal methodology with the help of the SPEM 2 (Software & System Process Engineering Meta-Model Specification V2.0) notation. This article can be of support when carrying out security studies in this area.

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...

References

About the Google Apps Device Policy for Android - Google Apps Help. (2016). Disponible en https://support.google.com/a/users/answer/190930?visit_id=1-636106337534220464-640974822&hl=en&rd=1

Archer, J., Boehme, A., Cullinance, D., Puhlmann, N., Kurz, P., Reavis, J. (2012). Security guidance for critical areas of mobile computing. Seattle, WA: Cloud Security Alliance, 60 pp. Disponible en https://downloads.cloudsecurityalliance.org/initiatives/mobile/Mobile_Guidance_v1.pdf

Badger, L., Grance, T., Patt Corner, R., Voas, J. (2011). Cloud computing synopsis and recommendations. Special Publication (NIST SP) - 800-146. 81 p. Disponible en https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-146.pdf

Briscoe, G., Marinos, A. (2009). Community cloud computing. In: 1st International Conference on Cloud Computing. 11 p. arXiv:0907.2485v3 [cs.NI]. Disponible en http://eprints.lse.ac.uk/26516/1/community_cloud_computing_(LSERO_version).pdf

Buyya, R., Yeo, C. S., Venugopal, S. (2008). Market-oriented cloud computing: Vision, hype, and reality for delivering IT services as computing utilities. Proceedings of the 10th IEEE International Conference on High Performance Computing and Communications (HPCC-08, IEEE CS Press, Los Alamitos, CA, USA), 9 p. Disponible en https://arxiv.org/ftp/arxiv/papers/0808/0808.3558.pdf

Cloud Security Alliance. (2016). The treacherous 12 cloud computing top threats in 2016. 34 p. Disponible en https://downloads.cloudsecurityalliance.org/assets/research/top-threats/Treacherous-12_Cloud-Computing_Top-Threats.pdf

European Network and Information Security Agency (ENISA). Computación en nube: Beneficios, riesgos y recomendaciones para la seguridad de la información, 2009, 141, European Union.

Hewitt, C. (2008). ORGs for scalable, robust, privacy-friendly client cloud computing. IEEE Internet Computing, 12(5), 96-99. https://doi.org/10.1109/MIC.2008.107

Ibukun, E., Daramola, O. (2015). A systematic literature review of mobile cloud computing. International Journal of Multimedia and Ubiquitous Engineering, 10(12), 135-152. http://doi.org/10.14257/ijmue.2015.10.12.15

Islam, M. S. (2014). Systematic literature review: Security challenges of mobile banking and payments system. International Journal of U- and E- Service, Science and Technology, 7(6), 107-116. https://doi.org/10.14257/ijunesst.2014.7.6.10

ISO/IEC. ISO/IEC 25010 Systems and Software quality requirements and evaluation (SQuaRE) - System and software quality models. (2011).

Khalid, A. (2010). Cloud computing: Applying issues in small. In: IEEE International Conference on Signal Acquisition and Processing (ICSAP), pp. 278-281. https://doi.org/10.1109 /ICSAP.2010.78

Khan, A. N., Mat Kiah, M. L., Khan, S. U., Madani, S. A. (2013). Towards secure mobile cloud computing: A survey. Future Generation Computer Systems, 29(5), 1278-1299. https://doi.org/10.1016/j.future.2012.08.003

Mell, P., Grance, T. (2011). The NIST definition of Cloud Computing: Recommendations of the National Institute of Standards and Technology. Special Publication (NIST SP) - 800-145, 7 p. Disponible en https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf

Myerson, J. M. (2013). Best practices to develop SLAs for cloud computing. Develop a standard way to create service level agreements that multiple partners can use. Disponible en https://www.ibm.com/developerworks/cloud/library/cl-slastandards/index.html

OMG. (2008). Software & Systems Process Engineering Meta-Model Specification V2.0. 234 p. Disponible en https://www.omg.org/spec/SPEM/2.0/Beta2/About-SPEM/

Qureshi, S. S., Ahmad, T., Rafique, K., Shuja-ul-islam. (2011). Mobile cloud computing as future for mobile applications - Implementation methods and challenging issues. In: IEEE International Conference on Cloud Computing and Intelligence Systems (CCIS), Beijing, China. pp. 467-471. https://doi.org/10.1109/CCIS.2011.6045111

Sarma Vittapu, M., Sunkari, V., Yoseph Abate, A., Sreenivas, N. (2015). A proposed solution to secure MCC uprising issue and challenges in the domain of cyber security.Open Journal of Mobile Computing and Cloud Computing, 2(1).

Ye, Q. (2015). Analyzing security property of android application implementation using formal method. In: IEEE 20th Int. Conference on Engineering of Complex Computer Systems (ICECCS), Gold Coast, Australia, pp. 214-217. IEEE. https://doi.org/10.1109/ICECCS.2015.39

Zhang, S., Zhang, S., Chen, X., Huo, X. (2010). Cloud computing research and development trend. Second Conference on Cloud Computing Research and Development Trend. pp. 93-97. https://doi.org/10.1109/ICFN.2010.58

Downloads

Published

2017-12-30

How to Cite

Jara, D., & Cedillo, P. (2017). Propuesta metodológica de evaluación de seguridad para aplicaciones de Mobile Cloud Computing. Maskana, 8(1), 137–146. Retrieved from https://publicaciones.ucuenca.edu.ec/ojs/index.php/maskana/article/view/1974

Issue

Vol. 8 (2017): PROCEEDINGS: R+D+Engineering

Section

First Congress of Computer Science

License

Copyright © Autors. Creative Commons Attribution 4.0 License. for any article submitted from 6 June 2017 onwards. For manuscripts submitted before, the CC BY 3.0 License was used.

You are free to:

Share — copy and redistribute the material in any medium or format
Adapt — remix, transform, and build upon the material for any purpose, even commercially.

Under the following conditions:

Attribution — You must give appropriate credit, provide a link to the licence, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licenser endorses you or your use.
  No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the licence permits.
  
Detailed information about copyright and license agreement, copyright transfers and reproduction requests, can be found here.