On Secret Management and Handling in Mobile Application Development Life Cycle: A Position Paper

Authors :: Panuchart Bunyakiati
Usa Sammapun
Source :: ASE Workshops
Publication Year :: 2019
Publisher :: IEEE, 2019.
Abstract: The security of software systems relies so heavily on the use of secrets, ranging from credentials, API keys, and tokens to secret keys for cryptographic security. This paper examines approaches for managing and handling secrets in software development life cycle, focusing on mobile applications where software must be distributed to devices and operate in an untrusted environment. This paper points out the shortcomings in activities related to secrets management and handling in mobile application development life cycle and outlines future directions in this area of research.

Subjects :: TheoryofComputation_MISCELLANEOUS
Software development process
Software
business.industry
Computer science
Systems development life cycle
Position paper
Cryptography
Software system
business
Computer security
computer.software_genre
computer

Database :: OpenAIRE
Journal :: 2019 34th IEEE/ACM International Conference on Automated Software Engineering Workshop (ASEW)
Accession number :: edsair.doi...........a69b2ad4d283d0638d2137552f9b725f

Tools