The functionality of modern smartphones can
easily be enriched by a huge number of available apps. Studies have
shown that many of these apps leak private information of their
users to third parties. In this article, we demonstrate how a user
can ensure that the apps he installs keep his private information
confidential. By means of a concrete example, we show how an
informal confidentiality requirement can be formalized in the
specification language RIFL and how this requirement can be verified
in the app store Cassandra using the RSCP security analyser. In
particular, we demonstrate how Cassandra integrates the
information-flow analysis by the RSCP security analyser into the
installation process of an app from the perspective of a user.
it - Information Technology is a strictly peer-reviewed scientific journal. It is the oldest German journal in the field of information technology. Today, the major aim of it - Information Technology is highlighting issues on ongoing newsworthy areas in information technology and informatics and their application. It aims at presenting the topics with a holistic view.