{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T06:56:26Z","timestamp":1743144986779,"version":"3.40.3"},"publisher-location":"Cham","reference-count":24,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030865061"},{"type":"electronic","value":"9783030865078"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-86507-8_13","type":"book-chapter","created":{"date-parts":[[2021,9,7]],"date-time":"2021-09-07T23:22:00Z","timestamp":1631056920000},"page":"132-143","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Assisting Developers in Preventing Permissions Related Security Issues in\u00a0Android Applications"],"prefix":"10.1007","author":[{"given":"Mohammed El Amin","family":"Tebib","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pascal","family":"Andr\u00e9","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Oum-El-Kheir","family":"Aktouf","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mariem","family":"Graa","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,9,8]]},"reference":[{"key":"13_CR1","doi-asserted-by":"publisher","first-page":"216671","DOI":"10.1109\/ACCESS.2020.3041432","volume":"8","author":"IM Almomani","year":"2020","unstructured":"Almomani, I.M., Khayer, A.A.: A comprehensive analysis of the Android permissions system. IEEE Access 8, 216671\u2013216688 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.3041432","journal-title":"IEEE Access"},{"key":"13_CR2","doi-asserted-by":"crossref","unstructured":"Armando, A., Carbone, R., Costa, G., Merlo, A.: Android permissions unleashed. In: 2015 IEEE 28th Computer Security Foundations Symposium, pp. 320\u2013333. IEEE (2015)","DOI":"10.1109\/CSF.2015.29"},{"key":"13_CR3","doi-asserted-by":"crossref","unstructured":"Au, K.W.Y., Zhou, Y.F., Huang, Z., Lie, D.: PScout: analyzing the android permission specification. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 217\u2013228 (2012)","DOI":"10.1145\/2382196.2382222"},{"issue":"5","key":"13_CR4","doi-asserted-by":"publisher","first-page":"525","DOI":"10.1007\/s00165-017-0445-z","volume":"30","author":"H Bagheri","year":"2017","unstructured":"Bagheri, H., Kang, E., Malek, S., Jackson, D.: A formal approach for detection of security flaws in the Android permission system. Formal Aspects Comput. 30(5), 525\u2013544 (2017). https:\/\/doi.org\/10.1007\/s00165-017-0445-z","journal-title":"Formal Aspects Comput."},{"key":"13_CR5","doi-asserted-by":"crossref","unstructured":"Bello-Ogunu, E., Shehab, M.: PERMITME: integrating Android permissioning support in the IDE. In: Proceedings of the 2014 Workshop on Eclipse Technology eXchange, pp. 15\u201320 (2014)","DOI":"10.1145\/2688130.2688135"},{"key":"13_CR6","doi-asserted-by":"crossref","unstructured":"Betarte, G., Campo, J., Cristi\u00e1, M., Gorostiaga, F., Luna, C., Sanz, C.: Towards formal model-based analysis and testing of Android\u2019s security mechanisms. In: 2017 XLIII Latin American Computer Conference (CLEI), pp. 1\u201310. IEEE (2017)","DOI":"10.1109\/CLEI.2017.8226404"},{"issue":"1","key":"13_CR7","first-page":"27","volume":"26","author":"G Betarte","year":"2016","unstructured":"Betarte, G., Campo, J., Luna, C., Romano, A.: Formal analysis of Android\u2019s permission-based security model. Sci. Ann. Comput. Sci. 26(1), 27\u201368 (2016)","journal-title":"Sci. Ann. Comput. Sci."},{"key":"13_CR8","doi-asserted-by":"crossref","unstructured":"Betarte, G., Campo, J., Luna, C., Sanz, C., Gorostiaga, F., Cristi\u00e1, M.: A formal approach for the verification of the permission-based security model of Android. CLEI Electron. J. 21(2) (2018)","DOI":"10.19153\/cleiej.21.2.3"},{"key":"13_CR9","doi-asserted-by":"crossref","unstructured":"Buchanan, W.: Introduction to Security and Network Forensics. Taylor & Francis (2011). https:\/\/books.google.fr\/books?id=8uzM63AYi_MC","DOI":"10.1201\/b11788"},{"key":"13_CR10","doi-asserted-by":"crossref","unstructured":"Chester, P., Jones, C., Mkaouer, M.W., Krutz, D.E.: M-Perm: a lightweight detector for Android permission gaps. In: 4th International Conference on Mobile Software Engineering and Systems (MOBILESoft), pp. 217\u2013218. IEEE (2017)","DOI":"10.1109\/MOBILESoft.2017.23"},{"key":"13_CR11","doi-asserted-by":"publisher","first-page":"205","DOI":"10.1016\/j.cose.2014.02.007","volume":"43","author":"Z Fang","year":"2014","unstructured":"Fang, Z., Han, W., Li, Y.: Permission based android security: issues and countermeasures. Comput. Secur. 43, 205\u2013218 (2014)","journal-title":"Comput. Secur."},{"key":"13_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-33167-1_1","volume-title":"Computer Security \u2013 ESORICS 2012","author":"Elli Fragkaki","year":"2012","unstructured":"Fragkaki, Elli, Bauer, Lujo, Jia, Limin, Swasey, David: Modeling and enhancing Android\u2019s permission system. In: Foresti, Sara, Yung, Moti, Martinelli, Fabio (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 1\u201318. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33167-1_1"},{"key":"13_CR13","doi-asserted-by":"crossref","unstructured":"Guo, W.: Management system for secure mobile application development. In: Proceedings of the ACM Turing Celebration Conference, China, pp. 1\u20134 (2019)","DOI":"10.1145\/3321408.3321418"},{"key":"13_CR14","doi-asserted-by":"crossref","unstructured":"He, X.: Modeling and analyzing the Android permission framework using high level Petri Nets. In: 2017 IEEE International Conference on Software Quality, Reliability and Security (QRS), pp. 232\u2013239. IEEE (2017)","DOI":"10.1109\/QRS.2017.34"},{"key":"13_CR15","doi-asserted-by":"crossref","unstructured":"Hoffmann, J., Ussath, M., Holz, T., Spreitzenbarth, M.: Slicing droids: program slicing for smali code. In: Proceedings of the 28th Annual ACM Symposium on Applied Computing, pp. 1844\u20131851 (2013)","DOI":"10.1145\/2480362.2480706"},{"key":"13_CR16","doi-asserted-by":"crossref","unstructured":"Jha, A.K., Lee, S., Lee, W.J.: Developer mistakes in writing Android manifests: an empirical study of configuration errors. In: 2017 IEEE\/ACM 14th International Conference on Mining Software Repositories (MSR), pp. 25\u201336. IEEE (2017)","DOI":"10.1109\/MSR.2017.41"},{"key":"13_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1007\/BFb0027284","volume-title":"ZUM 1997: The Z Formal Specification Notation","author":"M Saaltink","year":"1997","unstructured":"Saaltink, M.: The Z\/EVES system. In: Bowen, J.P., Hinchey, M.G., Till, D. (eds.) ZUM 1997. LNCS, vol. 1212, pp. 72\u201385. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/BFb0027284"},{"key":"13_CR18","doi-asserted-by":"crossref","unstructured":"Sadeghi, A., Jabbarvand, R., Ghorbani, N., Bagheri, H., Malek, S.: A temporal permission analysis and enforcement framework for Android. In: Proceedings of the 40th International Conference on Software Engineering, ICSE 2018, pp. 846\u2013857. ACM, New York (2018)","DOI":"10.1145\/3180155.3180172"},{"key":"13_CR19","doi-asserted-by":"crossref","unstructured":"Scoccia, G.L., Peruma, A., Pujols, V., Malavolta, I., Krutz, D.E.: Permission issues in open-source Android apps: an exploratory study. In: 2019 19th International Working Conference on Source Code Analysis and Manipulation (SCAM), pp. 238\u2013249. IEEE (2019)","DOI":"10.1109\/SCAM.2019.00034"},{"key":"13_CR20","doi-asserted-by":"crossref","unstructured":"Seo, J., Kim, D., Cho, D., Shin, I., Kim, T.: FLEXDROID: enforcing in-app privilege separation in Android. In: NDSS (2016)","DOI":"10.14722\/ndss.2016.23485"},{"key":"13_CR21","unstructured":"Spivey, J.M.: Z Notation - A Reference Manual, 2nd edn. Prentice Hall International Series in Computer Science. Prentice Hall (1992)"},{"key":"13_CR22","unstructured":"Vidas, T., Christin, N., Cranor, L.: Curbing Android permission creep. In: Proceedings of the Web, vol. 2, pp. 91\u201396 (2011)"},{"key":"13_CR23","doi-asserted-by":"crossref","unstructured":"Wu, S., Liu, J.: Overprivileged permission detection for Android applications. In: ICC 2019\u20132019 IEEE International Conference on Communications (ICC), pp. 1\u20136. IEEE (2019)","DOI":"10.1109\/ICC.2019.8761572"},{"issue":"18","key":"13_CR24","doi-asserted-by":"publisher","first-page":"3699","DOI":"10.3390\/app9183699","volume":"9","author":"G Xu","year":"2019","unstructured":"Xu, G., Xu, S., Gao, C., Wang, B., Xu, G.: PerHelper: helping developers make better decisions on permission uses in Android apps. Appl. Sci. 9(18), 3699 (2019)","journal-title":"Appl. Sci."}],"container-title":["Communications in Computer and Information Science","Dependable Computing - EDCC 2021 Workshops"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-86507-8_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,9,7]],"date-time":"2021-09-07T23:25:19Z","timestamp":1631057119000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-86507-8_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030865061","9783030865078"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-86507-8_13","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"8 September 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EDCC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Dependable Computing Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Munich","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 September 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 September 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"edcc2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/edcc.dependability.org\/workshops.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}