{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,27]],"date-time":"2025-08-27T16:28:50Z","timestamp":1756312130615,"version":"3.40.3"},"publisher-location":"Cham","reference-count":24,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319489919"},{"type":"electronic","value":"9783319489926"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-48992-6_21","type":"book-chapter","created":{"date-parts":[[2016,11,2]],"date-time":"2016-11-02T05:25:50Z","timestamp":1478064350000},"page":"274-290","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Architecture Modeling and Analysis of Security in Android Systems"],"prefix":"10.1007","author":[{"given":"Bradley","family":"Schmerl","sequence":"first","affiliation":[]},{"given":"Jeff","family":"Gennari","sequence":"additional","affiliation":[]},{"given":"Alireza","family":"Sadeghi","sequence":"additional","affiliation":[]},{"given":"Hamid","family":"Bagheri","sequence":"additional","affiliation":[]},{"given":"Sam","family":"Malek","sequence":"additional","affiliation":[]},{"given":"Javier","family":"C\u00e1mara","sequence":"additional","affiliation":[]},{"given":"David","family":"Garlan","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,11,3]]},"reference":[{"key":"21_CR1","doi-asserted-by":"crossref","unstructured":"Abi-Antoun, M., Barnes, J.M.: Analyzing security architectures. In: Proceedings of the IEEE\/ACM International Conference on Automated Software Engineering, ASE 2010, pp. 3\u201312. ACM, New York (2010)","DOI":"10.1145\/1858996.1859001"},{"key":"21_CR2","doi-asserted-by":"crossref","unstructured":"Almorsy, M., Grundy, J., Ibrahim, A.S.: Automated software architecture security risk analysis using formalized signatures. In: 2013 35th International Conference on Software Engineering (ICSE), pp. 662\u2013671, May 2013","DOI":"10.1109\/ICSE.2013.6606612"},{"key":"21_CR3","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1016\/j.jss.2016.05.039","volume":"119","author":"H Bagheri","year":"2016","unstructured":"Bagheri, H., Garcia, J., Sadeghi, A., Malek, S., Medvidovic, N.: Software architectural principles in contemporary mobile software: from conception to practice. J. Syst. Softw. 119, 31\u201344 (2016)","journal-title":"J. Syst. Softw."},{"key":"21_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1007\/978-3-319-19249-9_6","volume-title":"FM 2015: Formal Methods","author":"H Bagheri","year":"2015","unstructured":"Bagheri, H., Kang, E., Malek, S., Jackson, D.: Detection of design flaws in the Android permission protocol through bounded verification. In: Bj\u00f8rner, N., de Boer, F. (eds.) FM 2015. LNCS, vol. 9109, pp. 73\u201389. Springer, Heidelberg (2015). doi:\n                      10.1007\/978-3-319-19249-9_6"},{"key":"21_CR5","doi-asserted-by":"crossref","unstructured":"Bagheri, H., Kang, E., Malek, S., Jackson, D.: A formal approach for detection of security flaws in the Android permission system. Formal Aspects Comput. (2016)","DOI":"10.1007\/s00165-017-0445-z"},{"issue":"9","key":"21_CR6","doi-asserted-by":"publisher","first-page":"866","DOI":"10.1109\/TSE.2015.2419611","volume":"41","author":"H Bagheri","year":"2015","unstructured":"Bagheri, H., Sadeghi, A., Garcia, J., Malek, S.: COVERT: compositional analysis of Android inter-app permission leakage. IEEE Trans. Software Eng. 41(9), 866\u2013886 (2015)","journal-title":"IEEE Trans. Software Eng."},{"key":"21_CR7","doi-asserted-by":"crossref","unstructured":"Bagheri, H., Sadeghi, A., Jabbarvand, R., Malek, S.: Practical, formal synthesis and automatic enforcement of security policies for Android. In: Proceedings of the 46th IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 514\u2013525 (2016)","DOI":"10.1109\/DSN.2016.53"},{"key":"21_CR8","unstructured":"Bodei, C., Degano, P., Nielson, F., Nelson, H.R.: Security analysis using flow logics. In: Current Trends in Theoretical Computer Science, pp. 525\u2013542. World Scientific (2000)"},{"key":"21_CR9","unstructured":"Cheng, S.-W.: Rainbow: cost-effective software architecture-based self-aaptation. PhD thesis, Carnegie Mellon University, Institute for Software Research Technical Report CMU-ISR-08-113, May 2008"},{"key":"21_CR10","doi-asserted-by":"crossref","unstructured":"Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in Android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, MobiSys 2011, pp. 239\u2013252. ACM, New York (2011)","DOI":"10.1145\/1999995.2000018"},{"key":"21_CR11","doi-asserted-by":"crossref","unstructured":"Davi, L., Dmitrienko, A., Sadeghi, A.-R., Winandy, M.: Privilege escalation attacks on Android. In: Proceedings of the 13th International Conference on Information Security (ISC) (2010)","DOI":"10.1007\/978-3-642-18178-8_30"},{"issue":"5","key":"21_CR12","doi-asserted-by":"publisher","first-page":"1099","DOI":"10.1109\/TKDE.2003.1232267","volume":"15","author":"Y Deng","year":"2003","unstructured":"Deng, Y., Wang, J., Tsai, J.J.P., Beznosov, K.: An approach for modeling, analysis of security system architectures. IEEE Trans. Knowl., Data Eng. 15(5), 1099\u20131119 (2003)","journal-title":"IEEE Trans. Knowl., Data Eng."},{"issue":"5","key":"21_CR13","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1145\/360051.360056","volume":"19","author":"DE Denning","year":"1976","unstructured":"Denning, D.E.: A lattice model of secure information flow. Commun. ACM 19(5), 236\u2013243 (1976)","journal-title":"Commun. ACM"},{"issue":"7","key":"21_CR14","doi-asserted-by":"publisher","first-page":"504","DOI":"10.1145\/359636.359712","volume":"20","author":"DE Denning","year":"1977","unstructured":"Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Commun. ACM 20(7), 504\u2013513 (1977)","journal-title":"Commun. ACM"},{"key":"21_CR15","doi-asserted-by":"crossref","unstructured":"Fernandez, E.B., Larrondo-Petrie, M.M., Sorgente, T., Vannhist, M.: A methodology to develop secure systems using patterns. In: Integrating Security and Software Engineering: Advances and Future Visions. Idea Group Inc. (2007)","DOI":"10.4018\/978-1-59904-147-6.ch005"},{"key":"21_CR16","unstructured":"Garg, K., Garlan, D., Schmerl, B.: Architecture based information flow analysis for software security (2008). \n                      http:\/\/acme.able.cs.cmu.edu\/pubs\/uploads\/pdf\/ArchSTRIDE08.pdf"},{"issue":"10","key":"21_CR17","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1109\/MC.2004.175","volume":"37","author":"D Garlan","year":"2004","unstructured":"Garlan, D., Cheng, S.-W., Huang, A.-C., Schmerl, B., Steenkiste, P.: Rainbow: Architecture-based self adaptation with reusable infrastructure. IEEE Comput. 37(10), 46\u201354 (2004)","journal-title":"IEEE Comput."},{"key":"21_CR18","unstructured":"Garlan, D., Monroe, R.T., Wile, D.: Acme: architectural description of component-based systems. In: Foundations of Component-Based Systems, pp. 47\u201367. Cambridge University Press, New York (2000)"},{"key":"21_CR19","volume-title":"Logic, Language, and Analysis","author":"D Jackson","year":"2012","unstructured":"Jackson, D., Abstractions, S.: Logic, Language, and Analysis, 2nd edn. MIT Press, London (2012)","edition":"2"},{"key":"21_CR20","unstructured":"Ren, J., Taylor, R.: A secure software architecture description language. In: Workshop on Software Security Assurance Tools, Techniques, and Metrics, pp. 82\u201389 (2005)"},{"key":"21_CR21","doi-asserted-by":"crossref","unstructured":"Sadeghi, A., Bagheri, H., Malek, S.: Analysis of Android inter-app security vulnerabilities using COVERT. In: Proceedings of the 37th International Conference on Software Engineering, ICSE 2015, vol. 2, pp. 725\u2013728. IEEE Press, Piscataway (2015)","DOI":"10.1109\/ICSE.2015.233"},{"key":"21_CR22","volume-title":"Software Architecture: Perspectives on and Emerging Discipline","author":"M Shaw","year":"1996","unstructured":"Shaw, M., Garlan, D.: Software Architecture: Perspectives on and Emerging Discipline. Prentice Hall, Englewood Cliffs, NJ (1996)"},{"key":"21_CR23","unstructured":"Swiderski, F., Snyder, W.: Threat Modeling. Microsoft Press, Redmond (2004)"},{"key":"21_CR24","unstructured":"Vall\u00e9e-Rai, R., Co, P., Gagnon, E., Hendren, L., Lam, P., Sundaresan, V.: Soot-a Java bytecode optimization framework. In: Proceedings of the Conference of the Centre for Advanced Studies on Collaborative Research, p. 13. IBM Press (1999)"}],"container-title":["Lecture Notes in Computer Science","Software Architecture"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-48992-6_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T01:18:42Z","timestamp":1558315122000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-48992-6_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319489919","9783319489926"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-48992-6_21","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"3 November 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ECSA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Conference on Software Architecture","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Copenhagen","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denmark","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 November 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 December 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ecsa2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/ecsa2016.icmc.usp.br\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}