KIRKE

With countless smartphones and mobile devices being widely used, users can have community interaction, recreation, and can even make a purchase through their mobile devices. Therefore, the mobile network service is becoming increasing irreplaceable and essential to modern people's daily life. That makes the network security of mobile Apps become relatively important. And it is every App designer's biggest challenge to guarantee the security of their Apps in mobile gadgets. Moreover, cross platform mobile app (CPMA) combines the features of Web applications and mobile Apps. On the one hand, like Web applications, CPMA is implemented in portable, platform-independent languages such as HTML and JavaScript. On the other hand, like native Apps, CPMA has direct access to local device resources -- file system, location, camera, contacts, etc. Owing to the above advantages, CPMA has gaining more and more popularity. To sum up, how to develop a secured cross platform mobile Apps to prevent users' personal information from being invaded becomes the most interesting and critical issue. In this paper, we present a security CPMA to provide IT network services developers with related idea and model case study.

Smartphone apps support people to adopt healthy lifestyles. Therefore, it is useful to understand the persuasive design strategies involved in hybrid mobile applications that facilitate behavior changes. The aim of our research is to show the ease of use of hybrid mobile applications compared to Web and Native applications. Hybrid mobile apps combine the features of Web apps and Native mobile apps. Like web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. They directly access local device resources such as native apps. Transition to hybrid applications has been increasing in recent years with the rapid progress of technology. Although it has performance disadvantages compared to native applications, it is more preferred by software developers due to its ease of use. From the results, it has been determined that the user interface for hybrid applications is simpler to develop with its dynamic structure and it uses mobile device features better in terms of performance when used in hybrid applications.

Multiple Sclerosis (MS) is a chronic neurodegenerative disorder. People living with MS (plwMS) require long-term, multidisciplinary care in both clinical and community settings. MS-specific mHealth interventions have advanced in the form of clinical treatments, rehabilitation, disease monitoring and self-management of disease. However, mHealth interventions for plwMS appear to have limited proof of clinical efficacy. As native mobile apps target specific mobile operating systems, they tend to have better interactive designs leveraging platform-specific guidelines. Thus, to improve such efficacy, it is pivotal to explore the design characteristics of native mobile apps used for plwMS. This study aimed to explore the design characteristics of native mobile apps used for adults living with MS in academic settings. A scoping review of studies was conducted. A literature search was performed through PubMed, CINAHL, MEDLINE and Cochrane Library. Per native mobile apps, characteristics, persuasive technology elements and evaluations were summarized. A total of 14 native mobile apps were identified and 43% of the identified apps were used for data collection (n=6). Approximately 70% of the included apps involved users (plwMS) whilst developing (n=10). A total of three apps utilized embedded sensors. Videos or photos were used for physical activity interventions (n=2) and gamification principles were applied for cognitive and/or motor rehabilitation interventions (n=3). Behavior change theories were integrated into the design of the apps for fatigue management and physical activity. Regarding persuasive technology, the design principles of primary support were applied across all identified apps. The elements of dialogue support and social support were the least applied. The methods for evaluating the identified apps were varied. The findings suggest that the identified apps were in the early stages of development and had a user-centered design. By applying the persuasive systems design model, interaction design qualities and features of the identified mobile apps in academic settings were systematically evaluated at a deeper level. Identifying the digital functionality and interface design of mobile apps for plwMS will help researchers to better understand interactive design and how to incorporate these concepts in mHealth interventions for improvement of clinical efficacy.

Mobile apps have found wide acceptance in today’s world which heavily depend on smart technology to access data over wide location. The apps are mostly of native type which can be used for accessing data even without the internet availability. In this paper the development of mobile native applications requires the assimilation of various analytical contexts depending on the requirement of users. We have done an empirical study of various papers based on ubiquitous systems and mobile apps for finding out the contexts in building mobile native apps and the mobile contexts are such as device context, user context, mobility context and social context. We have found that the overall weight of each mobile context is an empirical study. We have taken various activities which are performed among a user and mobile native apps and formed them into questionnaires which are sent to different mobile native app developers of different software industries. The mapping is done among these activities with the attributes and their associated mobile contexts. We have identified and obtained four contexts as main requirements for developing mobile native apps under any domain. The analysis of requirements is done modeling the contexts and their attributes through OWLDL language. We have determined from the empirical study that the overall weight of device context is more than the other contexts. Hence it is clear that the device context with its numerous features have a great impact on developing mobile native apps under any domain.

Objectives: This research study provides an analysis model which is used to analyze the requirements of mobile native apps contextually under any domain. Methods/Statistical Analysis: Based on the background study, the research process have taken three research approaches and also have identified various activities which are performed among a native mobile app user and mobile native apps and formed them into questionnaires which are sent to different mobile native app developers of different software industries. This research process has determined the requirements based on four contexts in mobile domain such as device context, mobility contexts, user context and social contexts. Findings: These activities are mapped into attributes and contexts for modeling the requirements under mobile domain and for developing the sub models of the analysis model. Finally the analysis model is built and composed of four sub models. These sub models are content analysis model, interaction analysis model, functional analysis model and configuration analysis model. Application/Improvements: This research study provides the analysis model where the requirements are analyzed in a mobile native app under any domain such as agriculture, learning or healthcare applications. This analysis model is significant as it determines the contexts and models the contexts which are not specified in any frameworks or process models. Keywords: Configuration Analysis, Content Analysis, Functional Analysis, Interaction Analysis

We can notice that security problems of inappropriate integration of native and web technologies in hybrid mobile applications (apps) have been covered in the related state-of-the-art research. However, analyzing hybrid mobile apps' unique behaviors has been seldom addressed. In this paper, we explore the influence of native and web technologies integration in hybrid mobile apps on the generated profile of mobile applications. Specifically, we analyze the type of Security Sensitive APIs (SS-APIs) exposed to web content and identify the corresponding usage patterns by systematically tracking function-call-graphs of a large number of hybrid and native mobile apps. Our investigations indicate that the generated profiles for hybrid and native mobile apps are considerably different. Using our proposed tool, called Hybrid-scanner, for tracking and analyzing internal behaviors of hybrid mobile apps, we show that there is more trace of API calling for triggering a specific SS-API in a hybrid mobile app in comparison with Android native mobile apps. In addition, we have found that almost 40% of SS-APIs in hybrid mobile apps are invoked by third-party libraries, e.g. advertisement libraries. This knowledge, however, is crucial for designing appropriate malware detection or vulnerability mitigation strategies. Based on our results, we discuss two main approaches in Android malware analysis field and enumerate some suggestions which should be considered in order to successfully detect malicious behaviors in such new type of apps.

PurposeMobile devices (smartphones, tables etc.) have become the de facto means of accessing the internet. While traditional Web browsing is still quite popular, significant interaction takes place via native mobile apps that can be downloaded either freely or at a cost. This has opened the door to a number of issues related to privacy protection since the smartphone stores and processes personal data. The purpose of this paper is to examine the extent of access to personal data, required by the most popular mobile apps available in Google Play store. In addition, it is examined whether the relevant procedure is in accordance with the provisions of the new EU Regulation.Design/methodology/approachThe paper examines more than a thousand mobile apps, available from the Google Play store, with respect to the extent of the requests for access to personal data. In particular, for each available category in Google Play store, the most popular mobile apps have been examined both for free and paid apps. In addition, the permissions required by free and paid mobile apps are compared. Furthermore, a correlation analysis is carried out aiming to reveal any correlation between the extent of required access to personal data and the popularity and the rating of each mobile app.FindingsThe findings of this paper suggest that the majority of examined mobile apps require access to personal data to a high extent. In addition, it is found that free mobile apps request access to personal data in a higher extent compared to the relevant requests by paid apps, which indicates strongly that the business model of free mobile apps is based on personal data exploitation. The most popular types of access permissions are revealed for both free and paid apps. In addition, important questions are raised in relation to user awareness and behavior, data minimization and purpose limitation for free and paid mobile apps.Originality/valueIn this study, the process and the extent of access to personal data through mobile apps are analyzed. Although several studies analyzed relevant issues in the past, the originality of this research is mainly based on the following facts: first, this work took into account the recent Regulation of the EU in relation to personal data (GDPR); second, the authors analyzed a high number of the most popular mobile apps (more than a thousand); and third, the authors compare and analyze the different approaches followed between free and paid mobile apps.

The source code of a web application executed on the web browser has been exposed to leakage, and it is difficult to implement various web functions compared with other general applications. Therefore, in practical web applications, web plug-in technologies are used. However, web plug-in technology has a platform dependency and is attacked by malicious codes which resulting in a damage of the system. On the other hands, the web-based emulator is independent of platforms as well as web browsers. Recently, various web emulators were introduced, and users can use it as the virtual machine environment of diverse platforms on the web browser. However, these web-based emulator doesn’t provide an interface API to access other web application. In this paper, we propose the modified web-based emulator with the interface module and API, called as the web emulator-based execution engine. Using the proposed system, a native code in a web application is easily written by C, and C++ and compiled. Furthermore it can be distributed and executed directly on the emulator-based web application execution engine. Therefore it solves the leak problem of source codes that is the vulnerability of web applications. The proposed emulator-based web application execution engine is a new concept combined web plug-in and emulator. In the experiment we developed an interface module and an API for the proposed emulator-based web application execution engine. The experimental emulator-based web application was implemented and tested to evaluate the overall system.KeywordsWeb applicationObfuscationEmulatorJavaScriptNative binary

The proposed system uses Natural Language Processing (NLP) and Deep Learning (DL) techniques to extract voice data and translate it to text during medical consultations. Iterative model was adopted in the design of the system and the user interfaces was implemented by using NLP techniques, especially speech recognition and natural language understanding. Deep learning algorithm shows a great ability to build clinical decision support systems by extracting various information for medical diagnosis and produce result is few seconds. The result form the system testing shows that the installation size of the Progressive Web App (104 KB) is 42 times smaller than the native Android app (4.37 MB). In terms of render-speeds, the PWA rendered different results. The native app will launch the Android activity after 1408 ms after app icon tap (launch), while the progressive web app launches the application in 230 ms. The advent of cross-platform application development frame-works have made it much easier to create applications for multiple platforms for mobile devices. In spite of reduced learning effort, usually lower costs, and a faster time-to-market cross-platform methods always do not prevail in most cases. Although there are normal exclusions – like graphic-intensive games, which should to be programmed with the native software development kits (SDKS), choice between native apps, cross-platform generated ones, and Web apps can remain delicate. Whereas many diverse efforts have been made with respect to how cross-platform development frameworks ought to work, no technology is deemed unequivocally superior than the others. But a cross-platform mobile app has got an edge over native app development. It also recommends that developers adopt this technology of mobile app development due to its huge gains.

With over a billion mobile devices in use worldwide and nearly half a billion mobile applications on offer, software developers must make choices between developing one or more versions of native, hybrid or mobile web applications. This paper compares development approaches across these three options and compiles a set of criteria on platforms and devices that can be used in critical development decisions. Key issues for each application development approach are discussed, and a comparative analysis highlights the advantages and disadvantages of each approach. Keywords: App, mobile application, native mobile app, hybrid mobile app, web mobile app, mobile application development

The mobile apps have been reaching a huge success on the mobile market. This opportunity attracted a lot of interested companies to have their own optimized mobile apps for all major mobile operation systems. However, these developments are expensive when developed natively for each mobile platform. New improvements done on the web technologies, allowed more features and capabilities than previously was only possible on apps that was developed natively. This started new possibilities on consolidate all developments only on web apps, that are apps that runs on web browsers. This paper intends to understand which evolutions, capabilities and limitations exists on developing a web app to run in all devices. We present the new concept of Progressive Web App, created by Google, in a way to normalize all web developments. It will be introduced the major advantages on developing the apps centralized as a Progressive Web App, comparing on developing the same solution for each different mobile platform. It will be also described the current state of web technologies and in which preferable scenarios the Progressive Web Apps are a strong alternative to the mobile native apps.

This study investigates the rise of Progressive Web Apps (PWAs) and their impact on the landscape of web applications. PWAs, built on standard web technologies, bridge the gap between traditional websites and native mobile apps by offering features like offline functionality, push notifications, and app-like user experiences. This research delves into the core functionalities of PWAs, exploring how they address the limitations of web apps and provide an enhanced user experience.The study aims to Analyze the key characteristics and capabilities of PWAs, Evaluate the impact of PWAs on user engagement and accessibility, Explore the potential benefits and challenges associated with PWA development and adoption for businesses and discuss the future potential of PWAs in shaping the evolution of web applications. By examining PWAs through these lenses, this study contributes to a deeper understanding of their potential to revolutionize user experiences and redefine the way we interact with web applications. Progressive online Apps (PWAs), which bridge the gap between conventional webpages and native mobile applications, represent a paradigm shift in online technology. This study intends to explore the complex world of PWAs, examining their features, benefits, history, and consequences for the digital environment.The paper starts with a thorough investigation of the fundamental ideas that guide PWAs. It outlines the fundamental characteristics that set these apps apart, including their solid security procedures, responsiveness on many devices, dependability under erratic network situations, and interaction through app-like experiences. These qualities serve as PWAs' cornerstones, allowing them to leverage the adaptability of web technologies to deliver immersive user experiences that compete with native applications.In addition, this research carefully analyzes the intrinsic benefits of PWAs. It clarifies their accessibility, removing the obstacles related to app downloads and guaranteeing their general availability via web browsers. One important factor that stands out is cost-effectiveness: PWAs eliminate the need for separate platform development initiatives, which reduces overhead and compatibility difficulties. Additionally, they are more visible in search results and load faster, which adds to their allure and increases user engagement and retention. Additionally, the study looks at how PWAs are changing a variety of businesses and use cases. Case studies from well-known companies like Flipkart, Starbucks, and Twitter Lite demonstrate the effectiveness of PWAs in providing customers with quicker, more interesting, and more accessible experiences. These practical applications highlight the observable advantages of PWAs and demonstrate how they may transform social networking, e-commerce, and service-oriented applications. The study also explores the technical foundations that support PWAs, highlighting the function of caching methods, HTTPS protocols, and service workers in guaranteeing robust security measures, faster loading times, and offline capability. It clarifies the best practices for development and architecture that make it possible to create PWAs, promoting a better comprehension of the technical aspects supporting these apps. This study concludes by promoting PWAs' transformational potential in transforming the digital landscape. It emphasizes their function as a driving force behind providing exceptional user experiences that combine the finest aspects of mobile and online applications. PWAs are positioned to change web development standards as they continue to develop and gain popularity. They provide organizations and users with an attractive alternative that puts accessibility, engagement, and efficiency first.

Markup Injection MI attacks, ranging from classical Cross-Site Scripting XSS and DOMXSS to Scriptless Attacks, pose a major threat for web applications, browser extensions, and mobile apps. To mitigate MI attacks, we propose JSAgents, a novel and flexible approach to defeat MI attacks using DOM meta-programming. Specifically, we enforce a security policy on the DOM of the browser at a place in the markup processing chain just before the rendering of the markup. This approach has many advantages: Obfuscation has already been removed from the markup when it enters the DOM, mXSS attack vectors are visible, and, last but not least, the client-side protection can be individually tailored to fit the needs of web applications. JSAgents policies look similar to CSP policies, and indeed large parts of CSP can be implemented with JSAgents. However, there are three main differences: 1 Contrary to CSP, the source code of legacy web applications needs not be modified; instead, the policy is adapted to the application. 2 Whereas CSP can only apply one policy to a complete HTML document, JSAgents is able, through a novel cascading enforcement, to apply different policies to each element in the DOM; this property is essential in dealing with JavaScript event handlers and URIs. 3 JSAgents enables novel features like coarse-grained access control: e.g. we may block read/write access to HTML form elements for all scripts, but human users can still insert data which may be interesting for password and PIN fields.

With the growth of the Internet, web applications are becoming very popular in the user communities. However, the presence of security vulnerabilities in the source code of these applications is raising cyber crime rate rapidly. It is required to detect and mitigate these vulnerabilities before their exploitation in the execution environment. Recently, Open Web Application Security Project (OWASP) and Common Vulnerabilities and Exposures (CWE) reported Cross-Site Scripting (XSS) as one of the most serious vulnerabilities in the web applications. Though many vulnerability detection approaches have been proposed in the past, existing detection approaches have the limitations in terms of false positive and false negative results. This paper proposes a context-sensitive approach based on static taint analysis and pattern matching techniques to detect and mitigate the XSS vulnerabilities in the source code of web applications. The proposed approach has been implemented in a prototype tool and evaluated on a public data set of 9408 samples. Experimental results show that proposed approach based tool outperforms over existing popular open source tools in the detection of XSS vulnerabilities.

The World Wide Web is evolving towards a very large distributed platform allowing ubiquitous access to a wide range of Web applications with minimal delay and no installation required. Such Web applications range from having users undertake simple tasks, such as filling a form, to more complex tasks including collaborative work, project management, and more generally, creating, consulting, annotating, and sharing Web content. However, users are lacking a simple but yet powerful mechanism to compose Web applications, similarly to what desktop environments allowed for decades using the file explorer paradigm and the desktop metaphor. Attempts have been made to adapt the desktop metaphor to the Web environment giving birth to Webtops (Web desktops). It essentially consisted of embedding a desktop environment in a Web browser and provide access to various Web applications within the same User Interface. However, those attempts did not take into consideration to the radical differences between Web and desktop environments and applications. In this work, we introduce a new approach for Web application composition based on the mindmap metaphor. It allows browsing artifacts (Web resources) and enabling user-driven composition of their associated Web applications. Essentially, a mindmap is a graph of widgets representing artifacts created or used by Web applications and allow to list and launch all possible Web applications associated to each artifact. A tool has been developed to experiment the new metaphor and is provided as a service to be embedded in Web applications via a Web browser's plug-in. We demonstrate in this paper three case studies regarding the DBLP Web site, Wikipedia and Google Picasa Web applications.