Management of security and privacy issues of application development in mobile cloud environment: A survey

Abstract

The widespread adoption of programmable smart mobile devices like smart phones or Tablet and connecting to public domain of Internet as well as cloud service providers provide newer privacy as well as security challenges across enterprises. Mobile cloud computing has become extremely popular among mobile users and developers who can see a direct benefit albeit resource limitations in mobile devices including battery life, memory space or processing power. Data loss from stolen or decommissioned mobile devices, unsecured information exchange through rouge access points and access of vulnerable network fetch privacy as well as security threats of mobile cloud computing. Data breaches, account hijacking, insecure API exposure, denial of services, malicious insider attacks, loss of encryption key, virtual machine isolation bring forth some of the additional security and privacy threats. In this paper, we have attempted to enumerate several privacy plus security threats and put forth best practices and recommendations as preventive as well counter measures on incidence. We have evaluated the secure coding practices and code offloading frameworks. We have also analyzed the occurrence of software flaws in applications which were developed for payment application domain for last two years and effort put on tokenization to achieve higher level of security using cloud computing.