loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Robert Flood 1 ; Sheung Chi Chan 2 ; Wei Chen 1 and David Aspinall 1 ; 3

Affiliations: 1 LFCS, University of Edinburgh, Edinburgh, U.K. ; 2 Department of Computer Science, Heriott-Watt University, Edinburgh, U.K. ; 3 The Alan Turing Institute, London, U.K.

Keyword(s): Static Analysis, Covid-19, Contact Tracing, Android.

Abstract: In the wake of the COVID-19 pandemic, contact tracing apps have been developed based on digital contact tracing frameworks. These allow developers to build privacy-conscious apps that detect whether an infected individual is in close-proximity with others. Given the urgency of the problem, these apps have been developed at an accelerated rate with a brief testing period. Such quick development may have led to mistakes in the apps’ implementations, resulting in problems with their functionality, privacy and security. To mitigate these concerns, we develop and apply a methodology for evaluating the functionality, privacy and security of Android apps using the Google/Apple Exposure Notification API. This is a three-pronged approach consisting of a manual analysis, general static analysis and a bespoke static analysis, using a tool we’ve developed, dubbed MonSTER. As a result, we have found that, although most apps met the basic standards outlined by Google/Apple, there are issues with t he functionality of some of these apps that could impact user safety. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 52.55.55.239

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Flood, R.; Chan, S.; Chen, W. and Aspinall, D. (2021). Checking Contact Tracing App Implementations. In Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-491-6; ISSN 2184-4356, SciTePress, pages 133-144. DOI: 10.5220/0010237201330144

@conference{icissp21,
author={Robert Flood. and Sheung Chi Chan. and Wei Chen. and David Aspinall.},
title={Checking Contact Tracing App Implementations},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP},
year={2021},
pages={133-144},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010237201330144},
isbn={978-989-758-491-6},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP
TI - Checking Contact Tracing App Implementations
SN - 978-989-758-491-6
IS - 2184-4356
AU - Flood, R.
AU - Chan, S.
AU - Chen, W.
AU - Aspinall, D.
PY - 2021
SP - 133
EP - 144
DO - 10.5220/0010237201330144
PB - SciTePress