РОЗРОБКА СИСТЕМИ БЕЗПЕКИ КЛІЄНТ-СЕРВЕРНОГО ЗАСТОСУНКУ НА БАЗІ ОПЕРАЦІЙНОЇ СИСТЕМИ ANDROID (Ukrainian)

DEVELOPMENT OF CLIENT-SERVER APPLICATION SECURITY SYSTEM BASED ON ANDROID OPERATING SYSTEM. (English)

In today's world it is impossible to do without the use of various communication systems. They are now the integral part of our lives. Almost every modern person uses one or another system of information exchange with other people. Mobile platforms are most often used for information exchange. The vast majority are platforms such as Android, iOS and Windows Phone. Information transmitted from one user to another can often be confidential or restricted. So, the appropriate methods of information protection should be used for this purpose. Today, information security researchers focus on improving the performance of cryptographic algorithms and the primitives on which they are based. Nevertheless, the issues of building of integrated security systems for instant messaging systems remain insufficiently considered. This paper is devoted to the development of a comprehensive application protection system for instant messaging. Any IM application consists of three main parts. The first component is the program code executed on a mobile platform. The second part is the communication channel. The last part is the program code executed on the server side. This paper discusses each of the main parts for building a comprehensive application protection system for instant messaging. The choice of certain components for building a security system is substantiated, the schemes of operation of the program code executed on the Android mobile platform are given, the choice of forms of transmission of user information through the communication channel is substantiated. Recommendations for choosing a communication channel and ensuring its security are given. The schemes of the server side of the application are also given. The choice of certain hashes functions, functions of input information checks, approaches to the implementation of the protection system, storage system and processing of user information on the server side is substantiated. The developed application also shows some shortcomings of the mobile platform Android in terms of information security. It is shown how attackers can take advantage of these shortcomings, and suggestions to prevent their use are provided. The results of the work can be used to protect information in practical systems. [ABSTRACT FROM AUTHOR]

Copyright of Informatics & Mathematical Methods in Simulation / Informatika ta Matematičnì Metodi v Modelûvannì is the property of Odessa Polytechnic University and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)