Unauthorized Origin Crossing on Mobile Platforms: Threats and Mitigation

Provided by: Association for Computing Machinery
Topic: Security
Format: PDF
With the progress in mobile computing, web services are increasingly delivered to their users through mobile apps, instead of web browsers. However, unlike the browser, which enforces origin-based security policies to mediate the interactions between the web content from different sources, today's mobile OSes do not have a comparable security mechanism to control the cross-origin communications between apps, as well as those between an app and the web. As a result, a mobile user's sensitive web resources could be exposed to the harms from a malicious origin.

Find By Topic