Basic terminologies
Assest => Something that we want to protect
Threats => Susceptible for attacks
countermeasures => Measures to protect assets from threats
There are two types of assets
1. Information assets -> such as information abut a user
2. Function assets -> Such as functions of a phone. Say, Calling, SMS etc
The above mostly pertains to the smart phone user. However, there is also other details in the application itself.
1. Program portion
2. Data portion
Below is a pictorial representation of this
References:
https://www.jssec.org/dl/android_securecoding_en.pdf
No comments:
Post a Comment