Smartphones have become the center piece of Today''s IT World, transforming the life pattern of people and the social structure. With such breakthrough and rapid advancement of mobile application technology came the crticial side effect: emergence of new security threats for mobile devices. These security threats have become a huge problem. Malignant software developers are exploiting openness of appstores and freely uploaded mobile apps contained with malwares that arbitrarily control the infected devices and steal users personal information. As the malwares contained in the mobile apps are becoming ever more savvy, dangerous and worse, the institutions including financial companies and national organizations are trying to protect their information assets against these mobile security threats.
In reality, if military apps, which must regard security as its priority, are deployed through the Internet-based commercial appstores, those are bound to be exposed to a myriad of security threats. Therefore, in this paper, the construction scheme of military-exclusive Appstore and security verification system is suggested. Through pre-security validation and other security measures, the system manages to prevent the security threats and provides protection against malwares.
Given the uniqueness of military environment, military appstores will be classified and bisected into dual forms. Public service/Office work Appstore is established in commercial network and guarantees the mobile safety through virtualization technology and enhanced user/device authentication. Military Operation Appstore accommodates the basic functionality of commercial appstores according the application life cycle and provides additional security measures through procedures such as user identification through H/W cryptographic module. This Appstore will have to be established in the physically separate platform from the Public Service/Office Work Appstore.
Military Mobile App Security Verification Center detects and eliminates the security vulnerabilities of Mobile applications that are developed and introduced and provides thorough security verification that validates the security standards. This verification center is installed in the tactical network and performs online verification tasks through real-time interlock with the Military Operation Appstore, a static analysis of source codes recived from each App Store, and a dynamic analysis to that studies the patterns of behavior and the operating environment by actually running applications. Also DPI(Deep Packet Inspection) is designed to link to the backbone(Back-Bone) network of military operations Appstore and verifies the stability and pertinence of the encryption algorithm and password and checked real-time.
These security measures can prevent the exploitation of military security and block the security threats such as sensitive data interception by internal or external forces, private military material spills and malignant alterations and use or developed mobile applications in advance. The development and securement of mobile security-related technology is also meaningful in that it equips the necessary security support abilities that prepare for the future battlefield environment.