{"id":"https://openalex.org/W4383221428","doi":"https://doi.org/10.1145/3579856.3582812","title":"Symbolic modelling of remote attestation protocols for device and app integrity on Android","display_name":"Symbolic modelling of remote attestation protocols for device and app integrity on Android","publication_year":2023,"publication_date":"2023-07-05","ids":{"openalex":"https://openalex.org/W4383221428","doi":"https://doi.org/10.1145/3579856.3582812"},"language":"en","primary_location":{"id":"doi:10.1145/3579856.3582812","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3579856.3582812","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3579856.3582812","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3579856.3582812","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5016709457","display_name":"Abdulla Aldoseri","orcid":"https://orcid.org/0000-0002-4959-6832"},"institutions":[{"id":"https://openalex.org/I79619799","display_name":"University of Birmingham","ror":"https://ror.org/03angcq70","country_code":"GB","type":"education","lineage":["https://openalex.org/I79619799"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Abdulla Aldoseri","raw_affiliation_strings":["School of Computer Science, University of Birmingham, UK and College of information technology, computer science department, Univerity oif Bahrain, Bahrain"],"affiliations":[{"raw_affiliation_string":"School of Computer Science, University of Birmingham, UK and College of information technology, computer science department, Univerity oif Bahrain, Bahrain","institution_ids":["https://openalex.org/I79619799"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020004082","display_name":"Tom Chothia","orcid":"https://orcid.org/0000-0002-9381-1368"},"institutions":[{"id":"https://openalex.org/I79619799","display_name":"University of Birmingham","ror":"https://ror.org/03angcq70","country_code":"GB","type":"education","lineage":["https://openalex.org/I79619799"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Tom Chothia","raw_affiliation_strings":["School of Computer Science, University of Birmingham, UK"],"affiliations":[{"raw_affiliation_string":"School of Computer Science, University of Birmingham, UK","institution_ids":["https://openalex.org/I79619799"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025248429","display_name":"Jos\u00e9 Moreira","orcid":"https://orcid.org/0000-0002-3210-4504"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jose Moreira","raw_affiliation_strings":["Valory AG, Switzerland"],"affiliations":[{"raw_affiliation_string":"Valory AG, Switzerland","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5080836958","display_name":"David Oswald","orcid":"https://orcid.org/0000-0001-8524-5282"},"institutions":[{"id":"https://openalex.org/I79619799","display_name":"University of Birmingham","ror":"https://ror.org/03angcq70","country_code":"GB","type":"education","lineage":["https://openalex.org/I79619799"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"David Oswald","raw_affiliation_strings":["School of Computer Science, University of Birmingham, UK"],"affiliations":[{"raw_affiliation_string":"School of Computer Science, University of Birmingham, UK","institution_ids":["https://openalex.org/I79619799"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5016709457"],"corresponding_institution_ids":["https://openalex.org/I79619799"],"apc_list":null,"apc_paid":null,"fwci":1.3947,"has_fulltext":true,"cited_by_count":7,"citation_normalized_percentile":{"value":0.81861013,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"218","last_page":"231"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.879878580570221},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8116956949234009},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6801311373710632},{"id":"https://openalex.org/keywords/android-app","display_name":"Android app","score":0.4920770525932312},{"id":"https://openalex.org/keywords/direct-anonymous-attestation","display_name":"Direct Anonymous Attestation","score":0.4696478247642517},{"id":"https://openalex.org/keywords/trusted-computing","display_name":"Trusted Computing","score":0.46136894822120667},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.45594534277915955},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.4533514380455017},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.432686448097229},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3992140591144562}],"concepts":[{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.879878580570221},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8116956949234009},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6801311373710632},{"id":"https://openalex.org/C2988045736","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android app","level":3,"score":0.4920770525932312},{"id":"https://openalex.org/C169796023","wikidata":"https://www.wikidata.org/wiki/Q3708936","display_name":"Direct Anonymous Attestation","level":3,"score":0.4696478247642517},{"id":"https://openalex.org/C2776831232","wikidata":"https://www.wikidata.org/wiki/Q966812","display_name":"Trusted Computing","level":2,"score":0.46136894822120667},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.45594534277915955},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.4533514380455017},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.432686448097229},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3992140591144562}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3579856.3582812","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3579856.3582812","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3579856.3582812","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:pure.atira.dk:openaire_cris_publications/035475bd-ca21-4823-92f2-8c19ac16b51c","is_oa":true,"landing_page_url":"https://research.birmingham.ac.uk/en/publications/035475bd-ca21-4823-92f2-8c19ac16b51c","pdf_url":"https://pure-oai.bham.ac.uk/ws/files/187057937/Symbolic_verification_for_device_and_application_integrity_remote_attestation_protocols_on_Android.pdf","source":{"id":"https://openalex.org/S4306402634","display_name":"University of Birmingham Research Portal (University of Birmingham)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I79619799","host_organization_name":"University of Birmingham","host_organization_lineage":["https://openalex.org/I79619799"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Aldoseri, A, Chothia, T, Moreira-Sanchez, J & Oswald, D 2023, Symbolic Modelling of Remote Attestation Protocols for Device and App Integrity on Android. in J Liu, Y Xiang, S Nepal & G Tsudik (eds), ASIA CCS '23 : Proceedings of the 2023 ACM on Asia Conference on Computer and Communications Security. Association for Computing Machinery (ACM), pp. 218\u2013231, 18th ACM ASIA Conference on Computer and Communications Security , Melbourne, Victoria, Australia, 10/07/23. https://doi.org/10.1145/3579856.3582812","raw_type":"contributionToPeriodical"}],"best_oa_location":{"id":"doi:10.1145/3579856.3582812","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3579856.3582812","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3579856.3582812","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G4143678509","display_name":"CAP-TEE: Capability Architectures for Trusted Execution","funder_award_id":"EP/V000454/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G5408894512","display_name":null,"funder_award_id":"EP/R012598/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G6806125592","display_name":"User-controlled hardware security anchors: evaluation and designs","funder_award_id":"EP/R012598/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G8682795926","display_name":null,"funder_award_id":"EP/R007128/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320321167","display_name":"University of Bahrain","ror":"https://ror.org/0317ekv86"},{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4383221428.pdf","grobid_xml":"https://content.openalex.org/works/W4383221428.grobid-xml"},"referenced_works_count":18,"referenced_works":["https://openalex.org/W146244851","https://openalex.org/W1966709388","https://openalex.org/W1973054120","https://openalex.org/W2021362805","https://openalex.org/W2029693536","https://openalex.org/W2030988895","https://openalex.org/W2088944946","https://openalex.org/W2168872572","https://openalex.org/W2296362039","https://openalex.org/W2399358552","https://openalex.org/W2583401910","https://openalex.org/W2586267117","https://openalex.org/W2765394779","https://openalex.org/W2769669597","https://openalex.org/W3007246675","https://openalex.org/W3174739799","https://openalex.org/W3213708112","https://openalex.org/W4206394680"],"related_works":["https://openalex.org/W2372678089","https://openalex.org/W2695299078","https://openalex.org/W2355956995","https://openalex.org/W2390768934","https://openalex.org/W2350048275","https://openalex.org/W2086874776","https://openalex.org/W2168345601","https://openalex.org/W2377235694","https://openalex.org/W2028268185","https://openalex.org/W2386609167"],"abstract_inverted_index":{"Ensuring":[0],"the":[1,12,17,32,37,65,85,94,126,149,156],"integrity":[2],"of":[3,11,97,139,155,186],"a":[4,104,113,170,183],"remote":[5,47],"app":[6,34,115],"or":[7,35],"device":[8],"is":[9],"one":[10,154],"most":[13,157],"challenging":[14,158],"concerns":[15],"for":[16,130,179],"Android":[18,60,131,161],"ecosystem.":[19],"Software-based":[20],"solutions":[21],"provide":[22,45],"limited":[23],"protection":[24,172,178],"and":[25,56,59,88,122,148,167],"can":[26,141],"usually":[27],"be":[28,142],"circumvented":[29],"by":[30,68],"repacking":[31],"mobile":[33,180],"rooting":[36],"device.":[38],"Newer":[39],"protocols":[40,66],"use":[41,128],"trusted":[42],"hardware":[43,184],"to":[44,116,152],"stronger":[46],"attestation":[48],"guarantees,":[49],"e.g.,":[50],"Google":[51],"SafetyNet,":[52],"Samsung":[53,108],"Knox":[54,109],"(V2":[55],"V3":[57],"attestation),":[58],"Key":[61,132],"Attestation.":[62],"So":[63],"far,":[64],"used":[67],"these":[69,82],"systems":[70],"have":[71],"received":[72],"relatively":[73],"little":[74],"attention.":[75],"In":[76],"this":[77],"paper,":[78],"we":[79,102],"formally":[80,168],"model":[81,96],"platforms":[83,151],"using":[84,182],"Tamarin":[86],"Prover":[87],"verify":[89],"their":[90],"security":[91],"properties":[92],"in":[93,125,160],"symbolic":[95],"cryptography,":[98],"revealing":[99],"two":[100],"vulnerabilities:":[101],"found":[103],"relay":[105],"attack":[106],"against":[107],"V2":[110],"that":[111,134,136,174],"allows":[112],"malicious":[114],"masquerade":[117],"as":[118],"an":[119,123],"honest":[120],"app,":[121],"error":[124],"recommended":[127],"case":[129],"Attestation":[133],"means":[135],"old\u2014possibly":[137],"out":[138],"date\u2014attestations":[140],"replayed.":[143],"We":[144],"employed":[145],"our":[146],"findings":[147],"modelled":[150],"tackle":[153],"problems":[159],"security,":[162],"namely":[163],"code":[164,171,177],"protection,":[165],"proposing":[166],"modelling":[169],"scheme":[173],"ensures":[175],"source":[176],"apps":[181],"root":[185],"trust.":[187]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":1}],"updated_date":"2026-03-25T14:56:36.534964","created_date":"2025-10-10T00:00:00"}