{"id":"https://openalex.org/W3011084217","doi":"https://doi.org/10.3233/jcs-191350","title":"A multi-party, fine-grained permission and policy enforcement framework for hybrid mobile applications","display_name":"A multi-party, fine-grained permission and policy enforcement framework for hybrid mobile applications","publication_year":2020,"publication_date":"2020-03-09","ids":{"openalex":"https://openalex.org/W3011084217","doi":"https://doi.org/10.3233/jcs-191350","mag":"3011084217"},"language":"en","primary_location":{"id":"doi:10.3233/jcs-191350","is_oa":false,"landing_page_url":"https://doi.org/10.3233/jcs-191350","pdf_url":null,"source":{"id":"https://openalex.org/S106992369","display_name":"Journal of Computer Security","issn_l":"0926-227X","issn":["0926-227X","1875-8924"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5090788160","display_name":"Phu H. Phung","orcid":"https://orcid.org/0000-0002-4674-1184"},"institutions":[{"id":"https://openalex.org/I127591826","display_name":"University of Dayton","ror":"https://ror.org/021v3qy27","country_code":"US","type":"education","lineage":["https://openalex.org/I127591826"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Phu H. Phung","raw_affiliation_strings":["Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0,\u00a0,\u00a0,\u00a0","Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0phu@udayton.edu,\u00a0sunkaralakuntavenkr1@udayton.edu,\u00a0caps01@udayton.edu,\u00a0piercea7@udayton.edu"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0,\u00a0,\u00a0,\u00a0","institution_ids":["https://openalex.org/I127591826"]},{"raw_affiliation_string":"Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0phu@udayton.edu,\u00a0sunkaralakuntavenkr1@udayton.edu,\u00a0caps01@udayton.edu,\u00a0piercea7@udayton.edu","institution_ids":["https://openalex.org/I127591826"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043595996","display_name":"Rakesh Sunkaralakunta Venkatarama Reddy","orcid":null},"institutions":[{"id":"https://openalex.org/I127591826","display_name":"University of Dayton","ror":"https://ror.org/021v3qy27","country_code":"US","type":"education","lineage":["https://openalex.org/I127591826"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rakesh S.V. Reddy","raw_affiliation_strings":["Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0,\u00a0,\u00a0,\u00a0","Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0phu@udayton.edu,\u00a0sunkaralakuntavenkr1@udayton.edu,\u00a0caps01@udayton.edu,\u00a0piercea7@udayton.edu"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0,\u00a0,\u00a0,\u00a0","institution_ids":["https://openalex.org/I127591826"]},{"raw_affiliation_string":"Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0phu@udayton.edu,\u00a0sunkaralakuntavenkr1@udayton.edu,\u00a0caps01@udayton.edu,\u00a0piercea7@udayton.edu","institution_ids":["https://openalex.org/I127591826"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041469694","display_name":"Steven Cap","orcid":null},"institutions":[{"id":"https://openalex.org/I127591826","display_name":"University of Dayton","ror":"https://ror.org/021v3qy27","country_code":"US","type":"education","lineage":["https://openalex.org/I127591826"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Steven Cap","raw_affiliation_strings":["Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0,\u00a0,\u00a0,\u00a0","Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0phu@udayton.edu,\u00a0sunkaralakuntavenkr1@udayton.edu,\u00a0caps01@udayton.edu,\u00a0piercea7@udayton.edu"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0,\u00a0,\u00a0,\u00a0","institution_ids":["https://openalex.org/I127591826"]},{"raw_affiliation_string":"Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0phu@udayton.edu,\u00a0sunkaralakuntavenkr1@udayton.edu,\u00a0caps01@udayton.edu,\u00a0piercea7@udayton.edu","institution_ids":["https://openalex.org/I127591826"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072034945","display_name":"Anthony Pierce","orcid":null},"institutions":[{"id":"https://openalex.org/I127591826","display_name":"University of Dayton","ror":"https://ror.org/021v3qy27","country_code":"US","type":"education","lineage":["https://openalex.org/I127591826"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anthony Pierce","raw_affiliation_strings":["Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0,\u00a0,\u00a0,\u00a0","Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0phu@udayton.edu,\u00a0sunkaralakuntavenkr1@udayton.edu,\u00a0caps01@udayton.edu,\u00a0piercea7@udayton.edu"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0,\u00a0,\u00a0,\u00a0","institution_ids":["https://openalex.org/I127591826"]},{"raw_affiliation_string":"Intelligent Systems Security Lab, Department of Computer Science, University of Dayton, Dayton, OH, USA. E-mails:\u00a0phu@udayton.edu,\u00a0sunkaralakuntavenkr1@udayton.edu,\u00a0caps01@udayton.edu,\u00a0piercea7@udayton.edu","institution_ids":["https://openalex.org/I127591826"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5009946743","display_name":"Abhinav Mohanty","orcid":null},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Abhinav Mohanty","raw_affiliation_strings":["Department of Software and Information Systems, University of North Carolina at Charlotte, Charlotte, NC, USA. E-mails:\u00a0,\u00a0","Department of Software and Information Systems, University of North Carolina at Charlotte, Charlotte, NC, USA. E-mails:\u00a0amohant1@uncc.edu,\u00a0msridhar@uncc.edu"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Software and Information Systems, University of North Carolina at Charlotte, Charlotte, NC, USA. E-mails:\u00a0,\u00a0","institution_ids":["https://openalex.org/I102149020"]},{"raw_affiliation_string":"Department of Software and Information Systems, University of North Carolina at Charlotte, Charlotte, NC, USA. E-mails:\u00a0amohant1@uncc.edu,\u00a0msridhar@uncc.edu","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5045593113","display_name":"Meera Sridhar","orcid":"https://orcid.org/0000-0002-7508-5024"},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Meera Sridhar","raw_affiliation_strings":["Department of Software and Information Systems, University of North Carolina at Charlotte, Charlotte, NC, USA. E-mails:\u00a0,\u00a0","Department of Software and Information Systems, University of North Carolina at Charlotte, Charlotte, NC, USA. E-mails:\u00a0amohant1@uncc.edu,\u00a0msridhar@uncc.edu"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Software and Information Systems, University of North Carolina at Charlotte, Charlotte, NC, USA. E-mails:\u00a0,\u00a0","institution_ids":["https://openalex.org/I102149020"]},{"raw_affiliation_string":"Department of Software and Information Systems, University of North Carolina at Charlotte, Charlotte, NC, USA. E-mails:\u00a0amohant1@uncc.edu,\u00a0msridhar@uncc.edu","institution_ids":["https://openalex.org/I102149020"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5090788160"],"corresponding_institution_ids":["https://openalex.org/I127591826"],"apc_list":null,"apc_paid":null,"fwci":0.3039,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.5153811,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":"28","issue":"3","first_page":"375","last_page":"404"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9868999719619751,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9854999780654907,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/permission","display_name":"Permission","score":0.9487439393997192},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7784973978996277},{"id":"https://openalex.org/keywords/stateful-firewall","display_name":"Stateful firewall","score":0.7322415709495544},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.6691699624061584},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.6226372718811035},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.5433093309402466},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.539872407913208},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.43245142698287964},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.32644590735435486},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17803797125816345}],"concepts":[{"id":"https://openalex.org/C2779089604","wikidata":"https://www.wikidata.org/wiki/Q7169333","display_name":"Permission","level":2,"score":0.9487439393997192},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7784973978996277},{"id":"https://openalex.org/C22927095","wikidata":"https://www.wikidata.org/wiki/Q1784206","display_name":"Stateful firewall","level":3,"score":0.7322415709495544},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.6691699624061584},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.6226372718811035},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.5433093309402466},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.539872407913208},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.43245142698287964},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.32644590735435486},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17803797125816345},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.3233/jcs-191350","is_oa":false,"landing_page_url":"https://doi.org/10.3233/jcs-191350","pdf_url":null,"source":{"id":"https://openalex.org/S106992369","display_name":"Journal of Computer Security","issn_l":"0926-227X","issn":["0926-227X","1875-8924"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":54,"referenced_works":["https://openalex.org/W36927914","https://openalex.org/W38766468","https://openalex.org/W53797064","https://openalex.org/W163930933","https://openalex.org/W190551272","https://openalex.org/W1530054426","https://openalex.org/W1565125975","https://openalex.org/W1617255795","https://openalex.org/W1849635621","https://openalex.org/W1981838014","https://openalex.org/W2032042254","https://openalex.org/W2032095999","https://openalex.org/W2039999720","https://openalex.org/W2044852276","https://openalex.org/W2066428817","https://openalex.org/W2083785453","https://openalex.org/W2084871158","https://openalex.org/W2105412867","https://openalex.org/W2121194882","https://openalex.org/W2123582298","https://openalex.org/W2143599789","https://openalex.org/W2148009765","https://openalex.org/W2188542699","https://openalex.org/W2296433359","https://openalex.org/W2299742799","https://openalex.org/W2304020471","https://openalex.org/W2308606615","https://openalex.org/W2404526437","https://openalex.org/W2514626402","https://openalex.org/W2536021772","https://openalex.org/W2547170582","https://openalex.org/W2552558407","https://openalex.org/W2743584055","https://openalex.org/W2743935079","https://openalex.org/W2764029594","https://openalex.org/W2770225980","https://openalex.org/W2781246331","https://openalex.org/W2792117458","https://openalex.org/W2794889514","https://openalex.org/W2796115009","https://openalex.org/W2803945703","https://openalex.org/W2883505267","https://openalex.org/W2884623841","https://openalex.org/W2892213983","https://openalex.org/W2901584140","https://openalex.org/W2905513714","https://openalex.org/W2907494269","https://openalex.org/W2932518005","https://openalex.org/W2937251647","https://openalex.org/W2943785747","https://openalex.org/W2945710818","https://openalex.org/W2994067338","https://openalex.org/W2994802389","https://openalex.org/W4252921520"],"related_works":["https://openalex.org/W2316685381","https://openalex.org/W3003485427","https://openalex.org/W2056388267","https://openalex.org/W2249350383","https://openalex.org/W4210309948","https://openalex.org/W2755037920","https://openalex.org/W2374393728","https://openalex.org/W4388923452","https://openalex.org/W2072937473","https://openalex.org/W3211901564"],"abstract_inverted_index":{"In":[0,123,151],"hybrid":[1,19,34,95,148,251,270],"mobile":[2,70,149,159,276],"applications":[3],"(apps),":[4],"the":[5,54,58,74,78,102,107,111,120,154,192,237,264],"core":[6],"code":[7,16,59,66],"of":[8,57,119,219,239,247],"an":[9,189],"app":[10,71,173,190],"is":[11,45,49,164,266],"in":[12,17,68,110,147,158,228,250],"JavaScript.":[13],"Any":[14],"JavaScript":[15,29,42,65],"a":[18,33,69,87,93,128],"app,":[20],"local":[21],"or":[22,92,99],"remote,":[23],"can":[24,72,226,233,242],"access":[25,38,73],"available":[26],"APIs,":[27],"including":[28],"bridges":[30],"provided":[31],"by":[32,196,254],"development":[35,193,271],"framework,":[36],"to":[37,52,60,86,133,153,175,201,206,235],"device":[39,75,103],"resources.":[40],"This":[41,168],"inclusion":[43],"capability":[44],"dangerous":[46],"since":[47],"there":[48],"no":[50],"mechanism":[51],"determine":[53],"origin":[55],"(party)":[56],"control":[61],"access.":[62],"Moreover,":[63],"any":[64],"running":[67],"resources":[76,104],"through":[77],"exposed":[79],"APIs.":[80],"Previous":[81],"solutions":[82,116],"are":[83],"either":[84],"limited":[85],"particular":[88],"platform":[89],"(e.g.,":[90,97],"Android)":[91],"specific":[94],"framework":[96,132,265],"Cordova)":[98],"only":[100],"protect":[101,207,236],"and":[105,138,166,241],"disregard":[106],"sensitive":[108],"elements":[109],"web":[112],"environment.":[113],"Furthermore,":[114],"most":[115],"require":[117],"modification":[118],"base":[121],"platform.":[122],"this":[124],"article,":[125],"we":[126,215],"propose":[127],"novel":[129],"policy":[130,231],"enforcement":[131],"enforce":[134],"useful":[135],"fine-grained":[136],"security":[137],"privacy":[139,238],"policies":[140,223],"based":[141],"on":[142],"permission":[143,156,162,170,186,213],"for":[144,177],"each":[145],"party":[146],"apps.":[150],"contrast":[152],"conventional":[155],"model":[157],"apps,":[160,252],"our":[161,185,255],"specification":[163,171,187],"platform-agnostic":[165],"context-aware.":[167],"new":[169],"allows":[172,199],"developers":[174,225],"customize":[176],"different":[178],"parties":[179],"over":[180,273],"single":[181],"permission.":[182],"We":[183],"integrate":[184],"into":[188],"at":[191,204],"phase;":[194],"however,":[195],"design,":[197],"it":[198],"end-users":[200],"adjust":[202],"parameters":[203],"runtime":[205],"their":[208],"privacy.":[209],"Together":[210],"with":[211,268,278],"multi-party":[212],"patterns,":[214],"introduce":[216],"comprehensive":[217],"classes":[218],"expensive":[220],"fine-grained,":[221],"stateful":[222],"that":[224,263],"deploy":[227],"practice.":[229],"These":[230],"patterns":[232],"help":[234],"users":[240],"also":[243,261],"mitigate":[244],"significant":[245],"types":[246],"potential":[248],"attacks":[249],"evidenced":[253],"real-world":[256],"evaluation.":[257],"Our":[258],"experimental":[259],"results":[260],"demonstrate":[262],"compatible":[267],"various":[269],"frameworks":[272],"two":[274],"major":[275],"platforms,":[277],"lightweight":[279],"overhead.":[280]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1}],"updated_date":"2026-05-04T08:30:34.212998","created_date":"2025-10-10T00:00:00"}