search

nikolamilosevic86 / owasp-seraphimdroid

OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.
https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project
GNU General Public License v3.0
65 stars 31 forks source link

Compile an in app mobile application security knowledge source #19

Closed nikolamilosevic86 closed 8 years ago

nikolamilosevic86 commented 9 years ago

This is both documentation and development task. It is necessary to have a knowledge source as an frame in the application so users can read about various risks and threats in mobile world. Also it would be good to be uneatable database that updates data from an API hosted on for example OpenShift. OpenShift app has to have log in interface and interface where new items can be added, with risk levels.

Permission scanner has to be updated as well with the knowledge of malicious use of permissions.

furquan1993 commented 8 years ago

Could you please provide more details about the OpenShift app. What will be the purpose and how it is suppose to be hosted.

nikolamilosevic86 commented 8 years ago

OpenShift is a platform as a service provider, who can provide free hosting for java, python or ruby based application with mySQL server (https://www.openshift.com/). Basic idea is to build an REST application or API that can be read by Seraphimdroid app. This API will provide content for malicious and normal use of permission as we have them now, but as well some other knowledge source (use of encryption, secure use of WiFi, etc.). Also it will provide some tree-like structure, that will generate GUI in Seraphimdroid, so maintainer of knowledge base can add, delete or modify information and it can be automatically reflected on the app, when it downloads content. Web app should have some login and administration interface where administrator and colaborators can add, edit and delete provided information.

Does this sound good to you? Is there still something that confuses you?

furquan1993 commented 8 years ago

This sound good. Lets decide on the REST architecture we will be using for creating a data source using OpenShift. I would like to learn using the platform as well as REST implementation while making the app better.

nikolamilosevic86 commented 8 years ago

Of course, go for REST, it is good approach.

addiittya2006 commented 8 years ago

Is there any significant work done or going on already on this? Implementing an API with REST and Displaying the Knowledge Data in the separate fragment would be great. [Assign me to this and add me to Seraphimdroid]

nikolamilosevic86 commented 8 years ago

No, not really. You are assigned and I have added you as collaborator to the project.

addiittya2006 commented 8 years ago

Implemented. Please Report Bugs & Reopen Issue.