文件名称:手机的移动软件安全知识和防范
文件大小:24KB
文件格式:DOCX
更新时间:2014-08-14 03:22:57
威胁减灾
authentication An adversary can download the client on a laptop/desktop and use its insecurities for malicious purposes An adversary can use the auto-complete feature to access a valid user’s account. • Transfer the bank’s and vendor’s public key for encryption purposes. There can be two keys generated for the vendor; one for storage and one for data transmission. • The client files/folders are installed on the phone and not in the memory card. • The files and folders should be restricted from being transferred to a memory card or pc/laptop. The access to these files should only be through the executable and not directly. • The installer should be removed after installation. • Application should not allow auto-complete feature.