Vulnerability evaluation for securely offloading mobile apps in the cloud

Abstract

The increasing complexity and explosive growth of smartphone applications, together with the more prevalent use of cloud computing, have inspired strong motivation for offloading computation of mobile apps to the cloud. However, there exist vulnerabilities in apps if they are offloaded in public cloud environment. In this paper, we argue that keeping sensitive information to a local device with other information offloaded would significantly reduce threats from the cloud while enjoy the benefits of cloud computing. Our mechanism divides an app into multiple parts and offloads the less vulnerable parts. To decide which parts should be kept locally to a mobile device, we develop an approach that can decide the impact of a component part (down to an individual object) on the overall vulnerability of an app. We demonstrate how our approach can be implemented with real mobile cloud applications.