Guidance for Secure Authorization of Mobile Applications in the Corporate Environment

McKay, Kerry; Quill, Kim; Witte, Gregory

ITL Bulletin

Guidance for Secure Authorization of Mobile Applications in the Corporate Environment

Documentation Topics

Date Published: March 2015

Author(s)

Kerry McKay (NIST), Kim Quill (G2), Gregory Witte (G2)

Abstract

This bulletin provides an overview of NIST Special Publication (SP) 800-163, "Vetting the Security of Mobile Applications." The NIST SP helps organizations understand the process for vetting the security of mobile applications, plan for the implementation of an app vetting process, develop app security requirements, understand the types of app vulnerabilities and the testing methods used to detect those vulnerabilities, and determine if an app is acceptable for deployment on the organization's mobile devices.

Keywords

app vetting; apps; malware; mobile devices; security requirements; security vetting; smartphones; software assurance; software security; software testing; software vetting

Control Families

Planning; Risk Assessment; System and Communications Protection

Documentation

Publication:
March 2015 ITL Bulletin

Supplemental Material:
None available

Document History:
03/19/15: ITL Bulletin (Final)

Topics

Security and Privacy
planning; security automation; threats; vulnerability management

Technologies
mobile