Lortz, SteffenSteffenLortzMantel, HeikoHeikoMantelStarostin, ArtemArtemStarostinBähr, TimoTimoBährSchneider, DavidDavidSchneiderWeber, AlexandraAlexandraWeber2022-11-012022-11-012014-11-074th ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM 2014)http://hdl.handle.net/11420/13863Modern mobile devices store and process an abundance of data. Although many users consider some of this data as private, they do not yet obtain satisfactory support for con- Trolling what applications might do with their data. In this article, we propose Cassandra, a tool that enables users of mobile devices to check whether Android apps comply with their personal privacy requirements before in- stalling these apps. Beyond this, Cassandra implements the core functionality of a conventional app store, including the browsing of available apps and the delivery of apps for instalation. Cassandra performs the security analysis of apps on a server. However, a user does not need to trust this server be- cause Cassandra employs the proof-carrying code paradigm such that the server's analysis result can be validated on the client. We have proven that Cassandra's security analysis soundly detects all potential information leaks, i.e., allows of information that violate a user's privacy policy.enMobilityProof-carrying codeSoftware securityInformatikConference Paper10.1145/2666620.2666631Other