Securing the Over-the-Air Software Update Process for Mobile Applications

Protecting the Integrity of the Over-the-Air Software Update Process: Recommended Security Controls

Prev Question Next Question

Question

A software company is releasing a new mobile application to a broad set of external customers.

Because the software company is rapidly releasing new features, it has built in an over-the-air software update process that can automatically update the application at launch time.

Which of the following security controls should be recommended by the company's security architect to protect the integrity of the update process? (Choose two.)

Answers

A. Validate cryptographic signatures applied to software updates

B. Perform certificate pinning of the associated code signing key

C. Require HTTPS connections for downloads of software updates

D. Ensure there are multiple download mirrors for availability

E. Enforce a click-through process with user opt-in for new features.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

AB.

The software company's security architect should recommend the following security controls to protect the integrity of the update process:

A. Validate cryptographic signatures applied to software updates: This security control ensures that the software update is from a trusted source and has not been tampered with in transit. Cryptographic signatures are applied to software updates by the developer to verify their authenticity. The application should be designed to validate these cryptographic signatures before installing the software update.

B. Perform certificate pinning of the associated code signing key: Certificate pinning is a process that involves associating a specific certificate or public key with a particular domain or service. By performing certificate pinning of the associated code signing key, the mobile application can ensure that it only receives software updates from the trusted server and that the update process is not vulnerable to man-in-the-middle attacks.

C. Require HTTPS connections for downloads of software updates: HTTPS ensures that communication between the mobile application and the server is encrypted and that the server is authenticated. By requiring HTTPS connections for downloads of software updates, the mobile application can ensure that the update process is not vulnerable to interception and tampering.

D. Ensure there are multiple download mirrors for availability: This control can ensure that users can download the software update from different locations, even if one location is unavailable. However, it does not necessarily protect the integrity of the software update itself.

E. Enforce a click-through process with user opt-in for new features: This control ensures that users are aware of and agree to the new features before they are installed. However, it does not necessarily protect the integrity of the software update itself.

In conclusion, the security architect should recommend validating cryptographic signatures applied to software updates and performing certificate pinning of the associated code signing key to protect the integrity of the update process. Additionally, requiring HTTPS connections for downloads of software updates can further enhance the security of the update process.

Prev Question Next Question