• Home
  • |
  • blog

  • |
  • Security issues to be consider...

Security issues to be considered in the native app era | Business+IT

Written By mobilephonebrand

Solve business issues by fusion of IT and management

What is business + IT?

Login

E -mail magazine registration

business expansion

Started automatic driving dispatch tests in Toyota and Aurora, USA, Texas

2022/03/24

It is necessary to increase the easing position to achieve the price target and the powerful growth orbital = Bank of Bank of Bank of Japan

2022/03/24

Yen market price, 121 yen 20-21 yen = as of noon on the 24th

2022/03/24

Sales Strategy

Farewell!"Uzai" Mobile ads, what is the timing of "piercing" for consumers that can be understood in cases

2022/03/10

What is the method of achieving 130 % increase in satisfaction with "improving customer experience" and "double efficiency" challenged by TEPCO.

2022/03/09

How to proceed with "Sales DX" directly connected to the results, which the author "Sales is"

2022/03/04

Cost reduction

What is the dangerous "SAP 2027 problem", how to "halve" the transition period and cost?

Special

2022/03/16

Is there a way to digitize the paper documents that remains, and to shake the telework ...?

2022/03/16

A problem with "taxi receipt" problem, how to solve the hassle of all stakeholders

2022/02/09

Organizational reform

"Law revision is an urgent need for an urgent task" How do you see Japan, which is not discussed?

2022/03/23

Act Group centrally manages about 20 account information and reduces business hours to "1/3"

2022/03/18

Business improvement professionals talk about the "corporate culture" that blocks DX, and the introduction of tools without thinking only creates bad habits?

2022/03/18

Production and manufacturing

Sinking "paper media", remaining "inefficient" ... how to proceed with the necessary "publishing DX"

Special

2022/03/23

What is amazing about Walmart ZARA and UNIQLO?The reason for the "logistics" of the retail industry is super important

2022/02/21

Why did Daikin Industries become the world's top share?Back side of inverter air conditioner development

2022/02/15

crisis management

How dangerous is Japan if the crude oil "1 barrel = over $ 100" continues?

2022/03/18

How did you take measures at that time, the change in cyber attacks?"Information leaks in the WinMX era" "Wannacry"

2022/03/17

What is the influence of Russian sanctions "Swift exclusion"?Why is it called the "nuclear weapon" of finance?

2022/03/09

compliance

The reason for the "sustainable product" hit to ask experts, what is the change in the consumer mind behind

2021/12/24

"Serious SDGs" promoted by L'Oreal, already achieved carbon neutral with almost all facilities

2021/09/28

Why was Apple's "Child Porn Detection Technology" program postponed and was criticized from the United States?

2021/09/077

Energy saving and environmental support

What is the US victory for the expulsion of Russian crude oil?Shale mining is not possible immediately

2022/03/11

[Exclusive publication] Three points seen in the sustainability survey of 110 companies

2022/01/27

The relationship between the triple bottom line of people, environment, and profits, which also work on Ajinomoto

2021/11/19

By industry / scale

Russia support?The threat of the malware "HERMETICWIPER" that attacked Ukraine

2022/03/24

Easy -to -understand explanation of the "5th Industrial Revolution", what is the latest trends in Germany, the United States, China and Japan?

2022/03/24

[19 graph] What are the EV shifts, autonomous driving, and Japanese issues seen in 1000 automobile executives?

2022/03/22

  • ITジャンル

    IT strategy

    Audrey Tan also talks about digital "zero limit cost"

    2022/03/23

    The reason why Audrey Tan says, "Digital and IT are completely different things" for Japanese people

    2022/03/09

    Why is "medical digitalization" delayed?What are the Japanese issues and solutions indicated by 12,000 people survey?

    2022/03/07

    Core system

    How can more than half of the person in charge do stress and data analysis "before"?

    Special

    2022/03/09

    Why should we respond now to the "Revised Electronic Book Storage Law", which has been deferred for two years?

    2022/02/08

    What are the tips for "data linkage that rejoices on the site"?How to promote "automation" without programming

    2022/01/24

    Information system

    Kao's secret of "data utilization strategy", OMO infrastructure that deepens customer understanding beyond "mere analysis"

    Special

    2022/03/23

    The reason why the time of the person's inquiry of Persol Tempstaff was "dramatically improved"

    2022/03/22

    How do you get "awareness" from your "qualitative data", such as twitter tweets?

    2022/03/18

    Operation management

    Just one thing to prepare before upgrading to Windows 11

    2022/03/17

    Ransomware is still 1st, increasing supply chain attacks, latest trends in cyber threats

    2022/03/11

    Does "server power consumption" pull AI and machine learning feet?What is the suffering unique to high performance?

    2022/03/08

    Security

    脱・10年前のSecurity、専門家が解説「自社を守るための5つの強化ステップ」

    Special

    2022/03/24

    Security強化につながる「リモート環境・構築術」、2つの成功事例を解説

    2022/03/23

    "PPAP" The fundamental task of PPAP that the name of the name tells.What are the three major bad habits that stagnate Japanese companies?

    2022/03/22

    network

    What is the first place to be worried about in the World Market Survey of IoT investment (Part 2)?Is the investment standard "cost" after all?

    2022/01/26

    World Market Survey of IoT Investment (Part 1), what are the top 10?Commentary along with successful cases

    2022/01/25

    The 6 major trends in the IoT market in 2022, 42 % are willing to invest aggressively investment.

    2021/12/23

    mobile

    テレワークで負荷増のデバイスSecurity、もっと柔軟で効率的な方法はないのか

    Special

    2021/04/02

    テレワーク最大の懸念…“Security確保”がそう簡単ではない理由

    2020/08/28

    IEEE802.What is 11ax (Wi-Fi 6)?Details of the latest wireless LAN standards to understand with 5 benefits

    2020/06/03

    hardware

    Eight companies such as Pana and Honda have launched the association, the spread of delivery robots and future issues

    2022/03/03

    The possibility of the data sharing that the first person in the storage talks about the Super City that sprout in Tohoku?

    2022/02/09

    "Intelligent robot" and "data driven" change the warehouse and factory

    2022/02/03

    development

    "I can't get results" even though I introduced RPA?Common points of failed companies

    Special

    2022/03/04

    Introducing what CI/CD is, with easy -to -understand illustrations, specific tools and approaches.

    2022/03/0101

    ローコード/ノーコードdevelopment市場が24.Significantly increased by 3 %, to 100 billion yen in 2023

    2022/02/18

  • イベント・セミナー
  • Special
  • ムービー
  • FinTech Journal
  • E -mail magazine registration

  • What is business + IT?

    ネイティブアプリ時代に考えるべきSecurity問題 |ビジネス+IT

  • Sales Strategy
  • Cost reduction
  • Organizational reform
  • Production and manufacturing
  • crisis management
  • compliance
  • Energy saving and environmental support
  • By industry / scale
  • Core system
  • Information system
  • Operation management
  • Security
  • network
  • mobile
  • hardware
  • development
  • Related genre

    ネイティブアプリ時代に考えるべきSecurity問題

    Browser vs. in the world of smartphone apps. ネイティブアプリの論争が決着しつつあるのをご存じだろうか。中でもゲームプラットフォームのトレンドシフトは急速に進んでおり、以前のブラウザ型カードアプリは、ガンホーの「パズドラ」に代表されるようなネイティブアプリにとって代わられようとしている。位置ゲームを手がけるコロプラの馬場功淳社長をして「ネイティブアプリ市場の成長は想定を超えている」と言わしめるほど。このトレンドはベンダーやユーザーのSecurity対策にどのような影響を与えるのだろうか。予想される課題とともに考えてみたい。

    Free Lance Writer Shinji Nakao

    Free Lance Writer Shinji Nakao

    Freelance writer, editor.She edits ASCII's books to O'Reilly Japan, and works on translation, writing, and interviews, regardless of paper and web.There are many IT, but sometimes I write on car -related media.I have been using the Internet (although I didn't say it) since UUCP.

    連載記事

    ▲ Close ▼ All display

    およそ1年ほど前、本連載でネイティブアプリとHTML5のどちらが安全かという議論が話題になっていると紹介した。その後、ゲーム業界で一時の隆盛を誇ったブラウザ型カードゲームの市場が縮小し、今は音楽やグラフィックス、そしてゲーム性の高いネイティブアプリへのシフトが進んでいる。7月29日付けのCNETの記事では、グリーにブラウザゲームを提供していたアプリベンダーが苦戦している様子、そしてそのベンダーが新に出資したネイティブアプリのベンチャーが成功しているという現象を報じている。また、比較的developmentコストが安く、参入しやすかったブラウザアプリ市場で濫立したアプリベンダーが、市場のネイティブアプリシフトによって淘汰・再編が進むのでは、と予想する専門家も少なくない。スマホゲームアプリの市場がネイティブアプリにシフトすることは、Security対策の視点からみてどうなのだろうか。影響や、新たな取り組みなど必要になってくるのだろうか。この機会に考えてみよう。一般論として、ブラウザ経由で利用するアプリと、クライアント端末上で動作するネイティブアプリはどちらがセキュアかというのは判定しにくい。ブラウザ型アプリのほうが、端末側でアプリケーションが実行されないため、セキュアであるという考え方もあるが、現実には、ブラウザそのものの脆弱性、JavaやJavaScriptの脆弱性、プラグインによる問題などがあり、簡単には比較できないからだ。HTML5になれば、プラグインの問題は軽減されそうだが、タグ機能が複雑になり、クロスサイトスクリプティング(XSS)といった攻撃には注意が必要となる。一方で、端末側で複雑なアプリケーションが動作するネイティブアプリは、PC環境と同様に、アプリ本体の脆弱性の問題が避けられない。場合によっては、アプリが動作するOSやミドルウェアやライブラリの脆弱性にも注意を払う必要がある。以上のように、両者の脆弱性の度合いの比較は難しい。したがって、Security対策という視点では、ゲームアプリがブラウザ型からネイティブアプリのどちらが安全でどちらが危険かという問題でとらえるのではなく、攻撃への対策のポイントや考え方が変わってくる問題と見たほうがいいだろう。では、ネイティブアプリの安全性はどのように確認するべきだろうか。【次ページ】「信頼モデル」によって成り立っている

    To List

    To List

    PR

    SB Creative Co., Ltd.

    ビジネス+ITはソフトバンクグループのSB Creative Co., Ltd.によって運営されています。

    ビジネス+IT 会員登録で、会員限定コンテンツやメルマガを購読可能、Specialセミナーにもご招待!