This article introduces a distributed model of trust for app developers in Android and iOS mobile ecosystems. The model aims to allow the co-existence of multiple app stores and distribution channels while retaining a high level of safety for mobile device users and minimum changes to current mobile operating systems. The Developers Certification Model (DCM) is a trust model for Android and iOS that aims to distinguish legit applications from security threats to user safeness by answering the question: "is the developer of this app trustable"? It proposes security by design, where safety relies on a chain of trust mapping real-world levels of trust across organizations. For the technical implementation, DCM is heavily inspired by SSL/TLS certification protocol, as a proven model that has been working for over 30 years.
@article{arxiv.2308.05278,
title = {DCM: A Developers Certification Model for Mobile Ecosystems},
author = {Paulo Trezentos and Ricardo Capote and Tiago Teodoro and João Carneiro},
journal= {arXiv preprint arXiv:2308.05278},
year = {2023}
}