The meta-market is a front-end for the secure distribution of mobile applications via market-based systems. Briefly, the meta-market analyses mobile applications and guarantees that they will not violate security restrictions. The whole process is transparent for users, developers and application distribution services, i.e., app markets.

Meta-market architecture

The Meta-Market application distribution workflow.

The meta-market implements and relies on several technologies for ensuring that security policies are never violated. Among them we have:

Contract-based security: security contracts are extracted from the application packages and used for formal security analysis.

Model checking: Formal security assessment is implemented via state-of-the-art model checking technology.

Security monitoring: Unsafe applications are sanitized against possible violations.

Since it has no visible impact on the application deployment process, the meta-market is particularly suitable for bring your own device (BYOD) applications.

Screenshots of the architecture and the GUI of a prototype for the meta-market in Android can be found in Byodroid.