The meta-market is a front-end for the secure distribution of mobile applications via market-based systems. Briefly, the meta-market analyses mobile applications and guarantees that they will not violate security restrictions. The whole process is transparent for users, developers and application distribution services, i.e., app markets.
The Meta-Market application distribution workflow.
The meta-market implements and relies on several technologies for ensuring that security policies are never violated. Among them we have:
Contract-based security: security contracts are extracted from the application packages and used for formal security analysis.
Model checking: Formal security assessment is implemented via state-of-the-art model checking technology.
Security monitoring: Unsafe applications are sanitized against possible violations.
Since it has no visible impact on the application deployment process, the meta-market is particularly suitable for bring your own device (BYOD) applications.
Screenshots of the architecture and the GUI of a prototype for the meta-market in Android can be found in Byodroid.