Back in August, we announced the Corellium Open Security Initiative to support independent public research into the security and privacy of mobile apps and devices.
To encourage this important research, we accepted proposals for research projects designed to validate any security and privacy claims for any mobile software vendor, whether in the operating system or third-party applications, with the winning proposal receiving a $5,000 grant and a year of free access to the Corellium platform.
Today, we're very excited to announce that the winner of the 2021 COSI Award is James Sebree, a Principal Research Engineer at Tenable.
James's project will be aimed at validating Apple’s claims of secure transmission of data between apps and strong data protection mechanisms. In particular, the project will take a deep dive into how entitlements are verified, to evaluate the secure transfer of information between applications on iOS and investigate where access to user information is restricted without explicit permission from the user.
This research will help strengthen the overall security of the platform by identifying both the flaws and strengths of these mitigations, and confidently verifying places they work correctly. This research will also help lower the barrier to entry for others to examine these points of interaction by providing a detailed overview of how information is transferred between third-party apps and native iOS apps and daemons.
Congratulations James! We're excited to see what your research uncovers!