In elastic mobile cloud computing (EMCC), mobile devices migrate some computing tasks to the cloud for execution according to current needs and seamlessly and transparently use cloud resources to enhance their functions. First, based on the summary of existing EMCC schemes, a generic EMCC framework is abstracted; it is pointed out that the migration of sensitive modules in the EMCC program can bring security risks such as privacy leakage and information flow hijacking to EMCC; then, a generic framework of elastic mobile cloud computing that incorporates risk management is designed, which regards security risks as a cost of EMCC and ensures that the use of EMCC is. Finally, it is pointed out that the difficulty of risk management lies in risk quantification and sensitive module labeling. In this regard, risk quantification algorithms are designed, an automatic annotation tool for sensitive modules of Android programs is implemented, and the accuracy of the automatic annotation is demonstrated through experiments.

mobile cloud computing; module allocation; risk control; security framework; security threats;