Chapter

Trust, Privacy and Security in Digital Business

Volume 6863 of the series Lecture Notes in Computer Science pp 210-221

Risk Assessment for Mobile Devices

  • Thomas LedermAffiliated withLancaster UniversityCarnegie Mellon UniversityCentre for Security, Communications and Network Research, University of PlymouthUpper Austria University of Applied Sciences
  • , Nathan L. ClarkeAffiliated withLancaster UniversityCarnegie Mellon UniversityCentre for Security, Communications and Network Research, University of PlymouthSchool of Computer and Information Science, Edith Cowan University

* Final gross prices may vary according to local VAT.

Get Access

Abstract

With the market penetration of mobile phones and the trend towards the adoption of more sophisticated services, the risks posed by such devices, for the individual and the enterprise, has increased considerably. Risk assessment (RA) is an established approach with organisations for understanding and mitigating information security threats. However, it is also a time consuming process requiring an experienced analyst. Within mobile devices, the interested stakeholders range from administrators to the general public and an approach is therefore required that can establish RA in a fast, user convenient and effective manner. The proposed method utilises a number of approaches to minimise the effort required from the end-user, taking the different security requirements of various services into account and ensuring a level of flexibility that will enable all categories of user (from novice to expert) to engage with the process.

Keywords

Information security risk assessment mobile phone smart phone end-user risk assessment computing IT