Mobile Networks and Applications

, Volume 22, Issue 4, pp 743–759 | Cite as

Offline Mode for Corporate Mobile Client Security Architecture

  • Tatiana Galibus
  • Thiago P. de B. Vieira
  • Edison P. de Freitas
  • Robson de O. Albuquerque
  • Jo ao Paulo C. L da Costa
  • Rafael T. de Sousa Júnior
  • Viktor Krasnoproshin
  • Anton Zaleski
  • H. E. R. M. Vissia
  • Giovanni del Galdo
Article

Abstract

Preventing data leakage on the mobile client is a crucial security problem. Therefore, additional control and protection should be taken for the confidential data on the mobile clients that leave the boundaries of the organization. This paper presents a novel approach to the security of the corporate mobile clients, in particular when they operate in the offline mode. The presented approach includes the essential conceptualization and the definition of the core methodology to solve the problem of offline mobile security, i.e. the protection of the confidential data in use when the mobile client is not connected to the corporate cloud. The protection of the sensitive data is provided by the combination of cryptographic means and analytics methods to detect malicious user behavior. The proposed security architecture supports the basic mobile client protection principles: minimized traffic load and reduced communication with the cloud; usage of light-weighted operations and an optimized combination of the security methods.

Keywords

Offline mobile cloud security Offline attribute-based encryption Model order selection User behavior analysis Secret sharing 

Notes

Acknowledgments

The authors thank the Brazilian research and innovation Agencies CAPES - Coordination for the Improvement of Higher Education Personnel (Grant 23038.007604/2014-69 FORTE - Tempestive Forensics Project), FINEP - Funding Authority for Studies and Projects (Grant 01.12.0555.00 RENASIC/PROTO - Secure Protocols Laboratory of the National Information Security and Cryptography Network), FAPDF - Research Support Foundation of the Federal District (Grants 0193.001366/2016 UIoT - Universal Internet of Things and 0193.001365/2016 - Secure Software Defined Data Center - SSDDC), and CNPq - National Council for Scientific and Technological Development (Productivity Grant 303905/2014-0 and PVE Grant 88881.030392/2013-01), as well as the European CSF - Aerospace Technology Program (PDE scholarship within project 207644/2015-2), for their support to this research.

References

  1. 1.
    Cloud security alliance (2016) Top Threats Working Group https://cloudsecurityalliance.org/group/top-threats, accessed: 2016-01-15
  2. 2.
    B. D. S. BV (2016) Storgrid EFSS: Secure Enterprise File Sharing Software http://www.storgrid.com, accessed: 2016-01-15
  3. 3.
    Bellovin S M, Merritt M (1992) Encrypted key exchange: Password-based protocols secure against dictionary attacks Proceedings., 1992 IEEE Computer Society Symposium on Research in Security and Privacy. IEEE, pp 72–84Google Scholar
  4. 4.
    Bogos S, Boureanu I, Vaudenay S (2013) Primeless factoring-based cryptography Applied Cryptography and Network Security. Springer, pp 552–569Google Scholar
  5. 5.
    Campbell M (2015). Cloud data encryption is easy. Cloud Cyphercloud blog http://www.ciphercloud.com/blog/cloud-data-encryption-easy/, accessed: 2016-01-15
  6. 6.
    Chang H, Hari A, Mukherjee S, Lakshman T (2015) Design and architecture of a software defined proximity cloud. Advances in Mobile Cloud Computing Systems, p 123Google Scholar
  7. 7.
    Da Costa J, Thakre A, Roemer F, Haardt M (2009) Comparison of model order selection techniques for high-resolution parameter estimation algorithms Proceedings 54th International Scientific Colloquium (IWK’09), Ilmenau, GermanyGoogle Scholar
  8. 8.
    Galibus T (2014) Access control for the cloud storage Proceeding of the 3rd Belarus-Korea Forum Science “Innovation, Production”, MinskGoogle Scholar
  9. 9.
    Galibus T, Matveev G (2007) Generalized mignotte sequences in polynomial rings. ENTCS 186:39–45MATHGoogle Scholar
  10. 10.
    Galibus T, Vissia H (2015) Cloud storage security Network Security and Communication Engineering: Proceedings of the 2014 International Conference on Network Security and Communication Engineering (NSCE 2014). CRC Press, Hong Kong, p 123CrossRefGoogle Scholar
  11. 11.
    Galibus T, Matveev G, Shenets N (2008) Some structural and security properties of the modular secret sharing SYNASC’08. 10th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing. IEEE, pp 197–200Google Scholar
  12. 12.
    Galibus T, Gafurov S, Kaganovich D, Vissia H (2015) Mobile security based on the secret sharing. J Brest State Tech Univ 5:33–36. in RussianGoogle Scholar
  13. 13.
    Gartner (2015) Key challenges in cloud computing. Cloud Computing http://www.gartner.com/technology/topics/cloud-computing.jsp, accessed: 2016-01-15
  14. 14.
    Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data Proceedings of the 13th ACM Conference on Computer and Communications Security. ACM, pp 89–98Google Scholar
  15. 15.
    Heydari M, Sadough S M S, Farash M S, Chaudhry S A, Mahmood K (2016) An efficient password-based authenticated key exchange protocol with provable security for mobile client–client networks. Wirel Pers Commun 88(2):337–356CrossRefGoogle Scholar
  16. 16.
    Higashi M (2015) Cloud data security and eu data privacy rules compliance with encryption and tokenization. Cloud Security, Compliance http://www.ciphercloud.com/blog/cloud-data-security-and-eu-data-privacy-rules-compliance-with-encryption-and-tokenization/, accessed: 2016-01-15
  17. 17.
    Huang C T, Chang R K, Huang P (2009) Signal processing applications in network intrusion detection systems. EURASIP J Adv signal Process 2009(1):1–2MathSciNetCrossRefMATHGoogle Scholar
  18. 18.
    Itani W, Kayssi A, Chehab A (2010) Energyefficient incremental integrity for securing storage in mobile cloud computing 2010 International Conference on Energy Aware Computing (ICEAC). IEEE, pp 1–2Google Scholar
  19. 19.
    James N, Elaine B, Lawrence B, William B, Morris D, James F, Roback E (2000) Report on the development of the advanced encryption standard (aes). NYST http://csrc.nist.gov/archive/aes/round2/r2report.pdf, accessed: 2016-01-15
  20. 20.
    Kaspersky (2014) Mobile cyber threats. Kaspersky Lab & INTERPOL Joint Report http://media.kaspersky.com/pdf/Kaspersky-Lab-KSN-Report-mobile-cyberthreats-web.pdf, accessed: 2016-01-15
  21. 21.
    Khan A N, Kiah M M, Khan S U, Madani S A (2013) Towards secure mobile cloud computing: A survey. Fut Gener Comput Syst 29(5):1278–1299CrossRefGoogle Scholar
  22. 22.
    Khan AN, Kiah MM, Ali M, Madani SA, Shamshirband S et al (2014) Bss: block-based sharing scheme for secure data storage services in mobile cloud environment. J Supercomput 70(2):946–976CrossRefGoogle Scholar
  23. 23.
    Khan A N, Kiah M M, Ali M, Shamshirband S et al (2015) A cloud-manager-based re-encryption scheme for mobile users in cloud environment: a hybrid approach. J Grid Comput 13(4):651–675CrossRefGoogle Scholar
  24. 24.
    Khan AR, Othman M, Madani SA, Khan SU (2014) A survey of mobile cloud computing application models. Commun Surv Tutorials, IEEE 16(1):393–413CrossRefGoogle Scholar
  25. 25.
    Kulkarni P, Khanai R (2015) Addressing mobile cloud computing security issues: a survey International Conference on Communications and Signal Processing (ICCSP). IEEE, pp 1463–1467Google Scholar
  26. 26.
    Lawson C, MacDonald N, Lowans B (2015) Market guide for cloud access security brokers. Gartner research http://www.gartner.com/technology/reprints.do?id=1-2RUEH70&ct=151110&st=sb, accessed: 2016-01-15
  27. 27.
    Lu W, Ghorbani A A (2009) Network anomaly detection based on wavelet analysis. EURASIP J Adv Signal Process 2009:4CrossRefMATHGoogle Scholar
  28. 28.
    Mayrhofer R (2015) An architecture for secure mobile devices. Secur Commun Netw 8(10):1958–1970CrossRefGoogle Scholar
  29. 29.
    McAfee (2015) Mcafee labs threats report. http://www.mcafee.com/us/resources/reports/rp-quarterly-threats-aug-2015.pdf, accessed: 2016-01-15
  30. 30.
    Ren W, Yu L, Gao R, Xiong F (2011) Lightweight and compromise resilient storage outsourcing with distributed secure accessibility in mobile cloud computing. Tsinghua Sci Technol 16(5):520–528CrossRefGoogle Scholar
  31. 31.
    Shila D M, Shen W, Cheng Y, Tian X (2016) Amcloud: Toward a secure autonomic mobile ad hoc cloud computing system. to appearGoogle Scholar
  32. 32.
    Skyhigh (2015) What is cloud access security broker. Skyhigh Cloud University https://www.skyhighnetworks.com/cloud-university/what-is-cloud-access-security-broker/, accessed: 2016-01-15
  33. 33.
    Tenório D F, Da Costa J P C, De Sousa Júnior R T (2013) Greatest eigenvalue time vector approach for blind detection of Malicious traffic. ICoFCS 2013 p 46Google Scholar
  34. 34.
    Van Lelyveld A (2013) Sap mobile platform secure mobile with mocana. SMP Enterprise Grade Mobility http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/8063ed15-0713-3110-c584-e75ac0395b20?QuickLink=index&overridelayout=true&58725087881424, accessed: 2016-01-15
  35. 35.
    Xia Y, Liu Y, Tan C, Ma M, Guan H, Zang B, Chen H (2015) Tinman: eliminating confidential mobile data exposure with security oriented offloading Proceedings of the Tenth European Conference on Computer Systems. ACM, p 27Google Scholar
  36. 36.
    Yang J, Wang H, Wang J, Tan C, Yu D (2011) Provable data possession of resource-constrained mobile devices in cloud computing. J Netw 6(7):1033–1040Google Scholar
  37. 37.
    Yovel Y (2014) Essential ways to protect my mobile apps. Security Intelligence e-magazine https://securityintelligence.com/how-to-protect-mobile-apps-essentials/, accessed: 2016-01-15
  38. 38.
    Zhao G, Rong C, Li J, Zhang F, Tang Y (2010) Trusted data sharing over untrusted cloud storage providers IEEE Second International Conference on Cloud Computing Technology and Science (CloudCom). IEEE, pp 97–103Google Scholar

Copyright information

© Springer Science+Business Media New York 2017

Authors and Affiliations

  • Tatiana Galibus
    • 1
    • 2
  • Thiago P. de B. Vieira
    • 2
  • Edison P. de Freitas
    • 3
  • Robson de O. Albuquerque
    • 2
  • Jo ao Paulo C. L da Costa
    • 2
    • 4
    • 5
  • Rafael T. de Sousa Júnior
    • 2
  • Viktor Krasnoproshin
    • 1
  • Anton Zaleski
    • 6
  • H. E. R. M. Vissia
    • 6
  • Giovanni del Galdo
    • 4
    • 5
  1. 1.Belarusian State UniversityNezavisimostiBelarus
  2. 2.University of BrasiliaBrasíliaBrazil
  3. 3.Federal University of Rio Grande do SulPorto AlegreBrazil
  4. 4.Institute for Information TechnologyIlmenau University of TechnologyIlmenauGermany
  5. 5.Fraunhofer Institute for Integrated Circuits IISErlangenGermany
  6. 6.Byelex Multimedia Products BV Argon 1XC Oud GastelThe Netherlands

Personalised recommendations