Risk Assessment for Mobile Devices
With the market penetration of mobile phones and the trend towards the adoption of more sophisticated services, the risks posed by such devices, for the individual and the enterprise, has increased considerably. Risk assessment (RA) is an established approach with organisations for understanding and mitigating information security threats. However, it is also a time consuming process requiring an experienced analyst. Within mobile devices, the interested stakeholders range from administrators to the general public and an approach is therefore required that can establish RA in a fast, user convenient and effective manner. The proposed method utilises a number of approaches to minimise the effort required from the end-user, taking the different security requirements of various services into account and ensuring a level of flexibility that will enable all categories of user (from novice to expert) to engage with the process.
KeywordsInformation security risk assessment mobile phone smart phone end-user risk assessment computing IT
Unable to display preview. Download preview PDF.
- 1.ITU Key Global Telecom Indicators for the World Telecommunication Service Sector, http://www.itu.int/ITU-D/ict/statistics/at_glance/KeyTelecom.html
- 2.Dagon, D., Martin, T., Starner, T.: Mobile phones as computing devices: the viruses are coming! IEEE Pervasive Computing 3(4), 11–15 (2004)Google Scholar
- 4.Richardson, R.: CSI Computer Crime and Security Survey. Computer Security Institute (2009), http://www.gocsi.com
- 5.Verkasalo, H.: Analysis of Smartphone User Behavior. In: 2010 Ninth International Conference on Mobile Business and 2010 Ninth Global Mobility Roundtable (ICMB-GMR), pp. 258–263 (2010)Google Scholar
- 6.Clarke, N.L., Furnell, S.M.: Advanced User Authentication for Mobile Devices. Computers & Security 26(2), 109–119 (2007)Google Scholar
- 7.Clarke, N.L.: Advanced User Authentication for Mobile Devices. PhD Thesis. University of Plymouth, United Kingdom (2004)Google Scholar
- 8.Carnegie Mellon University, http://www.cert.org/octave/download/intro.html
- 11.Clarke, N.L., Karatzouni, S., Furnell, S.M.: Towards a Flexible, Multi-Level Security Framework for Mobile Devices. In: Proceedings of The 10th Security Conference, Las Vegas (2010)Google Scholar
- 14.Fried, S.: Mobile Device Security - A Comprehensive Guide to Securing Your Information in a Moving World. Auerbach Publications, Boca Raton (2010)Google Scholar