Risk Assessment for Mobile Devices

  • Thomas Lederm
  • Nathan L. Clarke
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6863)


With the market penetration of mobile phones and the trend towards the adoption of more sophisticated services, the risks posed by such devices, for the individual and the enterprise, has increased considerably. Risk assessment (RA) is an established approach with organisations for understanding and mitigating information security threats. However, it is also a time consuming process requiring an experienced analyst. Within mobile devices, the interested stakeholders range from administrators to the general public and an approach is therefore required that can establish RA in a fast, user convenient and effective manner. The proposed method utilises a number of approaches to minimise the effort required from the end-user, taking the different security requirements of various services into account and ensuring a level of flexibility that will enable all categories of user (from novice to expert) to engage with the process.


Information security risk assessment mobile phone smart phone end-user risk assessment computing IT 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    ITU Key Global Telecom Indicators for the World Telecommunication Service Sector, http://www.itu.int/ITU-D/ict/statistics/at_glance/KeyTelecom.html
  2. 2.
    Dagon, D., Martin, T., Starner, T.: Mobile phones as computing devices: the viruses are coming! IEEE Pervasive Computing 3(4), 11–15 (2004)Google Scholar
  3. 3.
  4. 4.
    Richardson, R.: CSI Computer Crime and Security Survey. Computer Security Institute (2009), http://www.gocsi.com
  5. 5.
    Verkasalo, H.: Analysis of Smartphone User Behavior. In: 2010 Ninth International Conference on Mobile Business and 2010 Ninth Global Mobility Roundtable (ICMB-GMR), pp. 258–263 (2010)Google Scholar
  6. 6.
    Clarke, N.L., Furnell, S.M.: Advanced User Authentication for Mobile Devices. Computers & Security 26(2), 109–119 (2007)Google Scholar
  7. 7.
    Clarke, N.L.: Advanced User Authentication for Mobile Devices. PhD Thesis. University of Plymouth, United Kingdom (2004)Google Scholar
  8. 8.
  9. 9.
  10. 10.
  11. 11.
    Clarke, N.L., Karatzouni, S., Furnell, S.M.: Towards a Flexible, Multi-Level Security Framework for Mobile Devices. In: Proceedings of The 10th Security Conference, Las Vegas (2010)Google Scholar
  12. 12.
  13. 13.
  14. 14.
    Fried, S.: Mobile Device Security - A Comprehensive Guide to Securing Your Information in a Moving World. Auerbach Publications, Boca Raton (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Thomas Lederm
    • 1
    • 3
  • Nathan L. Clarke
    • 1
    • 2
  1. 1.Centre for Security, Communications and Network ResearchUniversity of PlymouthPlymouthUK
  2. 2.School of Computer and Information ScienceEdith Cowan UniversityPerthWestern Australia
  3. 3.Upper Austria University of Applied SciencesHagenbergAustria

Personalised recommendations