BYODCert: Toward a Cross-Organizational BYOD Paradigm

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10232)

Abstract

We introduce a novel architectural solution (BYODCert) for managing the Bring Your Own Device paradigm at a cross-organizational level by exploiting mobile device certifications. BYODCert acts as a trusted third party allowing organizations to verify the compliance of their employees’ personal devices against BYOD security policies. BYODCert is implemented as a cloud service that can be adopted by organizations as an external and on-demand BYOD solution.

Keywords

Bring Your Own Device App analysis Android security Public-key certification 

References

  1. 1.
    Mazurczyk, W., Caviglione, L.: Steganography in modern smartphones, mitigation techniques. IEEE Commun. Surv. Tutor. 17(1), 334–357 (2015). FirstquarterCrossRefGoogle Scholar
  2. 2.
    Aktug, I., Naliuka, K.: Conspec: a formal language for policy specification. Sci. Comput. Program. 74(1), 2–12 (2008)MathSciNetCrossRefMATHGoogle Scholar
  3. 3.
    Ibm byod solution. http://www.ibm.com/mobile/bring-your-own-device/. Accessed 7 Mar 2017
  4. 4.
    Blackberry byod solution. http://us.blackberry.com/bring-your-own-device. Accessed 7 Mar 2017
  5. 5.
    Appthority. https://www.appthority.com. Accessed 7 Mar 2017
  6. 6.
    Huawei byod solution. http://enterprise.huawei.com/topic/byod_en/. Accessed 7 Mar 2017
  7. 7.
    Kozen, D.: Results on the propositional-calculus. Theor. Comput. Sci. 27(3), 333–354 (1983)MathSciNetCrossRefMATHGoogle Scholar
  8. 8.
    Clarke, E.M., Emerson, E.A., Sistla, A.P.: Automatic verification of finite-state concurrent systems using temporal logic specifications. ACM Trans. Program. Lang. Syst. 8(2), 244–263 (1986)CrossRefMATHGoogle Scholar
  9. 9.
    King, J.C.: Symbolic execution and program testing. Commun. ACM 19(7), 385–394 (1976)MathSciNetCrossRefMATHGoogle Scholar
  10. 10.
    Desmet, L., Joosen, W., Massacci, F., Naliuka, K., Philippaerts, P., Piessens, F., Vanoverberghe, D.: The s3ms.net run time monitor. Electron. Notes Theor. Comput. Sci. 253(5), 153–159 (2009)CrossRefGoogle Scholar
  11. 11.
    Merlo, A., Migliardi, M., Caviglione, L.: A survey on energy-aware security mechanisms. Pervasive Mob. Comput. 24, 77–90 (2015). Cited by 7CrossRefGoogle Scholar
  12. 12.
    Bielova, N., Dragoni, N., Massacci, F., Naliuka, K., Siahaan, I.: Matching in security-by-contract for mobile code. J. Log. Algebr. Program. 78(5), 340–358 (2009). The 1st Workshop on Formal Languages and Analysis of Contract-Oriented Software (FLACOS07)CrossRefMATHGoogle Scholar
  13. 13.
    Armando, A., Costa, G., Merlo, A.: Bring your own device, securely. In: Proceedings of the 28th Annual ACM Symposium on Applied Computing, SAC 2013, pp. 1852–1858. ACM, New York (2013)Google Scholar
  14. 14.
    Armando, A., Costa, G., Verderame, L., Merlo, A.: Securing the bring your own device paradigm. Computer 47(6), 48–56 (2014)CrossRefGoogle Scholar
  15. 15.
    Armando, A., Costa, G., Merlo, A., Verderame, L.: Enabling BYOD through secure meta-market. In: Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2014, pp. 219–230. ACM, New York (2014)Google Scholar
  16. 16.
    Costa, G., Merlo, A., Verderame, L., Armando, A.: Automatic security verification of mobile app configurations. Future Gener. Comput. Syst. (2016). http://dx.doi.org/10.1016/j.future.2016.06.014
  17. 17.
    Falcone, Y., Currea, S., Jaber, M.: Runtime verification and enforcement for android applications with RV-Droid. In: Qadeer, S., Tasiran, S. (eds.) RV 2012. LNCS, vol. 7687, pp. 88–95. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-35632-2_11 CrossRefGoogle Scholar
  18. 18.
    Merlo, A.: Secure cooperative access control on grid. Future Gener. Comput. Syst. 29(2), 497–508 (2013). Special section: recent advances in e-ScienceCrossRefGoogle Scholar
  19. 19.
    Bartoletti, M., Degano, P., Ferrari, G.L.: History-based access control with local policies. In: Sassone, V. (ed.) FoSSaCS 2005. LNCS, vol. 3441, pp. 316–332. Springer, Heidelberg (2005). doi: 10.1007/978-3-540-31982-5_20 CrossRefGoogle Scholar
  20. 20.
    Holzmann, G.: Spin Model Checker, the: Primer and Reference Manual, 1st edn. Addison-Wesley Professional, Boston (2003)Google Scholar
  21. 21.
    Cranen, S., Groote, J.F., Keiren, J.J.A., Stappers, F.P.M., de Vink, E.P., Wesselink, W., Willemse, T.A.C.: An overview of the mCRL2 toolset and its recent advances. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013. LNCS, vol. 7795, pp. 199–213. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36742-7_15 CrossRefGoogle Scholar
  22. 22.
    Andersen, H.R.: Partial model checking. In: Proceedings of Tenth Annual IEEE Symposium on Logic in Computer Science, pp. 398–407, June 1995Google Scholar
  23. 23.
    Cremers, C.J.F.: The Scyther Tool: verification, falsification, and analysis of security protocols. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 414–418. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-70545-1_38 CrossRefGoogle Scholar
  24. 24.
    Caviglione, L.: Can satellites face trends? the case of web 2.0. In: International Workshop on Satellite and Space Communications, pp. 446–450, September 2009Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.DIBRISUniversity of GenoaGenoaItaly

Personalised recommendations