Advertisement

Abstract

Cell phones are becoming increasingly more sophisticated, and such ”Smart” phones are a growing front end to access the web and internet applications. They are often used in a multiple modes – for instance for both personal and business purposes. Enterprises that allow employees to use the phones in this dual mode need to protect the information and applications on such devices and control their behavior. This paper describes an approach that integrates declarative policies, context and OS level device control to enforce security by creating multiple personas for the device. We describe the approach, and present a proof of concept implementation on Android.

Keywords

Mobile Device Security Policy Mobile Platform Malicious Code Android Platform 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The ponder policy specification language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–37. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Jansen, W.A., Karygiannis, T., Gavrila, S., Korolev, V.: Assigning and Enforcing Security Policies on Handheld Devices. In: Proceedings of the Canadian Information Technology Security Symposium (May 2002)Google Scholar
  3. 3.
    Kagal, L., Finin, T., Joshi, A.: A Policy Language for A Pervasive Computing Environment. In: Proceedings of the IEEE 4th International Workshop on Policies for Distributed Systems and Networks (June 2003)Google Scholar
  4. 4.
    Moses, T., et al.: eXtensible Access Control Markup Language (XACML) Version 2.0. OASIS Standard, 200502 (2005)Google Scholar
  5. 5.
    Patwardhan, A., Korolev, V., Kagal, L., Joshi, A.: Enforcing Policies in Pervasive Environments. In: International Conference on Mobile and Ubiquitous Systems: Networking and Services. IEEE, Cambridge (2004)Google Scholar
  6. 6.
    Susilo, W.: Securing Handheld Devices. In: 10th IEEE International Conference on Networks (August 2002)Google Scholar

Copyright information

© ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering 2012

Authors and Affiliations

  • Akhilesh Gupta
    • 1
    • 3
  • Anupam Joshi
    • 1
    • 2
  • Gopal Pingali
    • 1
  1. 1.IBM Research - IndiaNew DelhiIndia
  2. 2.CSEE DepartmentUniversity of MarylandBaltimore CountyUSA
  3. 3.Department of Computer ScienceStanford UniversityUSA

Personalised recommendations