A Study on Security Threats and Dynamic

The term BYOD(Bring Your Own Device) collectively refers to the related technologies, concepts and policies, where employees do works by accessing corporate’s internal IT resources, such as database and applications, using their personal mobile devices like smart phones, laptop computers and tablet PCs. As operational convenience has improved with the advent of a new IT environment, such as BYOD and smart-work, security threats are increasing at the same time. To deal with those threats, there are several security solutions such as NAC(Network Access Control) and MDM(Mobile Device Management) products. However, it is insufficient to resolve risk factors occurring in BYOD environment with them due to their limitations and users’ psychological repulsion to the control of personal devices. Thus, it is necessary to establish a flexible security policy considering numerous and diverse types of terminals and various circumstances. In addition, security policy must be aimed at protecting corporate data by isolating users of abnormal behaviors as well as at ensuring utilization of various personal devices and work continuity. This paper studies on security issues possibly occurred in the new IT environments of BYOD and smart-work and describes problems which cannot be solved with the existing technologies and solutions. Finally, this paper proposes an integrated security system to resolve this new security threats. It shows that this system examines the context information conducting a dynamic access control based on it.