Assigning and Enforcing Security Policies on Handheld Devices
نویسندگان
چکیده
The proliferation of mobile handheld devices, such as Personal Digital Assistants (PDAs) and tablet computers, within the workplace is expanding rapidly. While providing productivity benefits, the ability of these devices to store and transmit corporate information through both wired and wireless networks poses potential risks to an organization’s security. This paper describes an approach to assigning and enforcing an organization’s security policy on handheld devices. The approach relies on the device holding a valid policy certificate, obtained through synchronization with a user’s desktop computer, organizational server, or other means, before conducting any security-sensitive operations. The paper describes a proof-of-concept implementation of the policy certificate issuing tool, policy specification language, certificate representation, and enforcement mechanisms that were used to demonstrate this approach, and discusses the associated benefits and drawbacks.
منابع مشابه
Security Policy Management for Handheld Devices
The adoption of wireless technologies and handheld devices is becoming widespread in business, industry, and government organizations. The use of handheld devices introduces new risks to existing enterprise computing resources. Therefore, organizations require new strategies to mitigate the security risks associated with the integration of wireless technologies into existing computing environme...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملAn Ontology for Enforcing Security and Privacy Policies on Mobile Devices
Mobile devices have experienced explosive growth and rapid adoption. These devices have also become troves of security and privacy data of the consumers that utilize them. What makes mobile devices unique from traditional computing platforms is the additional sensing components they contain and their ease of access which allow consumers to make these devices a part of their lives. Additionally ...
متن کاملEnforcing Security in IoT and Home Networks
Modern home and corporate networks are interconnecting many different devices types other than personal computers and printers. It is pretty common to have surveillance cameras or thermometers and control them through cloud-based services. Security-wise this practice can create potential threats when connected devices are not kept updated or if they can freely access the network. This paper des...
متن کاملA location-based policy-specification language for mobile devices
The dramatic rise in mobile applications has greatly increased threats to the security and privacy of users. Security mechanisms on mobile devices are currently limited, so users need more expressive ways to ensure that downloaded mobile applications do not act maliciously. Policy-specification languages were created for this purpose; they allow the enforcement of user-defined policies on third...
متن کامل