An Ontology for Enforcing Security and Privacy Policies on Mobile Devices

Mobile devices have experienced explosive growth and rapid adoption. These devices have also become troves of security and privacy data of the consumers that utilize them. What makes mobile devices unique from traditional computing platforms is the additional sensing components they contain and their ease of access which allow consumers to make these devices a part of their lives. Additionally these devices are fragmented in operating systems, sensing capabilities, and device manufacturers. In this paper we define an ontology that can be utilized as a foundation for enforcing security and privacy policies across all mobile devices, and use the ontology to define policies and to model knowledge elements for mobile devices. We also identify areas where the policies can be applied, including whether to enforce policies on the device or in the cloud.

[1]  Vasilios Zorkadis,et al.  PROACT: An Ontology-Based Model of Privacy Policies in Ambient Intelligence Environments , 2010, 2010 14th Panhellenic Conference on Informatics.

[2]  Moonkun Lee,et al.  Behavior Ontology: A Framework to Detect Attack Patterns for Security , 2013, 2013 27th International Conference on Advanced Information Networking and Applications Workshops.

[3]  Ju An Wang,et al.  An Ontological Approach to Computer System Security , 2010, Inf. Secur. J. A Glob. Perspect..

[4]  Jeffrey M. Bradshaw,et al.  KAoS policy and domain services: toward a description-logic approach to policy representation, deconfliction, and enforcement , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[5]  Nabil El Kadhi,et al.  A Knowledge Based Process Proposal for Mobile Security , 2009, 2009 Second International Conference on Developments in eSystems Engineering.

[6]  Nabil El-Kadhi,et al.  Security Ontology Proposal for Mobile Applications , 2009, 2009 Tenth International Conference on Mobile Data Management: Systems, Services and Middleware.

[7]  Wenbing Zhao,et al.  A Framework for Enhancing Security and Privacy on Unmodified Mobile Operating Systems , 2013, 2013 IEEE 33rd International Conference on Distributed Computing Systems Workshops.

[8]  Melissa Haithcox-Dennis Foursquare , 2011 .

[9]  Dimitris Gritzalis,et al.  Towards an Ontology-based Security Management , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).