SecureMyDroid: enforcing security in the mobile devices lifecycle
暂无分享,去创建一个
Due to the extensive growth and diffusion of mobile devices (e.g., Smartphone, PDAs, mobile phones, etc.), and to their powerful capabilities, many users are massively using mobile devices both for personal and for work-related (corporate) activities. This poses serious threats to the security of such devices. In this paper, we propose a novel approach, based on the definition of a secure lifecycle for mobile devices, in order to extend corporate security policies to such devices. We focus on a new perspective that allows us to apply strong security policies and services enforcement to mobile devices. The approach proposed leverages on a customized release of the mobile device Operating System (OS). In particular, we present a prototype (called SecureMyDroid) of a secure mobile device based on a customized release of the Google Android operating system. One of the strong features of this prototype lies in the capability of fully customizing the operating environment of mobile devices. This prevents most of the tampering that is still practicable for devices that have been personalized through the installation of customized applications such as antimalware, antivirus, etc.
[1] Felix C. Freiling,et al. Towards Dynamic Malware Analysis to Increase Mobile Device Security423 , 2008, Sicherheit.
[2] Serban I. Gavrila,et al. A Unified Framework for Mobile Device Security , 2004, Security and Management.
[3] Felix C. Freiling,et al. Toward Automated Dynamic Malware Analysis Using CWSandbox , 2007, IEEE Secur. Priv..
[4] Antti Saaksvuori,et al. Product lifecycle management , 2004 .