An Evaluation of the Proposed Framework for Access Control in the Cloud and BYOD Environment

As the bring your own device (BYOD) to work trend grows, so do the network security risks. This fast-growing trend has huge benefits for both employees and employers. With malware, spyware and other malicious downloads, tricking their way onto personal devices, organizations need to consider their information security policies. Malicious programs can download onto a personal device without a user even knowing. This can have disastrous results for both an organization and the personal device. When this happens, it risks BYODs making unauthorized changes to policies and leaking sensitive information into the public domain. A privacy breach can cause a domino effect with huge financial and legal implications, and loss of productivity for organizations. This is a difficult challenge. Organizations need to consider user privacy and rights together with protecting networks from attacks. This paper evaluates a new architectural framework to control the risks that challenge organizations and the use of BYODs. After analysis of large volumes of research, the previous studies addressed single issues. We integrated parts of these single solutions into a new framework to develop a complete solution for access control. With too many organizations failing to implement and enforce adequate security policies, the process needs to be simpler. This framework reduces system restrictions while enforcing access control policies for BYOD and cloud environments using an independent platform. Primary results of the study are positive with the framework reducing access control issues.

[1]  Phil Beckett BYOD - popular and problematic , 2014, Netw. Secur..

[2]  Andrea Estefania Vaca Herrera,et al.  National cyber-security policies oriented to BYOD (bring your own device): Systematic review , 2017, 2017 12th Iberian Conference on Information Systems and Technologies (CISTI).

[3]  Azman Samsudin,et al.  Trusted Security Policies for Tackling Advanced Persistent Threat via Spear Phishing in BYOD Environment , 2015 .

[4]  Madhavi Dhingra Legal Issues in Secure Implementation of Bring Your Own Device (BYOD) , 2016 .

[5]  Manmeet Mahinderjit Singh,et al.  Security and Privacy Risks Awareness for Bring Your Own Device (BYOD) Paradigm , 2017 .

[6]  Sonia Blizzard Coming full circle: are there benefits to BYOD? , 2015 .

[7]  Melva M. Ratchford BYOD: A Security Policy Evaluation Model , 2018 .

[8]  Daniele Sgandurra,et al.  Towards enforcing on-the-fly policies in BYOD environments , 2013, 2013 9th International Conference on Information Assurance and Security (IAS).

[9]  Nima Zahadat,et al.  BYOD security engineering: A framework and its analysis , 2015, Comput. Secur..

[10]  Yan Bai,et al.  2TAC: Distributed Access Control Architecture for "Bring Your Own Device" Security , 2012, 2012 ASE/IEEE International Conference on BioMedical Computing (BioMedCom).

[11]  Bill Morrow,et al.  BYOD security challenges: control and protect your most sensitive data , 2012, Netw. Secur..

[12]  Rodrigo Muñoz,et al.  Bring Your Own Device , 2012 .

[13]  Khoula AlHarthy,et al.  Implement network security control solutions in BYOD environment , 2013, 2013 IEEE International Conference on Control System, Computing and Engineering.

[14]  Juan Julián Merelo Guervós,et al.  Corporate security solutions for BYOD: A novel user-centric and self-adaptive system , 2015, Comput. Commun..

[15]  Kamal Jambi,et al.  Survey on Access Control and Management Issues in Cloud and BYOD Environment , 2017 .

[16]  Mohammed Ketel,et al.  Bring Your Own Device: Benefits, risks and control techniques , 2014, IEEE SOUTHEASTCON 2014.

[17]  J. Armarego,et al.  Review of the Information Security and Privacy Challenges in Bring Your Own Device (BYOD) Environments , 2015 .

[18]  Budi Yulianto,et al.  An Implementation of Location Based Service (LBS) for Community Tracking , 2017 .

[19]  John Thielens Why APIs are central to a BYOD security strategy , 2013, Netw. Secur..

[20]  Siddhi Pittayachawan,et al.  Comparing intention to avoid malware across contexts in a BYOD-enabled Australian university: A Protection Motivation Theory approach , 2015, Comput. Secur..

[21]  M. Eslahi,et al.  MoBots: A new generation of botnets on mobile devices and networks , 2012, 2012 International Symposium on Computer Applications and Industrial Electronics (ISCAIE).

[22]  U. Vignesh,et al.  Modifying Security Policies Towards BYOD , 2015 .