• No results found

A Review on Mobile Services Secure Mobility Platform

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "A Review on Mobile Services Secure Mobility Platform"

Copied!
8
0
0

Loading.... (view fulltext now)

Download now ( 8 Page )

Full text

(1)

http://dx.doi.org/10.14257/jse.2015.10.09

A Review on Mobile Services Secure Mobility Platform

Regin Joy Conejar

1)

, Haeng-KonKim

2)

Abstract

The Secure Mobility Platform for Mobile Device Services addresses the diverse needs of users, IT and developers, allowing IT to focus on managing mobile device services, mobile apps and data, without compromising security or user privacy. In this paper, mobile device services secure mobility platform insures to provides real-time mobile device status and compliance metrics. Enforces device-level IT policies, configurations, security settings, and updates. Continually monitors the mobility infrastructure, alerts on potential failures and provides resolution recommendations

Keywords : Mobile Device Services, Mobile Management, Mobile Secure Mobility Platform

1. Introduction

Newly empowered users with their BYOD devices are now demanding more than just corporate email support on their smartphones and tablets. Wanting to be as productive on mobile devices as on legacy laptops and desktops, users are demanding consistent access to apps and data from any device at any time. However, they aren’t willing to sacrifice personal privacy in the name of security[1].

Realizing the transformational impact that mobile will have on how business is done, the lines of business are reallocating program dollars to investments in mobile app projects in order reach the extended enterprise (e.g., business partners, distributors, etc.) and consumers - but often without the participation or supervision of IT.

IT has to balance the evolving mobility needs of both users and LOB with its responsibility to protect corporate data and meet security policies and regulatory requirements - even as mobility services continue to grow from limited pilots to enterprise wide deployments with accompanying service level agreements.

App developers need to respond to their business partners’ mobile requirements but there is a limited pool of developers with mobility expertise. Adding in the requirement that apps must offer security controls that meet the need of enterprise IT further limits this pool.

Received(June 20, 2015), Review request(June 21, 2015), Review Result(1st: July 08, 2015, 2nd: August 19, 2015) Accepted(October 10, 2015), Publish(October 31, 2015)

1712-702 Dept. of Computer Information&Communication Engineering, Catholic University of Daegu. email: [email protected]

2(Corresponding Author) 712-702 Dept. of Computer Information&Communication Engineering, Catholic University of Daegu. email: [email protected]

(2)

Mobile devices, such as smartphones, mobile internet devices and web-enabled media players, are becoming widespread. These devices possess limited resources, which motivates resource optimizations. Mobile devices are hawking the marketplace over their stationary counterparts. Thus, mobile users requirement are rapidly increasing in terms of running more complex services on these mobile devices[2].

2. Related Works

Mobile devices are becoming the most indispensable computing and communicating device a person needs. With the advent of smart phones, the mobile phone has become as powerful as any ordinary desktop computer in terms of the services it can offer and its communication power[3]. People are now using their mobile phones not just for calling and sending messages but also for browsing the Internet, playing games, listening to music, taking pictures and videos just to name a few of the mobile device services. In response to the rising demand for better mobile device services, companies have developed various types of mobile device services that would suit different people with different mobile needs.

One problem about this though is that, developing any type of mobile device services, is quite difficult. It still takes a large amount of skill and familiarity with how the framework is used before a person can create a decent amount of mobile device services and the workflow specification for a simple application. Other things that makes developing services for mobile devices more difficult as compared to desktop applications are factors such as device limitations (e.g., screen size, computing power, power consumption)[4], different operating systems for mobile devices, different data representation and additional device capabilities (e.g., Bluetooth, Wifi, GPS, Cameraenabled) which are not standard to all devices and therefore should be considered when developing a uniform device services that can be run on different mobile devices.

2.1. BlackBerry most Secure Mobile Platform, Research Finds[5]

BlackBerry leads the pack when it comes to secure mobile platforms, according to a study by security firm Trend Micro, Bloor Research and Altimeter Group. The platforms were compared on a combination of factors including built-in security, application security, authentication, device wipe, device firewall, and virtualization. BlackBerry

The researchers commented that corporate-grade security and manageability make BlackBerry the option of choice for the most stringent mobile roles. However, many features and protections that are commonly enabled or enforceable through the BlackBerry Enterprise Server (BES) are not present on devices that are user-provisioned through BlackBerry Internet Services (BIS).

(3)

Some of the strongest features restricting high-risk activities that users may undertake, such as removal of password protection for the device, may be rendered inactive if a user’s device is not provisioned via the BES, the report said.

Apple

The iOS application architecture natively provides users much protection because all applications are “sand-boxed” in a common memory environment. Security in iOS also extends to the physical attributes of the iPhone and iPad.

There are also no options for adding removable storage, which in effect provides another layer of protection for users.

But where the BlackBerry IT administrator has complete control over the device, in iOS, the IT department can configure items only once the user has supplied their permission, the report said.

Windows

Researchers said Microsoft has learnt the lessons of the past and created a reasonably robust and secure smartphone operating system in Windows Phone.

The OS uses privileges and isolation techniques to create sandbox processes. These “chambers” are based on a policy system that, in turn, defines which system features the processes operating in a chamber can access. Android

Although Android is now available in more recent versions (4.x), version 2.x is still the most widely deployed on existing and new handsets. This is a security risk in itself, the report said, because there is no central means of providing Operating System updates, meaning that many users remain unprotected from critical vulnerabilities for a prolonged period.

On the positive side, Android is a privilege-separated operating system and applications cannot access the network without prior consent. Apps run in their individual sandboxed environment and permissions are granted by the user on a per app basis.

Unfortunately the end user often fails to inspect the permissions request dialogue closely in their haste to use the app, the report said. It is also often unclear, when permissions are given, what the application is actually capable of.

3. Mobile Device Security and Management Services

Mobile Security has become increasingly important in mobile services. It is of particular concern as it relates to the security of personal information now stored on smartphones or mobile devices. More and more users

(4)

and businesses use mobile devices and smartphones as communication tools but also as a means of planning and organizing their work and private life. Within companies, these technologies are causing profound changes in the organization of information systems and therefore they have become the source of new risks. Indeed, mobile devices and smartphones collect and compile an increasing amount of sensitive information to which access must be controlled to protect the privacy of the user and the intellectual property of the company and organization. All mobile device and smartphones, as computers, are preferred targets of attacks. These attacks exploit weaknesses related to smartphones that can come from means of communication like SMS, MMS, wifi networks, and GSM. There are also attacks that exploit software vulnerabilities from both the web browser and operating system. Finally, there are forms of malicious software that rely on the weak knowledge of average users.

Different security counter-measures are being developed and applied to smartphones, from security in different layers of software to the dissemination of information to end users. There are good practices to be observed at all levels, from design to use, through the development of operating systems, software layers, and downloadable apps.

Mobile Device Threats

[Fig. 1] Data Leakage

The use of mobile devices leaks the enterprise to security threats such as:

•Device loss or theft - With mobiles devices becoming fancier, more popular, and more expensive, they are increasingly liable to theft. Even then, many thieves are more interested in accessing your wireless service and potentially, stealing your identity.

(5)

devices and computers (see [Fig. 1])

4. Secure Mobility Platform

Secure Mobility Platform includes mobile app security, mobile app management and infrastructure and device management technologies to allow your organization to implement all three steps. Mobile devices services developers can easily build enterprise-ready, secured mobile apps for the most popular native (i.e., Apple iOS, Google Android) and hybrid development environments.

[Fig. 2] Mobile Device Services Security Mobility Platform

4.1 Mobile App Security

The Secure Mobility Platform includes mobile app wrapping technology that encrypts application data and provides a unique ability to securely share data and services between apps - all without requiring mobile app developers to be security experts. App developers – whether in-house, can use either app wrapping or a software development kit to easily build apps for use on any device, even those not managed by IT.

4.2 Mobile App Management (MAM)

The Secure Mobility Platform provides complete mobile app management, including an enterprise app store. With it, enterprises can distribute and manage mobile apps, even on devices not managed by enterprise IT. Extensive app analytics provides insights beyond simple inventory reporting.

To fully realize the value of the mobile app investments, enterprises need a way to distribute custom apps. Both employees and non-employees want to use these apps across a mix of devices, which may or may not be managed by IT. Businesses need to consider how to deploy these apps to any user on any device, while retaining security and compliance controls over the apps. With businesses continuing to be focused on optimizing budget use, IT will also want some way to measure the success of their mobile investments[6].

(6)

4.3. Mobile Device Management (MDM)

Supporting enterprise mobility in a pilot with a limited number of users, apps and devices is manageable. However, with enterprises aspiring to become mobile first organizations, supporting hundreds, perhaps thousands of users, each with multiple smart devices and multiple apps per device, becomes a significant challenge for IT. A robust, reliable infrastructure is needed, one that isn’t going to require IT to scale proportionally with the number of users, devices and apps. Disparate point mobile solutions that don’t integrate with each other will only hinder IT.

5. Conclusion

With the Mobile Device Services Secure Mobility Platform, mobile app developers can get security services that maintains the security of documents and data shared between mobile device services via encrypted app-to-app tunneling technology that enables secure workflows. Enforce security policies that govern access to the containerized data, such as authentication, data loss prevention (cut/paste), data sharing between apps, and compliance and take automated action on security and compliance violations, such as locking an app or wiping corporate data. Provides mobile device services that allow enterprise developers to control advantage’s support to expose and manage custom app-specific policies. Empowers users with self service device enrollment or migration, real-time status check, and service issues resolution

(7)

References

[1] E. Torres, Mobile information services, University of Miami Leonard M. Miller School of Medicine, http://it.med.miami.edu/x291.xml, April 8 (2012).

[2] M. Gaedke, M. Beigl, H.-W. Gellersen, and C. Segor, Web content delivery to heterogeneous mobile platforms, in ER ’98: Proceedings of the Workshops on Data Warehousing and Data Mining, London, UK, Springer-Verlag (1999) November 19-20, Vol. 1552, pp. 205–217.

[3] G. D. Abowd, L. Iftode, and H. Mitchell, Guest editors’ introduction: The smart phone–a first platform for pervasive computing, IEEE Pervasive Computing, (2005), Vol. 4, No. 2, pp. 18–19.

[4] Good TechnologyTM Customer Success Story:http://www1.good.com/customers/mitsubishi.html, March (2015). [5] M. Basso and P. Redman, Soution Brief: Good Dynamics Secure Mobility Platform, Good Technologies,

Aug 8 (2012).

[6] ComputerWeekly.com, http://www.computerweekly.com/news/2240148460/BlackBerry-most-secure-mobile-platfor m-research-finds, Jan (2015).

(8)

Authors

Regin Joy Conejar

2006.6-2010.3: Western Visayas College of Science and Technology, B.S. degree in Information Technology

2010.3-2010.4: WVCST, Computer Department, Computer Workshop Training Coordinator

2010.5-2013.3: Savant Technologies, Inc., Prime Mover, Data Analyst, Researcher 2013.3-2015.8: Catholic University of Daegu, M.S. degree in Computer Information

and Communication Engineering

Research interests: Ubiquitous Healthcare, E-Learning, Mobile Architecture

Haeng-Kon Kim

1977.3-1985.2 : Chungang University, B.S. degree in Computer Science 1985.3-1987.2 : Chungang University, M.S. degree in Software Engineering 1987.3-1991.2 : Chungang University, Ph.D. degree in software Engineering 1978.5- 1979.7 : NASA, Research Staff

1987.3-1990.2 : Korea Telecommunication Research Center, Full-time Employment Research Staff

1988.1-1989.1 : Bell Lab., Research Staff

2000.12-2001.12 : Central Michigan University, Visiting Professor 1990.3-2003.3 : Catholic University of Daegu, Associate Professor 2003.3- present : Catholic University of Daegu, Professor

Others: Vice-President of Engineering College (1996.3-1998.2); Editor, KIPS (Korea Information Processing Society); Editor, KISS (Korea Information Science Society); Member, IEEE on Software Engineering; President, SERSC (Science and Engineering Research Support Society)

Research interests : Component Based Software Engineering, Object-oriented software Engineering, Software Reuse, User Interface Design, CASE, Software Re-engineering, Tools and Methodologies

References

Download now ( PDF - 8 Page - 228.83 KB )

Related documents

Secure user authentication based on the trusted platform for mobile devices

Secure user authentication based on the trusted platform for mobile devices Kim et al EURASIP Journal on Wireless Communications and Networking (2016) 2016 233 DOI 10 1186/s13638 016 0729

Secure Key Distribution Using Tree Based Group Diffie-Hellman Protocol and Data Sharing for Dynamic Group

policy attribute based encryption [7].In this paper we proposed secure, efficient data sharing scheme which allow user to securely share his/her data to other by untrusted

Secure Sensitive Data Sharing On a Big Data and Cloud Platform using Advanced Security System

In summary, we proposed a systematic framework of secure sharing of sensitive data on big data platform, which ensures secure submission and storage of sensitive data based on the

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX

By utilizing Safe-T’s connectors, Safe-T Box offers the industry’s most integrated data exchange platform, allowing applications to securely share sensitive data with users and

GROW YOUR BUSINESS WITH THE RIGHT MOBILITY SOLUTION

By selecting a secure mobility platform, your corporate processes, systems and data stay protected, giving you the opportunity to be a hero and harnessing the

MobileIron for ios. Our Mobile IT Platform: Purpose-Built for Next Gen Mobility. MobileIron Platform: Accelerating ios Adoption in the Enterprise

The MobileIron platform is a purpose-built mobile IT platform that provides users with secure access to business processes and content they need on devices of their choice and

White Paper Delivering Web Services Security: The Entrust Secure Transaction Platform

The Entrust Secure Transaction Platform will enable organizations to directly call Foundation Security Services from their Web applications, or to alternatively integrate

Five Best Practices for Secure Enterprise Content Mobility

By following these best practices for secure enterprise content mobility, you’ll give your mobile workers access to the critical business data they need, anywhere, any time, and on