Abstract
Contact lists, Emails, SMS or custom applications on a professional smartphone could hold very confidential or sensitive information. What could happen in case of theft or accidental loss of such devices? Such events could be detected by the separation between the smartphone and a Bluetooth companion device. This event should typically block the applications and delete personal and sensitive data. Here, a solution is proposed based on a secured framework application running on the mobile phone as a rich client connected to a security server. The framework offers strong and customizable authentication and secured connectivity. A security server manages all security issues. User applications are then loaded via the framework. User data can be secured, synchronized, pushed or pulled via the framework. This contribution proposes a convenient although secured environment based on a client-server architecture using external authentications. Several features of the proposed system are exposed and a practical demonstrator is described.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Nicholson, A.J., Corner, M.D., Noble, B.D.: Mobile Device Security Using Transient Authentication. IEEE Transactions on Mobile Computing 5(11), 1489–1502 (2006)
Desmet, L., Joosen, W., Massacci, F., Naliuka, K., Philippaerts, P., Piessens, F., Vanoverberghe, D.: A flexible security architecture to support third-party applications on mobile devices. In: Proceedings of the 2007 ACM Workshop on Computer Security Architecture. CSAW 2007, Fairfax, Virginia, USA, pp. 19–28. ACM, New York (2007)
Wu, H., Grgoire, J., Mrass, E., Fung, C., Haslani, F.: MoTaskit: a personal task-centric tool for service accesses from mobile phones. In: Proceedings of the 1st Workshop on Mobile Middleware: Embracing the Personal Communication Device. MobMid 2008, Leuven, Belgium, pp. 1–5. ACM, New York (2008)
The BlackBerry solution allows users to stay connected with wireless access to email, corporate data, phone, web and organizer features, http://www.blackberry.com/
Hoffman, D.V.: Blackjacking: Security Threats to BlackBerry Devices, PDAs and Cell Phones in the Enterprise. Wiley, Chichester (2007)
Windows Mobile 6, http://msdn.microsoft.com/en-us/library/bb158486.aspx
Understanding the Windows Mobile security model, http://technet.microsoft.com/en-us/library/cc512651.aspx
Muthukumaran, D., Sawani, A., Schiffman, J., Jung, B.M., Jaeger, T.: Measuring integrity on mobile phone systems. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies. SACMAT 2008, Estes Park, CO, USA, pp. 155–164. ACM, New York (2008)
Dunham, K. (ed.): Mobile Malware Attacks and Defense. Elsevier, Amsterdam (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Badan, S., Probst, J., Jaton, M., Vionnet, D., Wagen, JF., Litzistorf, G. (2009). A Rich Client-Server Based Framework for Convenient Security and Management of Mobile Applications. In: Schmidt, A.U., Lian, S. (eds) Security and Privacy in Mobile Information and Communication Systems. MobiSec 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 17. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04434-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-04434-2_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04433-5
Online ISBN: 978-3-642-04434-2
eBook Packages: Computer ScienceComputer Science (R0)