We use cookies to make your experience of our website better. Details of our privacy policy is available here, and is also linked in the footer text on all pages.

Centre for Security, Communications and Network Research (CSCAN)  

Centre for Security, Communications and Network Research

Plymouth University

CSCAN with Plymouth University

Request a publication

Paper Title

Towards a Flexible, Multi-Level Security Framework for Mobile Devices

Authors

Clarke NL, Karatzouni S, Furnell SM

Publication/Conference

Proceedings of the 10th Security Conference

Reference

Las Vegas, USA, 4-6 May

Year

2011

Abstract

The mobile device has become a ubiquitous technology that is capable of supporting an increasingly large array of services, applications and information. Given their increasing importance, it is imperative to ensure that such devices are not misused or abused. Unfortunately, a key enabling control to prevent this, user authentication, has not kept up with the advances in device technology. Although frequently reported as weak and insufficient, Personal Identification Numbers (PINs) are still the predominant form of authentication. Moreover, this form of authentication is point-of-entry only; thus failing to re-establish the authenticity of the user beyond power-on. This paper proposes the use of transparent, continuous biometric authentication of the user: providing more secure identity verification; minimising user inconvenience; and providing security throughout the period of use. It is also recognised that not all services, applications and information have the same security requirements and the paper proposes an approach for establishing what level of security to provide based upon individual services and applications. The Personal Security Model (PSM), Simple Risk Assessment Model (SRAM) and Organisational Risk Assessment Model (ORAM) are three techniques for establishing the security requirements for individual services and applications based upon the responsible stakeholder (i.e. end-user or organisation) and their associated level of knowledge.

Status

This publication is available for on-line download (PDF).

Request a copy

Please complete the following form (required fields indicated with *)
Please only submit the form once, it may take a few seconds to process.

Name

*

Organisation

*

Email Address

*

Comments (optional)

Captcha

CAPTCHA - click to change *

Centre for Security, Communications and Network Research (CSCAN), Room A304 Portland Square, Plymouth University, Plymouth, PL4 8AA, United Kingdom
Telephone: +44 (0) 1752 586234, Fax: +44 (0) 1752 586300, Email: info@cscan.org