Cited By
View all- Olalere MAbdullah MMahmod RAbdullah A(2015)A Review of Bring Your Own Device on Security IssuesSAGE Open10.1177/21582440155803725:2(215824401558037)Online publication date: 10-Apr-2015
Combining smart phone and infrastructure sensors to improve security in enterprise settings
Authors: 
Palanivel Kodeswaran, Dipanjan Chakraborty, Parikshit Sharma, Sougata Mukherjea, Anupam JoshiAuthors Info & Claims
Palanivel Kodeswaran, Dipanjan Chakraborty, Parikshit Sharma, Sougata Mukherjea, Anupam JoshiAuthors Info & ClaimsPages 1151 - 1158
Abstract
There is an increasing trend among employees to bring in their own personal device to work, thereby making the enterprise more vulnerable to security attacks such as data leakage from phones. Additionally, users are increasingly running phone apps in a mixed-mode i.e. both for enterprise and personal commitments. For example, phone cameras and microphones are used to record business meetings, often resulting in the case that both employers and employees become unaware of the existence of business data on the phone at a later point in time. The lack of employer control over personal devices raises enterprise data leakage threats, when an employee's phone is lost or stolen. In this paper we describe a system that leverages sensors available on the phone as well as on the enterprise infrastructure to identify business data resident on the phone for further secure handling. Office spaces have traditionally been instrumented with badge swipe readers, cameras, wifi access points etc. that can be used to provide passive sensory data about employees. For example, badge swipes can be used provide approximate location information of an employee where as calendar entries provide information about their schedule and activities. We propose a distributed architecture that leverages the context of the user for speculatively identifying enterprise data from personal data. The basic idea is to understand whether a user is engaged in enterprise or personal work by inferring her context from a combination of phone and infrastructure sensors. The contextual attributes in our system, such as location, can be sourced from a plurality of sensors on the phone as well as on the infrastructure. We exploit this diversity and propose a cost optimized distributed rule execution framework that chooses the optimal set of predicates to sense on the phone as well as on the infrastructure to reduce sensing cost. Furthermore, the framework also chooses the appropriate site for rule evaluation, either on the infrastructure or phone, to optimize for network transfer cost incurred due to shipping of sensed predicates between the two sites. Combined together,the above two optimizations reduce the battery drain caused due to context inferencing on the phone.
References
[1]
Androjena: http://code.google.com/p/androjena/.
[2]
Andrus, J., Dall, C., Hof, A. V., Laadan, O., and Nieh, J. Cells: a virtual mobile smartphone architecture. In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, SOSP '11, ACM (New York, NY, USA, 2011), 173--187.
[3]
Kang, S., Lee, J., Jang, H., Lee, H., Lee, Y., Park, S., Park, T., and Song, J. Seemon: scalable and energy-efficient context monitoring framework for sensor-rich mobile environments. In Proceedings of the 6th international conference on Mobile systems, applications, and services, MobiSys '08, ACM (New York, NY, USA, 2008), 267--280.
[4]
Nath, S. Ace: Exploiting correlation for energy-efficient and continuous context sensing. In Mobisys (2012).
[5]
Roy, N., Misra, A., and Cook, D. Infrastructure-assisted smartphone-based adl recognition in multi-inhabitant smart environments. In PerCom (2013), 38--46.
[6]
Wang, Y., Lin, J., Annavaram, M., Jacobson, Q. A., Hong, J., Krishnamachari, B., and Sadeh, N. A framework of energy efficient mobile sensing for automatic user state recognition. In Mobisys, MobiSys'09, ACM (New York, NY, USA, 2009), 179--192.
Index Terms
- Combining smart phone and infrastructure sensors to improve security in enterprise settings
Recommendations
Smart phone use by non-mobile business users
MobileHCI '11: Proceedings of the 13th International Conference on Human Computer Interaction with Mobile Devices and ServicesThe rapid increase in smart phone capabilities has introduced new opportunities for mobile information access and computing. However, smart phone use may still be constrained by both device affordances and work environments. To understand how current ...
Mobile device security
InfoSecCD '04: Proceedings of the 1st annual conference on Information security curriculum developmentBecause of their small size, memory capability, and the case with which information can be downloaded and removed from a facility, mobile devices pose a risk to organizations when used and transported outside physical boundaries. Mobile devices, ...
Management of security policies for mobile devices
InfoSecCD '07: Proceedings of the 4th annual conference on Information security curriculum developmentThis paper discusses management of security policies for mobile devices. The increasing use of mobile devices in the workplace is covered, as well as new software applications that allow employees to use their mobile devices to increase their ...
Comments
Information & Contributors
Information
Published In
September 2013
1608 pages
ISBN:9781450322157
DOI:10.1145/2494091
- General Chairs:
- Friedemann Mattern,
- Silvia Santini,
- Program Chairs:
- John F. Canny,
- Marc Langheinrich,
- Jun Rekimoto
Copyright © 2013 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
- SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing
- University of Florida: University of Florida
- SIGCHI: ACM Special Interest Group on Computer-Human Interaction
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 08 September 2013
Check for updates
Author Tags
Qualifiers
- Tutorial
Conference
UbiComp '13: The 2013 ACM International Joint Conference on Pervasive and Ubiquitous Computing
September 8 - 12, 2013
Zurich, Switzerland
Acceptance Rates
UbiComp '13 Adjunct Paper Acceptance Rate 254 of 399 submissions, 64%;
Overall Acceptance Rate 764 of 2,912 submissions, 26%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 241Total Downloads
- Downloads (Last 12 months)2
- Downloads (Last 6 weeks)0
Reflects downloads up to 17 Feb 2025
Other Metrics
Citations
Cited By
View all- Olalere MAbdullah MMahmod RAbdullah A(2015)A Review of Bring Your Own Device on Security IssuesSAGE Open10.1177/21582440155803725:2(215824401558037)Online publication date: 10-Apr-2015
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in