MOSES: Supporting and enforcing security profiles on smartphones

Yury Zhauniarovich, Giovanni Russello, Mauro Conti, Bruno Crispo, Earlence Fernandes

Research output: Contribution to journalArticle

34 Citations (Scopus)

Abstract

Smartphones are very effective tools for increasing the productivity of business users. With their increasing computational power and storage capacity, smartphones allow end users to perform several tasks and be always updated while on the move. Companies are willing to support employee-owned smartphones because of the increase in productivity of their employees. However, security concerns about data sharing, leakage and loss have hindered the adoption of smartphones for corporate use. In this paper we present MOSES, a policy-based framework for enforcing software isolation of applications and data on the Android platform. In MOSES, it is possible to define distinct Security Profiles within a single smartphone. Each security profile is associated with a set of policies that control the access to applications and data. Profiles are not predefined or hardcoded, they can be specified and applied at any time. One of the main characteristics of MOSES is the dynamic switching from one security profile to another. We run a thorough set of experiments using our full implementation of MOSES. The results of the experiments confirm the feasibility of our proposal.

Original languageEnglish
Article number2300482
Pages (from-to)211-223
Number of pages13
JournalIEEE Transactions on Dependable and Secure Computing
Volume11
Issue number3
DOIs
Publication statusPublished - 1 Jan 2014

    Fingerprint

Keywords

  • Access control
  • Android
  • BYOD
  • Context
  • Virtualization

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Cite this