Mobile Device Encryption Systems - Security and Privacy Protection in Information Processing Systems
Conference Papers Year : 2013

Mobile Device Encryption Systems

Peter Teufl
  • Function : Author
  • PersonId : 1001094
Thomas Zefferer
  • Function : Author
  • PersonId : 1001095
Christof Stromberger
  • Function : Author
  • PersonId : 1001096

Abstract

The initially consumer oriented iOS and Android platforms, and the newly available Windows Phone 8 platform start to play an important role within business related areas. Within the business context, the devices are typically deployed via mobile device management (MDM) solutions, or within the bring-your-own-device (BYOD) context. In both scenarios, the security depends on many platform security functions, such as permission systems, management capabilities, screen locks, low-level malware protection systems, and access and data protection systems. Especially, the latter play a crucial rule for the security of stored data. While the access protection part is related to the typically used passcodes that protect the smartphone from unauthorized tempering, the data protection facility is used to encrypt the core assets – the application data and credentials. The applied encryption protects the data when access to the smartphone is gained either through theft or malicious software. While all of the current platforms support these systems and market these features extensively within the business context, there are huge differences in the implemented systems that need to be considered for deployment scenarios that require high security levels. Even under the assumption, that the underlying encryption systems are implemented correctly, the heterogeneity of the systems allows for a wide range of attacks that exploit various issues related to deployment, development and configuration of the different systems.In order to address this situation, this paper presents an analysis of the access and data protection systems of the currently most popular platforms. Due to the important influence of the developer on the security of the iOS Data Protection system, we also present a tool that supports administrators in evaluating the right choice of data protection classes in arbitrary iOS applications.
Fichier principal
Vignette du fichier
978-3-642-39218-4_16_Chapter.pdf (376.27 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01463828 , version 1 (09-02-2017)

Licence

Identifiers

Cite

Peter Teufl, Thomas Zefferer, Christof Stromberger. Mobile Device Encryption Systems. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. pp.203-216, ⟨10.1007/978-3-642-39218-4_16⟩. ⟨hal-01463828⟩
86 View
1256 Download

Altmetric

Share

More