{"title":"Enforcing Enterprise Mobile Application Security Policy with Plugin Framework","authors":"Pang-Yang Chu, Wei-Huan Lu, Jun-Wei Lin, Yu-Sung Wu","doi":"10.1109/PRDC.2018.00048","DOIUrl":null,"url":null,"abstract":"The prevalent use of mobile applications in enterprise computing requires more stringent yet flexible enforcement of security policies on the mobile devices. Existing enforcement mechanisms such as mobile device management system focus on the management of device features and cannot cover the diverse security policies of enterprise applications precisely. We address the challenge by proposing a novel security policy enforcement system based on Plugin framework. The system provides fine-grained security policy enforcement at each library call site in an application. With root privilege (targeting company-owned devices), fine-grained enforcement can be applied to any application. Without root privilege (targeting BYOD devices), fine-grained enforcement can be applied to the applications installed via the enforcement system.","PeriodicalId":409301,"journal":{"name":"2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PRDC.2018.00048","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
The prevalent use of mobile applications in enterprise computing requires more stringent yet flexible enforcement of security policies on the mobile devices. Existing enforcement mechanisms such as mobile device management system focus on the management of device features and cannot cover the diverse security policies of enterprise applications precisely. We address the challenge by proposing a novel security policy enforcement system based on Plugin framework. The system provides fine-grained security policy enforcement at each library call site in an application. With root privilege (targeting company-owned devices), fine-grained enforcement can be applied to any application. Without root privilege (targeting BYOD devices), fine-grained enforcement can be applied to the applications installed via the enforcement system.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
