U. Kumar, Palanivel A. Kodeswaran, Vikrant Nandakumar, Shalini Kapoor
{"title":"Polite: A policy framework for building managed mobile apps","authors":"U. Kumar, Palanivel A. Kodeswaran, Vikrant Nandakumar, Shalini Kapoor","doi":"10.1109/MILCOM.2012.6415731","DOIUrl":null,"url":null,"abstract":"The proliferation of smart phones inside enterprises and the number of enterprise apps (applications) available for various smart phone platforms has been increasing. This trend is expected to continue as smart phones tend to become the device of choice to access both enterprise and personal data. Making enterprise sensitive data accessible on smart phones requires that adequate protection mechanisms be available on these devices to ensure that sensitive data is not compromised due to various reasons, such as employees losing phones to malicious apps (installed by the user) running on the phones. Most of the existing solutions either provide device level control or have an external agent monitoring the application's behavior, and has numerous limitations. In this paper we propose a framework, Polite, to build enterprise mobile apps that can be managed at run-time, which is less intrusive to the end user while providing stronger security guarantees to the enterprise. We describe several critical scenarios where controlling the run time behavior of apps on the phone is essential and how our architecture can provide security guarantees that are not possible with existing solutions. Performance results of our implementation indicate that our framework induces a minimal overhead of only 6% that may be acceptable for most enterprise mobile apps.","PeriodicalId":18720,"journal":{"name":"MILCOM 2012 - 2012 IEEE Military Communications Conference","volume":"2013 1","pages":"1-6"},"PeriodicalIF":0.0000,"publicationDate":"2012-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"MILCOM 2012 - 2012 IEEE Military Communications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MILCOM.2012.6415731","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
The proliferation of smart phones inside enterprises and the number of enterprise apps (applications) available for various smart phone platforms has been increasing. This trend is expected to continue as smart phones tend to become the device of choice to access both enterprise and personal data. Making enterprise sensitive data accessible on smart phones requires that adequate protection mechanisms be available on these devices to ensure that sensitive data is not compromised due to various reasons, such as employees losing phones to malicious apps (installed by the user) running on the phones. Most of the existing solutions either provide device level control or have an external agent monitoring the application's behavior, and has numerous limitations. In this paper we propose a framework, Polite, to build enterprise mobile apps that can be managed at run-time, which is less intrusive to the end user while providing stronger security guarantees to the enterprise. We describe several critical scenarios where controlling the run time behavior of apps on the phone is essential and how our architecture can provide security guarantees that are not possible with existing solutions. Performance results of our implementation indicate that our framework induces a minimal overhead of only 6% that may be acceptable for most enterprise mobile apps.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
