Top

Published in:

30-03-2017

Offline Mode for Corporate Mobile Client Security Architecture

Authors: Tatiana Galibus, Thiago P. de B. Vieira, Edison P. de Freitas, Robson de O. Albuquerque, Jo ao Paulo C. L da Costa, Rafael T. de Sousa Júnior, Viktor Krasnoproshin, Anton Zaleski, H. E. R. M. Vissia, Giovanni del Galdo

Published in: Mobile Networks and Applications | Issue 4/2017

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Preventing data leakage on the mobile client is a crucial security problem. Therefore, additional control and protection should be taken for the confidential data on the mobile clients that leave the boundaries of the organization. This paper presents a novel approach to the security of the corporate mobile clients, in particular when they operate in the offline mode. The presented approach includes the essential conceptualization and the definition of the core methodology to solve the problem of offline mobile security, i.e. the protection of the confidential data in use when the mobile client is not connected to the corporate cloud. The protection of the sensitive data is provided by the combination of cryptographic means and analytics methods to detect malicious user behavior. The proposed security architecture supports the basic mobile client protection principles: minimized traffic load and reduced communication with the cloud; usage of light-weighted operations and an optimized combination of the security methods.

previous article A Compatibility Vector Technique for Cooperative Scheduling and Channel Assignment Algorithm in Broadband Wireless Networks

next article Multiservice Load Balancing with Hybrid Particle Swarm Optimization in Cloud-Based Multimedia Storage System with QoS Provision

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

inform now

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

inform now

Cloud security alliance (2016) Top Threats Working Group https://cloudsecurityalliance.org/group/top-threats, accessed: 2016-01-15

B. D. S. BV (2016) Storgrid EFSS: Secure Enterprise File Sharing Software http://www.storgrid.com, accessed: 2016-01-15

Bellovin S M, Merritt M (1992) Encrypted key exchange: Password-based protocols secure against dictionary attacks Proceedings., 1992 IEEE Computer Society Symposium on Research in Security and Privacy. IEEE, pp 72–84

Bogos S, Boureanu I, Vaudenay S (2013) Primeless factoring-based cryptography Applied Cryptography and Network Security. Springer, pp 552–569

Campbell M (2015). Cloud data encryption is easy. Cloud Cyphercloud blog http://www.ciphercloud.com/blog/cloud-data-encryption-easy/, accessed: 2016-01-15

Chang H, Hari A, Mukherjee S, Lakshman T (2015) Design and architecture of a software defined proximity cloud. Advances in Mobile Cloud Computing Systems, p 123

Da Costa J, Thakre A, Roemer F, Haardt M (2009) Comparison of model order selection techniques for high-resolution parameter estimation algorithms Proceedings 54th International Scientific Colloquium (IWK’09), Ilmenau, Germany

Galibus T (2014) Access control for the cloud storage Proceeding of the 3rd Belarus-Korea Forum Science “Innovation, Production”, Minsk

Galibus T, Matveev G (2007) Generalized mignotte sequences in polynomial rings. ENTCS 186:39–45MATH

10.

Galibus T, Vissia H (2015) Cloud storage security Network Security and Communication Engineering: Proceedings of the 2014 International Conference on Network Security and Communication Engineering (NSCE 2014). CRC Press, Hong Kong, p 123CrossRef

11.

Galibus T, Matveev G, Shenets N (2008) Some structural and security properties of the modular secret sharing SYNASC’08. 10th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing. IEEE, pp 197–200

12.

Galibus T, Gafurov S, Kaganovich D, Vissia H (2015) Mobile security based on the secret sharing. J Brest State Tech Univ 5:33–36. in Russian

13.

Gartner (2015) Key challenges in cloud computing. Cloud Computing http://www.gartner.com/technology/topics/cloud-computing.jsp, accessed: 2016-01-15

14.

Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data Proceedings of the 13th ACM Conference on Computer and Communications Security. ACM, pp 89–98

15.

Heydari M, Sadough S M S, Farash M S, Chaudhry S A, Mahmood K (2016) An efficient password-based authenticated key exchange protocol with provable security for mobile client–client networks. Wirel Pers Commun 88(2):337–356CrossRef

16.

Higashi M (2015) Cloud data security and eu data privacy rules compliance with encryption and tokenization. Cloud Security, Compliance http://www.ciphercloud.com/blog/cloud-data-security-and-eu-data-privacy-rules-compliance-with-encryption-and-tokenization/, accessed: 2016-01-15

17.

Huang C T, Chang R K, Huang P (2009) Signal processing applications in network intrusion detection systems. EURASIP J Adv signal Process 2009(1):1–2MathSciNetCrossRefMATH

18.

Itani W, Kayssi A, Chehab A (2010) Energyefficient incremental integrity for securing storage in mobile cloud computing 2010 International Conference on Energy Aware Computing (ICEAC). IEEE, pp 1–2

19.

James N, Elaine B, Lawrence B, William B, Morris D, James F, Roback E (2000) Report on the development of the advanced encryption standard (aes). NYST http://csrc.nist.gov/archive/aes/round2/r2report.pdf, accessed: 2016-01-15

20.

Kaspersky (2014) Mobile cyber threats. Kaspersky Lab & INTERPOL Joint Report http://media.kaspersky.com/pdf/Kaspersky-Lab-KSN-Report-mobile-cyberthreats-web.pdf, accessed: 2016-01-15

21.

Khan A N, Kiah M M, Khan S U, Madani S A (2013) Towards secure mobile cloud computing: A survey. Fut Gener Comput Syst 29(5):1278–1299CrossRef

22.

Khan AN, Kiah MM, Ali M, Madani SA, Shamshirband S et al (2014) Bss: block-based sharing scheme for secure data storage services in mobile cloud environment. J Supercomput 70(2):946–976CrossRef

23.

Khan A N, Kiah M M, Ali M, Shamshirband S et al (2015) A cloud-manager-based re-encryption scheme for mobile users in cloud environment: a hybrid approach. J Grid Comput 13(4):651–675CrossRef

24.

Khan AR, Othman M, Madani SA, Khan SU (2014) A survey of mobile cloud computing application models. Commun Surv Tutorials, IEEE 16(1):393–413CrossRef

25.

Kulkarni P, Khanai R (2015) Addressing mobile cloud computing security issues: a survey International Conference on Communications and Signal Processing (ICCSP). IEEE, pp 1463–1467

26.

Lawson C, MacDonald N, Lowans B (2015) Market guide for cloud access security brokers. Gartner research http://www.gartner.com/technology/reprints.do?id=1-2RUEH70&ct=151110&st=sb, accessed: 2016-01-15

27.

Lu W, Ghorbani A A (2009) Network anomaly detection based on wavelet analysis. EURASIP J Adv Signal Process 2009:4CrossRefMATH

28.

Mayrhofer R (2015) An architecture for secure mobile devices. Secur Commun Netw 8(10):1958–1970CrossRef

29.

McAfee (2015) Mcafee labs threats report. http://www.mcafee.com/us/resources/reports/rp-quarterly-threats-aug-2015.pdf, accessed: 2016-01-15

30.

Ren W, Yu L, Gao R, Xiong F (2011) Lightweight and compromise resilient storage outsourcing with distributed secure accessibility in mobile cloud computing. Tsinghua Sci Technol 16(5):520–528CrossRef

31.

Shila D M, Shen W, Cheng Y, Tian X (2016) Amcloud: Toward a secure autonomic mobile ad hoc cloud computing system. to appear

32.

Skyhigh (2015) What is cloud access security broker. Skyhigh Cloud University https://www.skyhighnetworks.com/cloud-university/what-is-cloud-access-security-broker/, accessed: 2016-01-15

33.

Tenório D F, Da Costa J P C, De Sousa Júnior R T (2013) Greatest eigenvalue time vector approach for blind detection of Malicious traffic. ICoFCS 2013 p 46

34.

Van Lelyveld A (2013) Sap mobile platform secure mobile with mocana. SMP Enterprise Grade Mobility http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/8063ed15-0713-3110-c584-e75ac0395b20?QuickLink=index&overridelayout=true&58725087881424, accessed: 2016-01-15

35.

Xia Y, Liu Y, Tan C, Ma M, Guan H, Zang B, Chen H (2015) Tinman: eliminating confidential mobile data exposure with security oriented offloading Proceedings of the Tenth European Conference on Computer Systems. ACM, p 27

36.

Yang J, Wang H, Wang J, Tan C, Yu D (2011) Provable data possession of resource-constrained mobile devices in cloud computing. J Netw 6(7):1033–1040

37.

Yovel Y (2014) Essential ways to protect my mobile apps. Security Intelligence e-magazine https://securityintelligence.com/how-to-protect-mobile-apps-essentials/, accessed: 2016-01-15

38.

Zhao G, Rong C, Li J, Zhang F, Tang Y (2010) Trusted data sharing over untrusted cloud storage providers IEEE Second International Conference on Cloud Computing Technology and Science (CloudCom). IEEE, pp 97–103

Title: Offline Mode for Corporate Mobile Client Security Architecture
Authors: Tatiana Galibus
Thiago P. de B. Vieira
Edison P. de Freitas
Robson de O. Albuquerque
Jo ao Paulo C. L da Costa
Rafael T. de Sousa Júnior
Viktor Krasnoproshin
Anton Zaleski
H. E. R. M. Vissia
Giovanni del Galdo
Publication date: 30-03-2017
Publisher: Springer US
Published in: Mobile Networks and Applications / Issue 4/2017
Print ISSN: 1383-469X
Electronic ISSN: 1572-8153
DOI: https://doi.org/10.1007/s11036-017-0839-4

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelektronik

ATZelectronics worldwide

Other articles of this Issue 4/2017

Multiservice Load Balancing with Hybrid Particle Swarm Optimization in Cloud-Based Multimedia Storage System with QoS Provision

Mobile Application for Archaeological Site Image Content Retrieval and Automated Generating Image Descriptions with Neural Network

Understanding Customer Experience Diffusion on Social Networking Services by Big Data Analytics

Discovering Social Bursts by Using Link Analytics on Large-Scale Social Networks

Editorial: Recent Advances on Big Data Technologies and Applications

Real-Time Traffic Flow Management Based on Inter-Object Communication: a Case Study at Intersection