[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.5555/2762722.2762750acmotherconferencesArticle/Chapter ViewAbstractPublication PagesiccasaConference Proceedingsconference-collections
tutorial

A Context-aware Adaptive Security Framework for Mobile Applications

Published: 07 October 2014 Publication History

Abstract

Mobile devices currently offer many value-added applications and services such as messaging, navigation, social networking, finance, and entertainment. As these mobile applications have access to users' personal information and are capable of gathering and transmitting trust sensitive information, posing security and privacy risks. In this paper, we propose a context-aware adaptive security framework for eliciting users' context information and adapting this information with mobile applications' network access control mechanism. The framework enforces the execution of mobile applications inside security incubators to control the communication between mobile applications and mobile device resources. Applications' access requests are analyzed based on user's context information collected from the mobile device sensors and the application security configuration.

References

[1]
P. Persson and Y. Jung, "Nokia sensor: from research to product," in Proceedings of the 2005 conference on Designing for User eXperience, ser. DUX '05. New York, NY, USA: AIGA: American Institute of Graphic Arts, 2005. http://dl.acm.org/citation.cfm?id=1138235.1138297
[2]
A. Distefano, A. Grillo, A. Lentini, and G. F. Italiano, "Securemydroid: Enforcing security in the mobile devices lifecycle," in Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, ser. CSIIRW '10. New York, NY, USA: ACM, 2010, pp. 27:1–27:4. http://doi.acm.org/10.1145/1852666.1852696
[3]
P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall, "These aren't the droids you're looking for: Retrofitting android to protect data from imperious applications," in Proceedings of the 18th ACM Conference on Computer and Communications Security, ser. CCS '11. New York, NY, USA: ACM, 2011, pp. 639–652. http://doi.acm.org/10.1145/2046707.2046780
[4]
R. Balebako, J. Jung, W. Lu, L. F. Cranor, and C. Nguyen, ""little brothers watching you": Raising awareness of data leaks on smartphones," in Proceedings of the Ninth Symposium on Usable Privacy and Security, ser. SOUPS '13. New York, NY, USA: ACM, 2013, pp. 12:1–12:11. http://doi.acm.org/10.1145/2501604.2501616
[5]
J. S. Dyer, P. C. Fishburn, R. E. Steuer, J. Wallenius, and S. Zionts, "Multiple criteria decision making, multiattribute utility theory: The next ten years," Management Science, vol. 38 Issue: 5, pp. 645–654, 1992.
[6]
Rosenbloom, "A probabilistic interpretation of the final rankings in AHP," European Journal of Operational Research, vol. 96, no. 2, pp. 371–378, 1997. http://www.sciencedirect.com/science/article/pii/S0377221796000495
[7]
Y. Koumoto, H. Nonaka, and T. Yanagida, "A proposal of context-aware service composition method based on analytic hierarchy process," in New Advances in Intelligent Decision Technologies, ser. Studies in Computational Intelligence, K. Nakamatsu, G. Phillips-Wren, L. Jain, and R. Howlett, Eds. Springer Berlin Heidelberg, 2009, vol. 199, pp. 65–71. http://dx.doi.org/10.1007/978-3-642-00909-97.
[8]
M. Cocea and G. Magoulas, "Context-dependent personalised feedback prioritisation in exploratory learning for mathematical generalisation," in User Modeling, Adaptation, and Personalization, ser. Lecture Notes in Computer Science, G.-J. Houben, G. McCalla F. Pianesi, and M. Zancanaro, Eds. Springer Berlin Heidelberg, Springer Berlin Heidelberg, vol. 5535, pp. 271–282. http://dx.doi.org/10.1007/978-3-642-02247-026
[9]
D.-N. Chen, P. J.-H. Hu, Y.-R. Kuo, and T.-P. Liang, "A web-based personalized recommendation system for mobile phone selection: Design, implementation, and evaluation," Expert Systems with Applications, vol. 37, no. 12, pp. 8201– 8210, 2010. http://www.sciencedirect.com/science/article/pii/S095741741000477X
[10]
T. L. Saaty, Decision Making for Leaders: The Analytic Hierarchy Process for Decisions in a Complex World. Pittsburgh, Pennsylvania: RWS Publications, 1999.
[11]
National Institute of Standards and Technology NIST 800-97, Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i, http://csrc.nist.gov/publications/nistpubs/800-97/SP800-97.pdf
[12]
W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth, "Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones," in Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, ser. OSDI'10. Berkeley, CA, USA: USENIX Association, 2010, pp. 1–6. http://dl.acm.org/citation.cfm?id=1924943.1924971
[13]
P. G. Kelley, L. F. Cranor, and N. Sadeh, "Privacy as part of the app decision-making process," in Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, ser. CHI '13. New York, NY, USA: ACM, 2013, pp. 3393–3402.
[14]
G. Johnson, A. Agrawala, and E. Billionniere, "A framework for shrink-wrapping security services," in Proceedings of the 2010 IEEE International Conference on Services Computing, ser. SCC '10. Washington, DC, USA: IEEE Computer Society, 2010, pp. 639–640. http://dx.doi.org/10.1109/SCC.2010.79
[15]
D. Kulkarni and A. Tripathi, "Context-aware role-based access control in pervasive computing systems," in Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, ser. SACMAT '08. New York, NY, USA: ACM, 2008, pp. 113–122. http://doi.acm.org/10.1145/1377836.1377854
[16]
K. Fischer and S. Karsch, "Modelling security relevant context an ap- proach towards adaptive security in volatile mobile web environments," in International Conference on Web Science, Koblenz, Germany, 2011.
[17]
H. Shen and Y. Cheng, "A context-aware semantic-based access control model for mobile web services," in Advanced Research on Computer Science and Information Engineering, ser. Communications in Computer and Information Science, G. Shen and X. Huang, Eds. Springer Berlin Heidelberg, 2011, vol. 153, pp. 132–139. http://dx.doi.org/10.1007/978-3-642-21411-021
[18]
R. L. Anand Dersingh and A. Jost, "Context-aware access control using semantic policies," in Ubiquitous Computing And Communication Journal (UBICC) Special Issue on Autonomic Computing Systems and Applications, 2008, vol. 3, pp. 19–32.
[19]
G. Bai, L. Gu, T. Feng, Y. Guo, and X. Chen, "Context-aware usage control for android," in Security and Privacy in Communication Networks, ser. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, ser. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, S. Jajodia and J. Zhou, Eds. Springer Berlin Heidelberg, 2010, vol. 50, pp. 326–343. {Online}. Available: http://dx.doi.org/10.1007/978-3-642-16161-2 19
[20]
A. Mihovska and N. Prasad, Adaptive Security Architecture based on EC-MQV Algorithm in Personal Network (PN), 2007, pp. 433–437.
[21]
E. Hayashi, S. Das, S. Amini, J. Hong, and I. Oakley, "Casa: context-aware scalable authentication," in Proceedings of the Ninth Symposium on Usable Privacy and Security, ser. SOUPS '13. New York, NY, USA: ACM, 2013, pp. 3:1–3:10. http://doi.acm.org/10.1145/2501604.2501607
[22]
A. Gupta, M. Miettinen, N. Asokan, and M. Nagy, "Intuitive security policy configuration in mobile devices using context profiling," in Proceedings of the 2012 ASE/IEEE International Conference on Social Computing and 2012 ASE/IEEE International Conference on Privacy, Security, Risk and Trust, ser. SOCIALCOM-PASSAT '12. Washington, DC, USA: IEEE Computer Society, 2012, pp. 471–480. {Online}. http://dx.doi.org/10.1109/SocialCom-PASSAT.2012.60
[23]
M. Conti, V. Nguyen, and B. Crispo, "Crepe: Context-related policy enforcement for android," in Information Security, ser. Lecture Notes in Computer Science, M. Burmester, G. Tsudik, S. Magliveras, and I. Ili, Eds. Springer Berlin Heidelberg, 2011, vol. 6531, pp. 331–345. http://dx.doi.org/10.1007/978-3-642-18178-8 29
[24]
Jajodia, S., J. Zhou, et al. (2010). Context-Aware Usage Control for Android. Security and Privacy in Communication Networks, Springer Berlin Heidelberg. 50: 326–343.

Cited By

View all
  • (2022)Making smart platforms smarterJournal of Computing Sciences in Colleges10.5555/3512733.351273737:5(43-53)Online publication date: 19-Jan-2022
  • (2015)Context-aware Role-based Access Control Using Security LevelsProceedings of the 2015 Conference on research in adaptive and convergent systems10.1145/2811411.2811498(280-284)Online publication date: 9-Oct-2015

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences
ICCASA '14: Proceedings of the 3rd International Conference on Context-Aware Systems and Applications
October 2014
184 pages
ISBN:9781631900051

In-Cooperation

Publisher

ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering)

Brussels, Belgium

Publication History

Published: 07 October 2014

Check for updates

Author Tags

  1. AHP
  2. Mobile computing
  3. context awareness
  4. context-aware security
  5. decision analysis

Qualifiers

  • Tutorial
  • Research
  • Refereed limited

Conference

ICCASA '14

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)15
  • Downloads (Last 6 weeks)1
Reflects downloads up to 02 Dec 2024

Other Metrics

Citations

Cited By

View all
  • (2022)Making smart platforms smarterJournal of Computing Sciences in Colleges10.5555/3512733.351273737:5(43-53)Online publication date: 19-Jan-2022
  • (2015)Context-aware Role-based Access Control Using Security LevelsProceedings of the 2015 Conference on research in adaptive and convergent systems10.1145/2811411.2811498(280-284)Online publication date: 9-Oct-2015

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media