کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
459042 | 696223 | 2013 | 16 صفحه PDF | دانلود رایگان |
Smartphones are on par with modern desktop environments in terms of operating system and hardware functionality. As a consequence, threats to desktop environments are also applicable to smartphones in addition to traditional threats to mobile phones. End-user management of security configurations that mitigate smartphone threats is complex and error-prone. As a consequence, misconfiguration of a security configuration may unnecessarily expose a smartphone to known threats. In this paper, a threat-based model for smartphone security configuration is presented. To evaluate the approach, a prototype Android security app, MASON, is developed to automatically manage firewall configurations on behalf of the end-user. A case study based on firewall access control demonstrates how automated firewall configuration recommendations can be made based on catalogues of countermeasures. These countermeasures are drawn from best-practice standards such as NIST 800-124, a guideline on cell phone and PDA security and NIST 800-41-rev1, a guideline on firewall security configuration.
Journal: Journal of Information Security and Applications - Volume 18, Issue 1, July 2013, Pages 14–29