Options
2013
Conference Paper
Title
A configurable and extensible security service architecture for smartphones
Abstract
In current Bring-Your-Own-Device (BYOD) settings, companies struggle to assess and control the security level of their employee's smartphones. App distribution points like the Apple App Store and Google Play provide app reviews and malware checks, but these measures are opaque and not aligned with corporate-specific security guidelines. In this paper, we present a framework which allows companies to run automated security checks, tailored to their specific security requirements and independent of app markets. Our framework orchestrates different plug-in security services for checking mobile devices for malware, misbehaving apps, and configurations. The framework operates on a virtual replica which is created from the physical device, thereby allowing deeper inspection than current industry's state-of-the-art solutions. We implemented the framework as a prototype and evaluated its performance and feasibility.