Mobile Computing: Security Issue
Group 4 Members: 941603 黃昱翔 941604 梁振堃 941611 郭雅恬 941618 劉俊宏 941623 王雋為 941650 王瓊儀 941661 李晏榕 941662 黃筱涵 941702 許椀淇
Security of Mobile Computing
The advantages of mobile devices are undeniable, but so are the ways that they can bring vulnerability to your system. Consider these key ways to protect your company’s system.
Device Security
Tips to secure mobile devices like laptops & handhelds Be smart. Label your property. Use security products. Use the hard drive password setting on your lapt
op. Once device was lost
Network Security
Network Security Data in transit V.S. Data at rest. Deploy VPN (virtual private network).
Security Layers Wireless Security Protocols.
Network Security Security Layers
Based on the OSI Motivation for the Mobile IP Security Services:
Authentication Access control Non-repudiation Data integrity Data confidentiality Assurance/Availability Notarization/signature
Network Security Wireless Security Protocols
Four wireless security protocol types are needed:1. Access control to mobile devices2. Local access control to networks and
network services3. Remote access control to networks and
network services4. Protection of data communication to/from
mobile devices.
Network Security
Wireless Security Protocols
1.Access control to mobile devices PIN and Password Authentication Visual and Graphical Login Biometrics Authorization
File Masking Access Control Lists Role-based Access Control
Network Security
Wireless Security Protocols
2.Local access control to networks and network services
WLAN Bluetooth Cellular Network…
3.Remote Network Access Remote access VPN
4.Protection of Data Communication
Tips to secure the data on mobile devices
Consider your real needs. Make a trusty backup. Ensure you're only carrying the data you
think you are. Use encryption or a Virtual Private Network
(VPN).
Tips to ensure a secure Internet connection everywhere—including at home
Disable your wireless Internet connection when not in use.
Use secure wireless. Make your home wireless network more secure. Change the name of your “SSID” network and/or don’t
broadcast it. Ensure you’re using a static IP address. Enable your firewall. Change the default admin password; make it longer and
more complex. Only allow machines you know to connect to your
network by enabling MAC address filtering.
Wireless Application Security Wireless application security includes
1. Application access control 2. Client/server communications security 3. Anti-malware protection
Wireless Application Security
Application Access Control Mobile applications handling confidential
data should require user authentication before application access is granted.
A limited inactive time is specified for an application before re-authentication is required.
Wireless Application Security
Client/Server Communication Security Typical wireless Internet connections are:
1. The wireless connection between a mobile device and an access device
2. The Internet connection between the mobile device and the Internet host/server via the access device.
For Web-based client/server applications, the SSL protocol provides encryption and signing of transmitted data.
Wireless Application Security
Anti-Malware Protection Malware can access and steal application dat
a, such as credit card information stored in memory by wireless applications.
Time and space for sensitive data in memory should be minimized.
Privacy and Security Policies
Any discussion of security and device management needs to acknowledge the importance of employees' efforts toward securing corporate data — especially customer data.
IT needs to formulate and distribute clear, concise security policies regarding access via mobile devices.
Privacy and Security Policies
Conduct tests on a periodic basis to ensure that the protections you've deployed worked, and that your employees remain up-to-date on their responsibilities when it comes to privacy and security.
Case-Sybase
The largest enterprise software and services company exclusively focused on managing and mobilizing information.
With the global solutions, enterprises can extend their information securely and make it useful for people anywhere using any device.
Case-Sybase
Government Solutions Information Technology, Management and
Mobile Solutions for Government Agencies They offer complete government solutions in
four key areas: 1. Federal2. State and Local3. Homeland Security4. Sybase Government Partners
Case-Sybase
Sybase Homeland Security Solutions With the threat of terrorist attacks, homeland
security has become a major concern for all individuals and organizations. Sybase solutions help meet this agency’s security objectives, and more.
Case-Sybase
Empowering field personnel with anywhere, anytime access to critical information offers many benefits, including: Increased productivity and improved response time Better information sharing and collaboration
between agencies Error-free capture of data in a standardized format Ability to maintain security and confidentiality of
critical data
Case-Sybase
Specific examples of Homeland Security solutions we provide include: Remote access to photos, documentation and other
vital statistics for field investigators Onsite data collection for inspection of commercial
structures, bridges, roads, military equipment, power lines and the nation's food supply
Information access for custom checkpoints ensuring inspection of people, vehicles, packages and any other items that may pose a security threat
Smart card identification and tracking of visitors at secure locations
Future will forecast
1. Global information safe service market development present situation and tendency
2. Taiwan information security market 3. The new focus of enterprises funded protection for mobile devices
4. Establishes set of motions work the security policy a. Zero tolerance policy b. The document remembered wants redact c. Other protective measures
Future will forecast