Moses: supporting and enforcing security Profiles on smartphones

MOSES: SUPPORTING AND ENFORCING SECURITY

PROFILES ON SMARTPHONES

TO VIEW THE OUTPUT CLICK HERE

ABSTRACT:

Smartphones are very effective tools for increasing the productivity of business users. With their increasing computational power and storage capacity, smartphones allow end users to perform several tasks and be always updated while on the move. Companies are willing to support employee-owned smartphones because of the increase in productivity of their employees. However, security concerns about data sharing, leakage and loss have hindered the adoption of smartphones for corporate use. In this paper we present MOSES, a policy-based framework for enforcing software isolation of applications and data on the Android platform. In MOSES, it is possible to define distinct Security Profiles within a single smartphone. Each security profile is associated with a set of policies that control the access to applications and data. Profiles are not predefined or hardcoded, they can be specified and applied at any time. One of the main characteristics of MOSES is the dynamic switching from one security profile to another. We run a thorough set of experiments using our full implementation of MOSES. The results of the experiments confirm the feasibility of our proposal.

EXISTING SYSTEM:

Smartphones allow end users to perform several tasks while being on the move. As a consequence, end users require their personal smartphones to be connected to their work IT infrastructure. An increasing number of companies are even embracing the BYOD: Bring Your Own Device policy, leveraging the employee’s smartphone to provide mobile access to company’s applications. Several device manufacturers are even following this trend by producing smartphones able to handle two subscriber identification modules (SIMs) at the same time.

Despite this positive scenario, since users can install third-party applications on their smartphones, several security concerns may arise. For instance, malicious applications may access emails, SMS and MMS stored in the smartphone containing company confidential data. Even more worrying is the number of legitimate applications harvesting and leaking data that are not strictly necessary for the functions the applications advertise to users.

DISADVANTAGES OF EXISTING SYSTEM:

·       It has lot of security issues.

·       Confidential data will be lost.

·       Unwanted applications will run in background and cause changes to the data.

·       There is no privacy in data.

PROPOSED SYSTEM:

One possible solution to this problem is isolation, by keeping applications and data related to work separated from recreational applications and private/personal data. Within the same device, separate security environments might exist: one security environment could be only restricted to sensitive/corporate data and trusted applications; a second security environment could be used for entertainment where third-party games and popular applications could be installed. As long as applications from the second environment are not able to access data of the first environment the risk of leakage of sensitive information can be greatly reduced.

Such a solution could be implemented by means of virtualization technologies where different instances of an OS can run separately on the same device.

ADVANTAGES OF PROPOSED SYSTEM:

·       Each security profile (SP) can be associated to one or more contexts that determine when the profile become active.

·       Both contexts and profiles can be easily and dynamically specified by end users.

 · Switching between security profiles can require user interaction or be automatic, efficient, and transparent to the user.

SYSTEM ARCHITECTURE:

SYSTEM CONFIGURATION:-

HARDWARE REQUIREMENTS:-

ü Processor                  -        Pentium –IV

ü Speed                        -        1.1 Ghz

ü RAM                         -        512 MB(min)

ü Hard Disk                 -        40 GB

ü Key Board                -        Standard Windows Keyboard

ü Mouse                       -        Two or Three Button Mouse

ü Monitor                     -        LCD/LED

SOFTWARE REQUIREMENTS:

•         Operating system :         Android

•         Coding Language :         Android

•         Data Base             :         SQLite

•         Tool                     :         Eclipse

REFERENCE:

Yury Zhauniarovich, Giovanni Russello, Mauro Conti, Bruno Crispo and Earlence Fernandes “MOSES: Supporting and Enforcing Security

Profiles on Smartphones” IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 11, NO. 3, MAY-JUNE 2014.