Abstract
With the market penetration of mobile phones and the trend towards the adoption of more sophisticated services, the risks posed by such devices, for the individual and the enterprise, has increased considerably. Risk assessment (RA) is an established approach with organisations for understanding and mitigating information security threats. However, it is also a time consuming process requiring an experienced analyst. Within mobile devices, the interested stakeholders range from administrators to the general public and an approach is therefore required that can establish RA in a fast, user convenient and effective manner. The proposed method utilises a number of approaches to minimise the effort required from the end-user, taking the different security requirements of various services into account and ensuring a level of flexibility that will enable all categories of user (from novice to expert) to engage with the process.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
References
ITU Key Global Telecom Indicators for the World Telecommunication Service Sector, http://www.itu.int/ITU-D/ict/statistics/at_glance/KeyTelecom.html
Dagon, D., Martin, T., Starner, T.: Mobile phones as computing devices: the viruses are coming! IEEE Pervasive Computing 3(4), 11–15 (2004)
Ziemann, F.: http://www.pcwelt.de/news/Trojanische-Spiele-Mobile-Malware-in-sechs-Monaten-verdoppelt-351574.html
Richardson, R.: CSI Computer Crime and Security Survey. Computer Security Institute (2009), http://www.gocsi.com
Verkasalo, H.: Analysis of Smartphone User Behavior. In: 2010 Ninth International Conference on Mobile Business and 2010 Ninth Global Mobility Roundtable (ICMB-GMR), pp. 258–263 (2010)
Clarke, N.L., Furnell, S.M.: Advanced User Authentication for Mobile Devices. Computers & Security 26(2), 109–119 (2007)
Clarke, N.L.: Advanced User Authentication for Mobile Devices. PhD Thesis. University of Plymouth, United Kingdom (2004)
Carnegie Mellon University, http://www.cert.org/octave/download/intro.html
Insight Consulting, http://dtps.unipi.gr/files/notes/2009-2010/eksamino_5/politikes_kai_diaxeirish_asfaleias/egxeiridio_cramm.pdf
Clusif, http://www.clusif.asso.fr/fr/production/ouvrages/pdf/MEHARI-2010-Overview.pdf
Clarke, N.L., Karatzouni, S., Furnell, S.M.: Towards a Flexible, Multi-Level Security Framework for Mobile Devices. In: Proceedings of The 10th Security Conference, Las Vegas (2010)
Microsoft, http://msdn.microsoft.com/en-us/library/ee823878%28CS.20%29.aspx
Fried, S.: Mobile Device Security - A Comprehensive Guide to Securing Your Information in a Moving World. Auerbach Publications, Boca Raton (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lederm, T., Clarke, N.L. (2011). Risk Assessment for Mobile Devices. In: Furnell, S., Lambrinoudakis, C., Pernul, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2011. Lecture Notes in Computer Science, vol 6863. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22890-2_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-22890-2_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22889-6
Online ISBN: 978-3-642-22890-2
eBook Packages: Computer ScienceComputer Science (R0)