Enforcing enterprise mobile application security policy with plugin framework

Pang Yang Chu; Wei Huan Lu; Jun Wei Lin; Yu-Sung Wu

doi:10.1109/PRDC.2018.00048

Enforcing enterprise mobile application security policy with plugin framework

Pang Yang Chu, Wei Huan Lu, Jun Wei Lin, Yu-Sung Wu

Institute of Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Scopus citations

Abstract

The prevalent use of mobile applications in enterprise computing requires more stringent yet flexible enforcement of security policies on the mobile devices. Existing enforcement mechanisms such as mobile device management system focus on the management of device features and cannot cover the diverse security policies of enterprise applications precisely. We address the challenge by proposing a novel security policy enforcement system based on Plugin framework. The system provides fine-grained security policy enforcement at each library call site in an application. With root privilege (targeting company-owned devices), fine-grained enforcement can be applied to any application. Without root privilege (targeting BYOD devices), fine-grained enforcement can be applied to the applications installed via the enforcement system.

Original language	English
Title of host publication	Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018
Publisher	IEEE Computer Society
Pages	263-268
Number of pages	6
ISBN (Electronic)	9781538657003
DOIs	https://doi.org/10.1109/PRDC.2018.00048
State	Published - 11 Feb 2019
Event	23rd IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2018 - Taipei, Taiwan Duration: 4 Dec 2018 → 7 Dec 2018

Publication series

Name	Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC
Volume	2018-December
ISSN (Print)	1541-0110

Conference

Conference	23rd IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2018
Country	Taiwan
City	Taipei
Period	4/12/18 → 7/12/18

Keywords

Enterprise computing
Mobile applications
Mobile device management
Security policy enforcement

Access to Document

10.1109/PRDC.2018.00048

Link to publication in Scopus

Fingerprint Dive into the research topics of 'Enforcing enterprise mobile application security policy with plugin framework'. Together they form a unique fingerprint.

Cite this

Chu, P. Y., Lu, W. H., Lin, J. W., & Wu, Y-S. (2019). Enforcing enterprise mobile application security policy with plugin framework. In Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018 (pp. 263-268). [8639688] (Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC; Vol. 2018-December). IEEE Computer Society. https://doi.org/10.1109/PRDC.2018.00048

Chu, Pang Yang ; Lu, Wei Huan ; Lin, Jun Wei ; Wu, Yu-Sung. / Enforcing enterprise mobile application security policy with plugin framework. Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018. IEEE Computer Society, 2019. pp. 263-268 (Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC).

@inproceedings{ba9524e100814019a3b6208684c6292b,

title = "Enforcing enterprise mobile application security policy with plugin framework",

abstract = "The prevalent use of mobile applications in enterprise computing requires more stringent yet flexible enforcement of security policies on the mobile devices. Existing enforcement mechanisms such as mobile device management system focus on the management of device features and cannot cover the diverse security policies of enterprise applications precisely. We address the challenge by proposing a novel security policy enforcement system based on Plugin framework. The system provides fine-grained security policy enforcement at each library call site in an application. With root privilege (targeting company-owned devices), fine-grained enforcement can be applied to any application. Without root privilege (targeting BYOD devices), fine-grained enforcement can be applied to the applications installed via the enforcement system.",

keywords = "Enterprise computing, Mobile applications, Mobile device management, Security policy enforcement",

author = "Chu, {Pang Yang} and Lu, {Wei Huan} and Lin, {Jun Wei} and Yu-Sung Wu",

year = "2019",

month = feb,

day = "11",

doi = "10.1109/PRDC.2018.00048",

language = "English",

series = "Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC",

publisher = "IEEE Computer Society",

pages = "263--268",

booktitle = "Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018",

note = "null ; Conference date: 04-12-2018 Through 07-12-2018",

}

Chu, PY, Lu, WH, Lin, JW & Wu, Y-S 2019, Enforcing enterprise mobile application security policy with plugin framework. in Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018., 8639688, Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC, vol. 2018-December, IEEE Computer Society, pp. 263-268, 23rd IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2018, Taipei, Taiwan, 4/12/18. https://doi.org/10.1109/PRDC.2018.00048

Enforcing enterprise mobile application security policy with plugin framework. / Chu, Pang Yang; Lu, Wei Huan; Lin, Jun Wei; Wu, Yu-Sung.

Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018. IEEE Computer Society, 2019. p. 263-268 8639688 (Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC; Vol. 2018-December).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Enforcing enterprise mobile application security policy with plugin framework

AU - Chu, Pang Yang

AU - Lu, Wei Huan

AU - Lin, Jun Wei

AU - Wu, Yu-Sung

PY - 2019/2/11

Y1 - 2019/2/11

N2 - The prevalent use of mobile applications in enterprise computing requires more stringent yet flexible enforcement of security policies on the mobile devices. Existing enforcement mechanisms such as mobile device management system focus on the management of device features and cannot cover the diverse security policies of enterprise applications precisely. We address the challenge by proposing a novel security policy enforcement system based on Plugin framework. The system provides fine-grained security policy enforcement at each library call site in an application. With root privilege (targeting company-owned devices), fine-grained enforcement can be applied to any application. Without root privilege (targeting BYOD devices), fine-grained enforcement can be applied to the applications installed via the enforcement system.

AB - The prevalent use of mobile applications in enterprise computing requires more stringent yet flexible enforcement of security policies on the mobile devices. Existing enforcement mechanisms such as mobile device management system focus on the management of device features and cannot cover the diverse security policies of enterprise applications precisely. We address the challenge by proposing a novel security policy enforcement system based on Plugin framework. The system provides fine-grained security policy enforcement at each library call site in an application. With root privilege (targeting company-owned devices), fine-grained enforcement can be applied to any application. Without root privilege (targeting BYOD devices), fine-grained enforcement can be applied to the applications installed via the enforcement system.

KW - Enterprise computing

KW - Mobile applications

KW - Mobile device management

KW - Security policy enforcement

UR - http://www.scopus.com/inward/record.url?scp=85062838572&partnerID=8YFLogxK

U2 - 10.1109/PRDC.2018.00048

DO - 10.1109/PRDC.2018.00048

M3 - Conference contribution

AN - SCOPUS:85062838572

T3 - Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC

SP - 263

EP - 268

BT - Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018

PB - IEEE Computer Society

Y2 - 4 December 2018 through 7 December 2018

ER -

Chu PY, Lu WH, Lin JW, Wu Y-S. Enforcing enterprise mobile application security policy with plugin framework. In Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018. IEEE Computer Society. 2019. p. 263-268. 8639688. (Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC). https://doi.org/10.1109/PRDC.2018.00048