Application Lockbox for Mobile Device Security

摘要

The security requirements for mobile devices are inherently different from stationary machines. Mobility exposes them to different threat environments and excludes them from relying on external physical security. Productive application from enterprise, government, and military will invariably deal with sensitive data. A risk management and security framework is needed to protect applications and data on mobile devices when they are lost. We propose an application lockbox concept that compartmentalizes mobile devices at the application level. It combines policy enforcement mechanisms and support for sophisticated access polices to mitigate the exposure when the device is lost. It is a practical approach that improves the security of mobile devices without requiring significant changes in the current mobile technology.