Citation
Morufu, Olalere
(2016)
Access control framework in a bring your own device environment.
Doctoral thesis, Universiti Putra Malaysia.
Abstract
As a result of several attractive features of mobile devices (portability and access to
voice and data services), people have started to take their mobile devices to their
work place and connect to the company network to do their daily job. This has given
rise to a policy called "Bring Your Own Devices" or BYOD. However, to determine
who is allowed to access enterprise resources poses a serious security concern as
both the knowledge and ownership means of authentication in a traditional enterprise
network are insufficient in a BYOD environment. Unauthorised access to sensitive
information of an enterprise through a lost mobile device of an employee, by
shoulder surfing password attacks and password guessing attacks can all lead to data
leakage. Also, unmonitored employee mobile devices when connected to enterprise
resources can inadvertently causes malware infection into the enterprise network. In
a traditional enterprise network, Uniform Resource Locators (URLs) blacklisting is a
common approach many enterprises employ to address this problem. Apart from the
fact that the blacklisting approach is faced with different challenges (such as wrong
classification due to human error and unavailability of newly created malware
URLs), employing the blacklisting approach in a BYOD environment is not
sufficient to monitor employee mobile devices.
For proper implementation of BYOD policy, the security challenges confronting
BYOD need to be addressed. The need for addressing these challenges make this
study significant. Consequently, this study proposes access control framework for
authenticating and monitoring employee mobile devices in a BYOD environment.
The proposed framework will not only authenticate employee mobile devices at the
point of login to enterprise resources, but also monitor the interaction of the
employee mobile device when connected to the enterprise resources. Consequently,
the proposed access control framework consists of a two-factor authentication
framework and monitoring framework. The proposition of these two novel
frameworks for access control in a BYOD environment form the major contributions
of the study.
The first framework which serves as the first layer of the proposed access control
framework is a two-factor authentication framework that combines both knowledgebased
and biometric-based authentication techniques to form an unobtrusive
authentication technique for an employee’s mobile device in a BYOD environment.
This framework addresses the data leakage problem that may arise as a result of the
present authentication technique being too weak. The second novel framework
which serves as the second layer of the proposed access control framework is a realtime
employee’s mobile device monitoring framework. This framework addresses
the possibility of a malware infection that may occur as a result of unmonitored
interaction of an employee’s mobile device with third party cloud applications.
Based on the second layer, another main contribution of this study is the proposition
of a predictive trust model for computation of the trust value of a third party cloud
application. For proper monitoring of the employee’s mobile device against malware
infection on the enterprise network, this study proposes classification of third party
cloud application URLs that relies on a predictive trust model. The purpose of the
trust value computation is to determine whether a trusted cloud application in terms
of malware infection. Another major contribution under this layer is proposition of
the novel discriminative lexical features that distinguish malware URL from benign
URL.
To validate and test the performance of the model, a dataset comprising of benign
and malware URLs was built. The dataset was trained and labelled. Application of
the WEKA data mining tool on the trained dataset gave rise to computation of the
performance evaluation parameters of the predictive trust model. Prediction
performance was evaluated based on True Positive (TP), True Negative (TN), False
Positive (FP), False Negative (FN), accuracy, True Positive Rate (TPR), True
Negative Rate (TNR), False Positive Rate (FPR), False Negative Rate (FNR), and
the time to build the model. With a very short time to build the predictive trust
model, the model achieved 97.31 % accuracy with a moderate FPR of 0.04 and a
FNR of 0.018. The overall output of this study is the proposition of an
implementable access control framework for a BYOD environment thereby serving
as a potential application for authenticating and monitoring employee mobile devices
in a BYOD environment.
Download File
Additional Metadata
Actions (login required)
|
View Item |