Access control framework in a bring your own device environment

As a result of several attractive features of mobile devices (portability and access to voice and data services), people have started to take their mobile devices to their work place and connect to the company network to do their daily job. This has given rise to a policy called "Bring Your Own Devices" or BYOD. However, to determine who is allowed to access enterprise resources poses a serious security concern as both the knowledge and ownership means of authentication in a traditional enterprise network are insufficient in a BYOD environment. Unauthorised access to sensitive information of an enterprise through a lost mobile device of an employee, by shoulder surfing password attacks and password guessing attacks can all lead to data leakage. Also, unmonitored employee mobile devices when connected to enterprise resources can inadvertently causes malware infection into the enterprise network. In a traditional enterprise network, Uniform Resource Locators (URLs) blacklisting is a common approach many enterprises employ to address this problem. Apart from the fact that the blacklisting approach is faced with different challenges (such as wrong classification due to human error and unavailability of newly created malware URLs), employing the blacklisting approach in a BYOD environment is not sufficient to monitor employee mobile devices. For proper implementation of BYOD policy, the security challenges confronting BYOD need to be addressed. The need for addressing these challenges make this study significant. Consequently, this study proposes access control framework for authenticating and monitoring employee mobile devices in a BYOD environment. The proposed framework will not only authenticate employee mobile devices at the point of login to enterprise resources, but also monitor the interaction of the employee mobile device when connected to the enterprise resources. Consequently, the proposed access control framework consists of a two-factor authentication framework and monitoring framework. The proposition of these two novel frameworks for access control in a BYOD environment form the major contributions of the study. The first framework which serves as the first layer of the proposed access control framework is a two-factor authentication framework that combines both knowledgebased and biometric-based authentication techniques to form an unobtrusive authentication technique for an employee’s mobile device in a BYOD environment. This framework addresses the data leakage problem that may arise as a result of the present authentication technique being too weak. The second novel framework which serves as the second layer of the proposed access control framework is a realtime employee’s mobile device monitoring framework. This framework addresses the possibility of a malware infection that may occur as a result of unmonitored interaction of an employee’s mobile device with third party cloud applications. Based on the second layer, another main contribution of this study is the proposition of a predictive trust model for computation of the trust value of a third party cloud application. For proper monitoring of the employee’s mobile device against malware infection on the enterprise network, this study proposes classification of third party cloud application URLs that relies on a predictive trust model. The purpose of the trust value computation is to determine whether a trusted cloud application in terms of malware infection. Another major contribution under this layer is proposition of the novel discriminative lexical features that distinguish malware URL from benign URL. To validate and test the performance of the model, a dataset comprising of benign and malware URLs was built. The dataset was trained and labelled. Application of the WEKA data mining tool on the trained dataset gave rise to computation of the performance evaluation parameters of the predictive trust model. Prediction performance was evaluated based on True Positive (TP), True Negative (TN), False Positive (FP), False Negative (FN), accuracy, True Positive Rate (TPR), True Negative Rate (TNR), False Positive Rate (FPR), False Negative Rate (FNR), and the time to build the model. With a very short time to build the predictive trust model, the model achieved 97.31 % accuracy with a moderate FPR of 0.04 and a FNR of 0.018. The overall output of this study is the proposition of an implementable access control framework for a BYOD environment thereby serving as a potential application for authenticating and monitoring employee mobile devices in a BYOD environment.

Preview Text FSKTM 2016 43 - IR.pdf Download (2MB) | Preview

Actions (login required)

View Item