Skip to main content
SpringerLink
Log in

Offline Mode for Corporate Mobile Client Security Architecture

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

Preventing data leakage on the mobile client is a crucial security problem. Therefore, additional control and protection should be taken for the confidential data on the mobile clients that leave the boundaries of the organization. This paper presents a novel approach to the security of the corporate mobile clients, in particular when they operate in the offline mode. The presented approach includes the essential conceptualization and the definition of the core methodology to solve the problem of offline mobile security, i.e. the protection of the confidential data in use when the mobile client is not connected to the corporate cloud. The protection of the sensitive data is provided by the combination of cryptographic means and analytics methods to detect malicious user behavior. The proposed security architecture supports the basic mobile client protection principles: minimized traffic load and reduced communication with the cloud; usage of light-weighted operations and an optimized combination of the security methods.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

References

  1. Cloud security alliance (2016) Top Threats Working Group https://cloudsecurityalliance.org/group/top-threats, accessed: 2016-01-15

  2. B. D. S. BV (2016) Storgrid EFSS: Secure Enterprise File Sharing Software http://www.storgrid.com, accessed: 2016-01-15

  3. Bellovin S M, Merritt M (1992) Encrypted key exchange: Password-based protocols secure against dictionary attacks Proceedings., 1992 IEEE Computer Society Symposium on Research in Security and Privacy. IEEE, pp 72–84

  4. Bogos S, Boureanu I, Vaudenay S (2013) Primeless factoring-based cryptography Applied Cryptography and Network Security. Springer, pp 552–569

  5. Campbell M (2015). Cloud data encryption is easy. Cloud Cyphercloud blog http://www.ciphercloud.com/blog/cloud-data-encryption-easy/, accessed: 2016-01-15

  6. Chang H, Hari A, Mukherjee S, Lakshman T (2015) Design and architecture of a software defined proximity cloud. Advances in Mobile Cloud Computing Systems, p 123

  7. Da Costa J, Thakre A, Roemer F, Haardt M (2009) Comparison of model order selection techniques for high-resolution parameter estimation algorithms Proceedings 54th International Scientific Colloquium (IWK’09), Ilmenau, Germany

  8. Galibus T (2014) Access control for the cloud storage Proceeding of the 3rd Belarus-Korea Forum Science “Innovation, Production”, Minsk

  9. Galibus T, Matveev G (2007) Generalized mignotte sequences in polynomial rings. ENTCS 186:39–45

    MATH  Google Scholar 

  10. Galibus T, Vissia H (2015) Cloud storage security Network Security and Communication Engineering: Proceedings of the 2014 International Conference on Network Security and Communication Engineering (NSCE 2014). CRC Press, Hong Kong, p 123

    Chapter  Google Scholar 

  11. Galibus T, Matveev G, Shenets N (2008) Some structural and security properties of the modular secret sharing SYNASC’08. 10th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing. IEEE, pp 197–200

  12. Galibus T, Gafurov S, Kaganovich D, Vissia H (2015) Mobile security based on the secret sharing. J Brest State Tech Univ 5:33–36. in Russian

    Google Scholar 

  13. Gartner (2015) Key challenges in cloud computing. Cloud Computing http://www.gartner.com/technology/topics/cloud-computing.jsp, accessed: 2016-01-15

  14. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data Proceedings of the 13th ACM Conference on Computer and Communications Security. ACM, pp 89–98

  15. Heydari M, Sadough S M S, Farash M S, Chaudhry S A, Mahmood K (2016) An efficient password-based authenticated key exchange protocol with provable security for mobile client–client networks. Wirel Pers Commun 88(2):337–356

    Article  Google Scholar 

  16. Higashi M (2015) Cloud data security and eu data privacy rules compliance with encryption and tokenization. Cloud Security, Compliance http://www.ciphercloud.com/blog/cloud-data-security-and-eu-data-privacy-rules-compliance-with-encryption-and-tokenization/, accessed: 2016-01-15

  17. Huang C T, Chang R K, Huang P (2009) Signal processing applications in network intrusion detection systems. EURASIP J Adv signal Process 2009(1):1–2

    Article  MathSciNet  MATH  Google Scholar 

  18. Itani W, Kayssi A, Chehab A (2010) Energyefficient incremental integrity for securing storage in mobile cloud computing 2010 International Conference on Energy Aware Computing (ICEAC). IEEE, pp 1–2

  19. James N, Elaine B, Lawrence B, William B, Morris D, James F, Roback E (2000) Report on the development of the advanced encryption standard (aes). NYST http://csrc.nist.gov/archive/aes/round2/r2report.pdf, accessed: 2016-01-15

  20. Kaspersky (2014) Mobile cyber threats. Kaspersky Lab & INTERPOL Joint Report http://media.kaspersky.com/pdf/Kaspersky-Lab-KSN-Report-mobile-cyberthreats-web.pdf, accessed: 2016-01-15

  21. Khan A N, Kiah M M, Khan S U, Madani S A (2013) Towards secure mobile cloud computing: A survey. Fut Gener Comput Syst 29(5):1278–1299

    Article  Google Scholar 

  22. Khan AN, Kiah MM, Ali M, Madani SA, Shamshirband S et al (2014) Bss: block-based sharing scheme for secure data storage services in mobile cloud environment. J Supercomput 70(2):946–976

    Article  Google Scholar 

  23. Khan A N, Kiah M M, Ali M, Shamshirband S et al (2015) A cloud-manager-based re-encryption scheme for mobile users in cloud environment: a hybrid approach. J Grid Comput 13(4):651–675

    Article  Google Scholar 

  24. Khan AR, Othman M, Madani SA, Khan SU (2014) A survey of mobile cloud computing application models. Commun Surv Tutorials, IEEE 16(1):393–413

    Article  Google Scholar 

  25. Kulkarni P, Khanai R (2015) Addressing mobile cloud computing security issues: a survey International Conference on Communications and Signal Processing (ICCSP). IEEE, pp 1463–1467

  26. Lawson C, MacDonald N, Lowans B (2015) Market guide for cloud access security brokers. Gartner research http://www.gartner.com/technology/reprints.do?id=1-2RUEH70&ct=151110&st=sb, accessed: 2016-01-15

  27. Lu W, Ghorbani A A (2009) Network anomaly detection based on wavelet analysis. EURASIP J Adv Signal Process 2009:4

    Article  MATH  Google Scholar 

  28. Mayrhofer R (2015) An architecture for secure mobile devices. Secur Commun Netw 8(10):1958–1970

    Article  Google Scholar 

  29. McAfee (2015) Mcafee labs threats report. http://www.mcafee.com/us/resources/reports/rp-quarterly-threats-aug-2015.pdf, accessed: 2016-01-15

  30. Ren W, Yu L, Gao R, Xiong F (2011) Lightweight and compromise resilient storage outsourcing with distributed secure accessibility in mobile cloud computing. Tsinghua Sci Technol 16(5):520–528

    Article  Google Scholar 

  31. Shila D M, Shen W, Cheng Y, Tian X (2016) Amcloud: Toward a secure autonomic mobile ad hoc cloud computing system. to appear

  32. Skyhigh (2015) What is cloud access security broker. Skyhigh Cloud University https://www.skyhighnetworks.com/cloud-university/what-is-cloud-access-security-broker/, accessed: 2016-01-15

  33. Tenório D F, Da Costa J P C, De Sousa Júnior R T (2013) Greatest eigenvalue time vector approach for blind detection of Malicious traffic. ICoFCS 2013 p 46

  34. Van Lelyveld A (2013) Sap mobile platform secure mobile with mocana. SMP Enterprise Grade Mobility http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/8063ed15-0713-3110-c584-e75ac0395b20?QuickLink=index&overridelayout=true&58725087881424, accessed: 2016-01-15

  35. Xia Y, Liu Y, Tan C, Ma M, Guan H, Zang B, Chen H (2015) Tinman: eliminating confidential mobile data exposure with security oriented offloading Proceedings of the Tenth European Conference on Computer Systems. ACM, p 27

  36. Yang J, Wang H, Wang J, Tan C, Yu D (2011) Provable data possession of resource-constrained mobile devices in cloud computing. J Netw 6(7):1033–1040

    Google Scholar 

  37. Yovel Y (2014) Essential ways to protect my mobile apps. Security Intelligence e-magazine https://securityintelligence.com/how-to-protect-mobile-apps-essentials/, accessed: 2016-01-15

  38. Zhao G, Rong C, Li J, Zhang F, Tang Y (2010) Trusted data sharing over untrusted cloud storage providers IEEE Second International Conference on Cloud Computing Technology and Science (CloudCom). IEEE, pp 97–103

Download references

Acknowledgments

The authors thank the Brazilian research and innovation Agencies CAPES - Coordination for the Improvement of Higher Education Personnel (Grant 23038.007604/2014-69 FORTE - Tempestive Forensics Project), FINEP - Funding Authority for Studies and Projects (Grant 01.12.0555.00 RENASIC/PROTO - Secure Protocols Laboratory of the National Information Security and Cryptography Network), FAPDF - Research Support Foundation of the Federal District (Grants 0193.001366/2016 UIoT - Universal Internet of Things and 0193.001365/2016 - Secure Software Defined Data Center - SSDDC), and CNPq - National Council for Scientific and Technological Development (Productivity Grant 303905/2014-0 and PVE Grant 88881.030392/2013-01), as well as the European CSF - Aerospace Technology Program (PDE scholarship within project 207644/2015-2), for their support to this research.

Author information

Authors and Affiliations

  1. Belarusian State University, Minsk, 4, Nezavisimosti, 220030, Belarus

    Tatiana Galibus & Viktor Krasnoproshin

  2. University of Brasilia, UnB, FT, ENE, CP: 4386, 70910-900, Brasília, Brazil

    Tatiana Galibus, Thiago P. de B. Vieira, Robson de O. Albuquerque, Jo ao Paulo C. L da Costa & Rafael T. de Sousa Júnior

  3. Federal University of Rio Grande do Sul, UFRGS, INF, CP: 15064, 91501-970, Porto Alegre, Brazil

    Edison P. de Freitas

  4. Institute for Information Technology, Ilmenau University of Technology, Ilmenau, Germany

    Jo ao Paulo C. L da Costa & Giovanni del Galdo

  5. Fraunhofer Institute for Integrated Circuits IIS, Erlangen, Germany

    Jo ao Paulo C. L da Costa & Giovanni del Galdo

  6. Byelex Multimedia Products BV Argon 1, 4751, XC Oud Gastel, The Netherlands

    Anton Zaleski & H. E. R. M. Vissia

Authors
  1. Tatiana Galibus
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thiago P. de B. Vieira
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Edison P. de Freitas
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Robson de O. Albuquerque
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jo ao Paulo C. L da Costa
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Rafael T. de Sousa Júnior
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Viktor Krasnoproshin
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Anton Zaleski
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. H. E. R. M. Vissia
    View author publications

    You can also search for this author in PubMed Google Scholar

  10. Giovanni del Galdo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thiago P. de B. Vieira.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Galibus, T., de B. Vieira, T.P., de Freitas, E.P. et al. Offline Mode for Corporate Mobile Client Security Architecture. Mobile Netw Appl 22, 743–759 (2017). https://doi.org/10.1007/s11036-017-0839-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-017-0839-4

Keywords

Search

Navigation