skip to main content
10.1145/3176258.3176311acmconferencesArticle/Chapter ViewAbstractPublication PagescodaspyConference Proceedingsconference-collections
research-article

A Multi-Enterprise Containerization Approach with an Interoperable Position-Based System

Published: 13 March 2018 Publication History

Abstract

In this paper, we present our position-based, Multi-EnterpRise Containerization (MERC) architecture for BYOD security. The MERC architecture leverages positional data to grant context-aware capabilities to container-based systems. We grant enterprises the ability of defining location- and proximity-based conditions that must be met in order for users to securely access enterprise container content. First, we provide a scalable location-based scheme that allows multiple enterprise context-aware systems to securely coexist and activate policies and personas on an end-user's device. Second, the MERC incorporates proximity-based constraints to modify a persona's behavior. We evaluate our prototype using preexisting infrastructures, and our experimental results show that MERC is an effective and practical solution for BYOD security.

References

[1]
William Adjie-Winoto, Elliot Schwartz, Hari Balakrishnan, and Jeremy Lilley. 1999. The Design and Implementation of an Intentional Naming System. SIGOPS Oper. Syst. Rev. 33, 5 (Dec. 1999), 186--201.
[2]
Subhendu Aich, Shamik Sural, and Arun K Majumdar. 2007. STARBAC: Spatiotemporal role based access control. In On the Move to Meaningful Internet Systems 2007: CoopIS, DOA, ODBASE, GADA, and IS. Springer, 1567--1582.
[3]
Anne Anderson. 2004. XACML profile for role based access control (RBAC). OASIS Access Control TC committee draft 1 (2004), 13.
[4]
Android. {n. d.}. Android Developer's Guide. http://developer.android.com. ({n. d.}).
[5]
Android. {n. d.}. Android Enterprise. https://enterprise.google.com/android. ({n. d.}).
[6]
Bharathan Balaji, Jian Xu, Anthony Nwokafor, Rajesh Gupta, and Yuvraj Agarwal. 2013. Sentinel: occupancy based HVAC actuation using existing WiFi infrastructure within commercial buildings. In Proceedings of the 11th ACM Conference on Embedded Networked Sensor Systems. ACM, 17.
[7]
Elisa Bertino, Barbara Catania, Maria Luisa Damiani, and Paolo Perlasca. 2005. GEO-RBAC: a spatially aware RBAC. In Proceedings of the tenth ACM symposium on Access control models and technologies. ACM, 29--37.
[8]
Maurizio Bocca, Ossi Kaltiokallio, and Neal Patwari. 2012. Radio tomographic imaging for ambient assisted living. In Evaluating AAL Systems Through Competitive Benchmarking. Springer, 108--130.
[9]
Raffaele Bruno and Franca Delmastro. 2003. Design and analysis of a bluetooth- based indoor localization system. In IFIP International Conference on Personal Wireless Communications. Springer, 711--725.
[10]
Brent Carrara and Carlisle Adams. 2014. On acoustic covert channels between air-gapped systems. In International Symposium on Foundations and Practice of Security. Springer, 3--16.
[11]
Suroop Mohan Chandran and James BD Joshi. 2005. LoT-RBAC: a location and time-based RBAC model. In Web Information Systems Engineering--WISE 2005. Springer, 361--375.
[12]
Benjamin Draffin, Jiang Zhu, and Joy Zhang. 2013. Keysens: Passive user au- thentication through micro-behavior modeling of soft keyboard interaction. In Mobile Computing, Applications, and Services. Springer, 184--201.
[13]
William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N Sheth. 2014. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS) 32, 2 (2014), 5.
[14]
Denis Feth and Christian Jung. 2012. Context-aware, data-driven policy enforcement for smart mobile devices in business environments. In International Conference on Security and Privacy in Mobile Information and Communication Systems. Springer, 69--80.
[15]
Sunil Kumar Ghai, Lakshmi V Thanayankizil, Deva P Seetharam, and Dipanjan Chakraborty. 2012. Occupancy detection in commercial buildings using opportunistic context sources. In Pervasive Computing and Communications Workshops (PERCOM Workshops), 2012 IEEE International Conference on. IEEE, 463--466.
[16]
Akhilesh Gupta, Anupam Joshi, and Gopal Pingali. 2010. Enforcing security policies in mobile devices using multiple personas. In International Conference on Mobile and Ubiquitous Systems: Computing, Networking, and Services. Springer, 297--302.
[17]
Sandeep KS Gupta, T Mukheriee, K Venkatasubramanian, and TB Taylor. 2006. Proximity based access control in smart-emergency departments. In Pervasive Computing and Communications Workshops, 2006. PerCom Workshops 2006. Fourth Annual IEEE International Conference on. IEEE, 5--pp.
[18]
Bill Haskins, Andy Nilssen, and Andrew Davis. {n. d.}. The Evolution of the Conference Room and the Technology Behind it. http://cp.wainhouse.com/ content/evolution-conference-room. ({n. d.}).
[19]
Yih-Chun Hu, Adrian Perrig, and David B Johnson. 2006. Wormhole attacks in wireless networks. IEEE journal on selected areas in communications 24, 2 (2006), 370--380.
[20]
Michael S Kirkpatrick, Maria Luisa Damiani, and Elisa Bertino. 2011. Prox-RBAC: a proximity-based spatially aware RBAC. In Proceedings of the 19th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems. ACM, 339--348.
[21]
Palanivel Kodeswaran, Vikrant Nandakumar, Shalini Kapoor, Pavan Kamaraju, Anupam Joshi, and Sougata Mukherjea. 2012. Securing enterprise data on smart-phones using run time information flow control. In 2012 IEEE 13th International Conference on Mobile Data Management. IEEE, 300--305.
[22]
Andrey Larchikov, Sergey Panasenko, Alexander V Pimenov, and Petr Timo-feev. 2014. Combining RFID-based physical access control systems with digital signature systems to increase their security. In Software, Telecommunications and Computer Networks (SoftCOM), 2014 22nd International Conference on. IEEE, 100--103.
[23]
Anil Madhavapeddy, David Scott, and Richard Sharp. 2003. Context-aware computing with sound. In International Conference on Ubiquitous Computing. Springer, 315--332.
[24]
Carlos Medina, José C Segura, and Sverre Holm. 2012. Feasibility of ultrasound positioning based on signal strength. In Indoor Positioning and Indoor Navigation (IPIN), 2012 International Conference on. IEEE, 1--9.
[25]
M Moreno, Jose L Hernandez, and Antonio F Skarmeta. 2014. A New Location- Aware Authorization Mechanism for Indoor Environments. In Advanced Information Networking and Applications Workshops (WAINA), 2014 28th International Conference on. IEEE, 791--796.
[26]
Oyindamola Oluwatimi and Elisa Bertino. 2016. An Application Restriction System for Bring-Your-Own-Device Scenarios. In Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies. ACM, 25--36.
[27]
Oyindamola Oluwatimi, Daniele Midi, and Elisa Bertino. 2016. A Context-Aware System to Secure Enterprise Content. In Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies. ACM, 63--72.
[28]
Oyindamola Oluwatimi, Daniele Midi, and Elisa Bertino. 2016. Overview of Mobile Containerization Approaches and Open Research Directions. Under submission (2016).
[29]
Giuseppe Petracca, Yuqiong Sun, Trent Jaeger, and Ahmad Atamli. 2015. AuDroid: Preventing Attacks on Audio Channels in Mobile Devices. In Proceedings of the 31st Annual Computer Security Applications Conference. ACM, 181--190.
[30]
prontoly {n. d.}. ultrasonic handsfree authentication technology. http://www. prontoly.com/. ({n. d.}).
[31]
Kasper Bonne Rasmussen, Claude Castelluccia, Thomas S Heydt-Benjamin, and Srdjan Capkun. 2009. Proximity-based access control for implantable medical devices. In Proceedings of the 16th ACM conference on Computer and communications security. ACM, 410--419.
[32]
Giovanni Russello, Mauro Conti, Bruno Crispo, and Earlence Fernandes. 2012. MOSES: supporting operation modes on smartphones. In Proceedings of the 17th ACM symposium on Access Control Models and Technologies. ACM, 3--12.
[33]
Thanathat Saelim, Prawit Chumchu, and Thawatchai Mayteevarunyoo. 2015. Design and Performance Evaluation of Novel Location-Based Access Control Algorithm Using IEEE 802.11 r. Journal of Convergence Information Technology 10, 4 (2015), 33.
[34]
Holger Schulze. 2016. BYOD & Mobile Security 2016 Spotlight Report. http://crowdresearchpartners.com/wp-content/uploads/2016/03/ BYOD-and-Mobile-Security-Report-2016.pdf. (March 2016).
[35]
Bilal Shebaro, Oyindamola Oluwatimi, and Elisa Bertino. 2015. Context-based Access Control Systems for Mobile Devices. Dependable and Secure Computing, IEEE Transactions on 12, 2 (2015), 150--163.
[36]
Bilal Shebaro, Oyindamola Oluwatimi, Daniele Midi, and Elisa Bertino. 2014. Identidroid: Android can finally wear its anonymous suit. TRANSACTIONS ON DATA PRIVACY 7 (2014).
[37]
Bożena Smagowska and Malgorzata Pawlaczyk-Luszczyńska. 2013. Effects of ultrasonic noise on the human body bibliographic review. International Journal of Occupational Safety and Ergonomics 19, 2 (2013), 195--202.
[38]
Wei Wang, Alex X Liu, Muhammad Shahzad, Kang Ling, and Sanglu Lu. 2015. Understanding and modeling of wifi signal based human activity recognition. In Proceedings of the 21st Annual International Conference on Mobile Computing and Networking. ACM, 65--76.
[39]
Faheem Zafari, Ioannis Papapanagiotou, and Konstantinos Christidis. 2016. Mi- crolocation for Internet-of-Things-Equipped Smart Buildings. IEEE Internet of Things Journal 3, 1 (2016), 96--112.

Index Terms

  1. A Multi-Enterprise Containerization Approach with an Interoperable Position-Based System

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy
      March 2018
      401 pages
      ISBN:9781450356329
      DOI:10.1145/3176258
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 13 March 2018

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. access control
      2. android
      3. byod
      4. containerization
      5. micro-location

      Qualifiers

      • Research-article

      Conference

      CODASPY '18
      Sponsor:

      Acceptance Rates

      CODASPY '18 Paper Acceptance Rate 23 of 110 submissions, 21%;
      Overall Acceptance Rate 149 of 789 submissions, 19%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • 0
        Total Citations
      • 133
        Total Downloads
      • Downloads (Last 12 months)7
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 26 Jan 2025

      Other Metrics

      Citations

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media