A Context-aware Adaptive Security Framework for Mobile Applications

Abstract

Mobile devices currently offer many value-added applications and services such as messaging, navigation, social networking, finance, and entertainment. As these mobile applications have access to users' personal information and are capable of gathering and transmitting trust sensitive information, posing security and privacy risks. In this paper, we propose a context-aware adaptive security framework for eliciting users' context information and adapting this information with mobile applications' network access control mechanism. The framework enforces the execution of mobile applications inside security incubators to control the communication between mobile applications and mobile device resources. Applications' access requests are analyzed based on user's context information collected from the mobile device sensors and the application security configuration.