2TAC: Distributed Access Control Architecture for "Bring Your Own Device" Security

Abstract

Mobile devices, specifically smartphones, have become ubiquitous. For this reason, businesses are starting to develop "Bring Your Own Device" policies to allow their employees to use their devices in the workplace. However, due to emerging attacks and limitations in device resources, it is difficult to trust these devices with access to critical proprietary information. To mitigate this problem we propose a novel architecture called 2-Tier Access Control (2TAC), which uses double layer access control along with device security profiles, anti-virus/malware scanners, and social networking.