{"title":"企业策略遵从智能手机启用的挑战或基于行为的用户识别的替代解决方案","authors":"Sándor Dobos, Attila Kovács","doi":"10.1515/489","DOIUrl":null,"url":null,"abstract":"Current trends show the intense growth in the role and importance of mobile technology (smartphones, tablets, etc.) in business due to economic, social and technological reasons. The social element drives a powerful convenience expectation called “Bring Your Own Device” (BYOD) for taking notes and accessing internal and external network resources. Apparently, the future is leading toward a more extensive enablement of smartphones and tablets with their enterprise applications. Internal security standards along with applicable regulatory ones to achieve ‘policy enforcement’ as types of solutions and controls; however, this allows for merely one aspect of compliance. An alternative solution could be behaviour-based analysis to identify the user, attacker or even a malicious program accessing resources on phone or internal networks. Complex networks can be defined by graphs, such as connections to resources on smartphones and serve as a blueprint. In case the motif is different from the user’s actual behaviour, the company can initiate specific actions to avoid potential security violations. This document reviews the IT security challenges related to smartphones as well as the concept of graph-based user identification. The challenges of the latter are the identification of motif, selection of search algorithm and defining rules for what is considered a good or bad behaviour.","PeriodicalId":13010,"journal":{"name":"Hungarian Journal of Industrial Chemistry","volume":"1 1","pages":"79-84"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Challenges of Enterprise Policy Compliance with Smartphone Enablement or an Alternative Solution Based on Behaviour-based User Identification\",\"authors\":\"Sándor Dobos, Attila Kovács\",\"doi\":\"10.1515/489\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Current trends show the intense growth in the role and importance of mobile technology (smartphones, tablets, etc.) in business due to economic, social and technological reasons. The social element drives a powerful convenience expectation called “Bring Your Own Device” (BYOD) for taking notes and accessing internal and external network resources. Apparently, the future is leading toward a more extensive enablement of smartphones and tablets with their enterprise applications. Internal security standards along with applicable regulatory ones to achieve ‘policy enforcement’ as types of solutions and controls; however, this allows for merely one aspect of compliance. An alternative solution could be behaviour-based analysis to identify the user, attacker or even a malicious program accessing resources on phone or internal networks. Complex networks can be defined by graphs, such as connections to resources on smartphones and serve as a blueprint. In case the motif is different from the user’s actual behaviour, the company can initiate specific actions to avoid potential security violations. This document reviews the IT security challenges related to smartphones as well as the concept of graph-based user identification. The challenges of the latter are the identification of motif, selection of search algorithm and defining rules for what is considered a good or bad behaviour.\",\"PeriodicalId\":13010,\"journal\":{\"name\":\"Hungarian Journal of Industrial Chemistry\",\"volume\":\"1 1\",\"pages\":\"79-84\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Hungarian Journal of Industrial Chemistry\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1515/489\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Hungarian Journal of Industrial Chemistry","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1515/489","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Challenges of Enterprise Policy Compliance with Smartphone Enablement or an Alternative Solution Based on Behaviour-based User Identification
Current trends show the intense growth in the role and importance of mobile technology (smartphones, tablets, etc.) in business due to economic, social and technological reasons. The social element drives a powerful convenience expectation called “Bring Your Own Device” (BYOD) for taking notes and accessing internal and external network resources. Apparently, the future is leading toward a more extensive enablement of smartphones and tablets with their enterprise applications. Internal security standards along with applicable regulatory ones to achieve ‘policy enforcement’ as types of solutions and controls; however, this allows for merely one aspect of compliance. An alternative solution could be behaviour-based analysis to identify the user, attacker or even a malicious program accessing resources on phone or internal networks. Complex networks can be defined by graphs, such as connections to resources on smartphones and serve as a blueprint. In case the motif is different from the user’s actual behaviour, the company can initiate specific actions to avoid potential security violations. This document reviews the IT security challenges related to smartphones as well as the concept of graph-based user identification. The challenges of the latter are the identification of motif, selection of search algorithm and defining rules for what is considered a good or bad behaviour.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
