Secure IT-Services on Mobile Devices
Mobile devices like smartphones or tablets are of increasing importance in nowadays information society. The application of mobile devices enables a user to access sensitive information from almost everywhere. Along this convenience goes the risk that data stored and processed on mobile devices may not enjoy the same level of protection as on a conventional desktop computer in a secure environment. Leakage of information from a transmission, theft or loss of the mobile device is a non-negligible security risk. Even though such risks may be bearable for an enterprise in certain situations concerning only non-sensitive information, high-security applications require immediate action in any case of potential information loss. Currently, only few solutions tackling such issues in the high-security domain seem to exist.
Goal of the study is thus an evaluation and discussion of applications of mobile devices like smartphones or tablets in the high-security domain. In this connection, the center of attention is secure transmission and storage of text and images. Moreover, the study will consider the particular properties of operating system and platforms (Android, iOS, Blackberry) towards their adequacy for high-security communication. Hence, all security considerations will be based on the security level “EU confidential”, the second-most restrictive security guideline given by the EU.
Existing security concepts and architectures will be evaluated and potential extensions towards high-level security will be discussed. In particular, the study will look at SIM- and MicroSD-cards for usage as hardware security modules, since these offer security features that cannot be realized in pure software. Another aspect of interest is applications of virtualization on mobile devices and access to sensitive data via VPN connections. Goal of the study is to support a user-friendly highly secure transmission and storage of sensitive data on mobile devices.
DI Dr. Stefan Schauer
AIT – Austrian Institute of Technology GmbH
Other Project or Cooperation partner
Alpen-Adria Universität Klagenfurt
Contact: DDI Dr. Stefan Rass
Contact: Martin Ess
Bundesministerium für Inneres
Contact: Dipl.Ing. Robert Gottwald, MSc
Bundesministerium für Landesverteidigung und Sport
Contact: Markus Christian, MA