MOSES: Supporting and Enforcing Security Profiles on Smartphones

MOSES: Supporting and Enforcing Security Profiles on Smartphones

ABSTRACT:

Smartphones are very effective tools for increasing the productivity of business users. With their increasing computational power and storage capacity, smartphones allow end users to perform several tasks and be always updated while on the move. Companies are willing to support employee-owned smartphones because of the increase in productivity of their employees. However, security concerns about data sharing, leakage and loss have hindered the adoption of smartphones for corporate use. In this paper we present MOSES, a policy-based framework for enforcing software isolation of applications and data on the Android platform. In MOSES, it is possible to define distinct Security Profiles within a single smartphone. Each security profile is associated with a set of policies that control the access to applications and data. Profiles are not predefined or hardcoded, they can be specified and applied at any time. One of the main characteristics of MOSES is the dynamic switching from one security profile to another. We run a thorough set of experiments using our full implementation of MOSES. The results of the experiments confirm the feasibility of our proposal.

EXISTING SYSTEM:

A solution could be implemented by means of virtualization technologies where different instances of an OS can run separately on the same device. Although virtualization is quite effective when deployed in full-fledged devices (PC and servers), it is still too resource demanding for embedded systems such as smartphones. Another approach that is less resource demanding is paravirtualization. Unlikely full virtualization where the guest OS is not aware of running in a virtualised environment, in paravirtualization it is necessary to modify the guest OS to boost performance. Paravirtualization for smartphones is currently under development and several solutions exist (e.g.,Trango, VirtualLogix, L4 microkernel, L4Android).

DISADVANTAGES OF EXISTING SYSTEM:

] All the virtualization solutions suffer from having a coarse grained approach(i.e., the virtualisedenvironments are completely separated, even when this might be a limitation for interaction).

] Other limitation is the hardcoding of the environment specification. Environments cannot be defined by the user/company according to their needs but they are predefined and hardcoded in the virtual machine.

] Furthermore, the switching among environments always require user interactions and it could take a significant amount of time and power. While researchers are improving some of these aspects, the complete separation of virtual machines and the impossibility to change or adapt their specifications remain an open issue.

PROPOSED SYSTEM:

In this paper, we propose MOSES provides an abstraction for separating data and apps dedicated to different contexts that are installed in a single device. For instance, corporate data and apps can be separated from personal data and apps within a single device. Our approach provides compartments where data and apps are stored. MOSES enforcement mechanism guarantees data and apps within a compartment are isolated from others compartments’ data and apps. These compartments are called Security Profiles in MOSES. Generally speaking, a SP is a set of policies that regulates what applications can be executed and what data can be accessed.

ADVANTAGES OF PROPOSED SYSTEM:

ü One of the features introduced in MOSES is the automatic activation of SP depending on the context, in which the device is being used.

ü MOSES can be used for realising a Mobile Device Management solution to manage remotely the security settings of a fleet of mobile devices.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS:

Ø System                          :         Pentium IV 2.4 GHz.

Ø Hard Disk                      :         40 GB.

Ø Floppy Drive                 :         1.44 Mb.

Ø Monitor                         :         15 VGA Colour.

Ø Mouse                            :         Logitech.

Ø Ram                               :         512 Mb.

Ø MOBILE                        :         ANDROID

SOFTWARE REQUIREMENTS:

Ø Operating system           :         Windows XP/7.

Ø Coding Language :         Java 1.7

Ø Tool Kit               :         Android 2.3 ABOVE

Ø IDE                      :         Eclipse

REFERENCE:

Yury Zhauniarovich, Giovanni Russello, Member, IEEE, Mauro Conti, Member, IEEE, Bruno Crispo, Senior Member, IEEE, and Earlence Fernandes, Member, IEEE, “MOSES: Supporting and Enforcing Security Profiles on Smartphones,” IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 11, NO. 3, MAY-JUNE 2014.