Bring your own device: security challenges and a theoretical framework for two-factor authentication
In this paper, the security challenges of BYOD are discussed, including existing security solutions which often are too restrictive. Data leakage is one of the security challenges confronting BYOD. Data leakage can occur as a result of stolen, lost or compromised employee devices. When an employee d...
Saved in:
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Dorma Trading Est
2016
|
Online Access: | http://psasir.upm.edu.my/id/eprint/55224/1/Bring%20your%20own%20device%20security%20challenges%20and%20a%20theoretical%20framework%20for%20two-factor%20authentication.pdf http://psasir.upm.edu.my/id/eprint/55224/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Putra Malaysia |
Language: | English |
id |
my.upm.eprints.55224 |
---|---|
record_format |
eprints |
spelling |
my.upm.eprints.552242018-08-14T02:30:33Z http://psasir.upm.edu.my/id/eprint/55224/ Bring your own device: security challenges and a theoretical framework for two-factor authentication Olalere, Morufu Abdullah, Mohd Taufik Mahmod, Ramlan Abdullah, Azizol In this paper, the security challenges of BYOD are discussed, including existing security solutions which often are too restrictive. Data leakage is one of the security challenges confronting BYOD. Data leakage can occur as a result of stolen, lost or compromised employee devices. When an employee device is stolen, lost or comprised, an attacker can obtain access directly to the enterprise data on the employee device if a strong authentication technique is not in place. The traditional means of authenticating employees when connecting to an enterprise server in a traditional network environment which relies on either knowledge or ownership is too weak for the BYOD environment. In such a traditional enterprise network, employees obtain access to an enterprise server using their respective stationary desktop, while in a BYOD environment access to an enterprise server is from anywhere, making it easy for an attacker in possession of an employee device and password to gain unauthorised access. To address this problem, there is need for a strong authentication technique. This study proposes a theoretical framework for a two-factor authentication method that combines knowledge-based (Password) and biometric-based (Keystroke dynamic) features for authentication of mobile devices in a BYOD environment. Technical details on how the framework can be implemented are presented. It is the belief of the authors that proper implementation of the proposed potential future application framework will go a long way in addressing the problem of data leakage in a BYOD environment. Dorma Trading Est 2016-01 Article PeerReviewed text en http://psasir.upm.edu.my/id/eprint/55224/1/Bring%20your%20own%20device%20security%20challenges%20and%20a%20theoretical%20framework%20for%20two-factor%20authentication.pdf Olalere, Morufu and Abdullah, Mohd Taufik and Mahmod, Ramlan and Abdullah, Azizol (2016) Bring your own device: security challenges and a theoretical framework for two-factor authentication. International Journal of Computer Networks and Communications Security, 4 (1). pp. 21-32. ISSN 2410-0595; ESSN: 2308-9830 |
institution |
Universiti Putra Malaysia |
building |
UPM Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Putra Malaysia |
content_source |
UPM Institutional Repository |
url_provider |
http://psasir.upm.edu.my/ |
language |
English |
description |
In this paper, the security challenges of BYOD are discussed, including existing security solutions which often are too restrictive. Data leakage is one of the security challenges confronting BYOD. Data leakage can occur as a result of stolen, lost or compromised employee devices. When an employee device is stolen, lost or comprised, an attacker can obtain access directly to the enterprise data on the employee device if a strong authentication technique is not in place. The traditional means of authenticating employees when connecting to an enterprise server in a traditional network environment which relies on either knowledge or ownership is too weak for the BYOD environment. In such a traditional enterprise network, employees obtain access to an enterprise server using their respective stationary desktop, while in a BYOD environment access to an enterprise server is from anywhere, making it easy for an attacker in possession of an employee device and password to gain unauthorised access. To address this problem, there is need for a strong authentication technique. This study proposes a theoretical framework for a two-factor authentication method that combines knowledge-based (Password) and biometric-based (Keystroke dynamic) features for authentication of mobile devices in a BYOD environment. Technical details on how the framework can be implemented are presented. It is the belief of the authors that proper implementation of the proposed potential future application framework will go a long way in addressing the problem of data leakage in a BYOD environment. |
format |
Article |
author |
Olalere, Morufu Abdullah, Mohd Taufik Mahmod, Ramlan Abdullah, Azizol |
spellingShingle |
Olalere, Morufu Abdullah, Mohd Taufik Mahmod, Ramlan Abdullah, Azizol Bring your own device: security challenges and a theoretical framework for two-factor authentication |
author_facet |
Olalere, Morufu Abdullah, Mohd Taufik Mahmod, Ramlan Abdullah, Azizol |
author_sort |
Olalere, Morufu |
title |
Bring your own device: security challenges and a theoretical framework for two-factor authentication |
title_short |
Bring your own device: security challenges and a theoretical framework for two-factor authentication |
title_full |
Bring your own device: security challenges and a theoretical framework for two-factor authentication |
title_fullStr |
Bring your own device: security challenges and a theoretical framework for two-factor authentication |
title_full_unstemmed |
Bring your own device: security challenges and a theoretical framework for two-factor authentication |
title_sort |
bring your own device: security challenges and a theoretical framework for two-factor authentication |
publisher |
Dorma Trading Est |
publishDate |
2016 |
url |
http://psasir.upm.edu.my/id/eprint/55224/1/Bring%20your%20own%20device%20security%20challenges%20and%20a%20theoretical%20framework%20for%20two-factor%20authentication.pdf http://psasir.upm.edu.my/id/eprint/55224/ |
_version_ |
1643835831962566656 |