Bring your own device: security challenges and a theoretical framework for two-factor authentication

In this paper, the security challenges of BYOD are discussed, including existing security solutions which often are too restrictive. Data leakage is one of the security challenges confronting BYOD. Data leakage can occur as a result of stolen, lost or compromised employee devices. When an employee d...

Full description

Saved in:
Bibliographic Details
Main Authors: Olalere, Morufu, Abdullah, Mohd Taufik, Mahmod, Ramlan, Abdullah, Azizol
Format: Article
Language:English
Published: Dorma Trading Est 2016
Online Access:http://psasir.upm.edu.my/id/eprint/55224/1/Bring%20your%20own%20device%20security%20challenges%20and%20a%20theoretical%20framework%20for%20two-factor%20authentication.pdf
http://psasir.upm.edu.my/id/eprint/55224/
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Putra Malaysia
Language: English
id my.upm.eprints.55224
record_format eprints
spelling my.upm.eprints.552242018-08-14T02:30:33Z http://psasir.upm.edu.my/id/eprint/55224/ Bring your own device: security challenges and a theoretical framework for two-factor authentication Olalere, Morufu Abdullah, Mohd Taufik Mahmod, Ramlan Abdullah, Azizol In this paper, the security challenges of BYOD are discussed, including existing security solutions which often are too restrictive. Data leakage is one of the security challenges confronting BYOD. Data leakage can occur as a result of stolen, lost or compromised employee devices. When an employee device is stolen, lost or comprised, an attacker can obtain access directly to the enterprise data on the employee device if a strong authentication technique is not in place. The traditional means of authenticating employees when connecting to an enterprise server in a traditional network environment which relies on either knowledge or ownership is too weak for the BYOD environment. In such a traditional enterprise network, employees obtain access to an enterprise server using their respective stationary desktop, while in a BYOD environment access to an enterprise server is from anywhere, making it easy for an attacker in possession of an employee device and password to gain unauthorised access. To address this problem, there is need for a strong authentication technique. This study proposes a theoretical framework for a two-factor authentication method that combines knowledge-based (Password) and biometric-based (Keystroke dynamic) features for authentication of mobile devices in a BYOD environment. Technical details on how the framework can be implemented are presented. It is the belief of the authors that proper implementation of the proposed potential future application framework will go a long way in addressing the problem of data leakage in a BYOD environment. Dorma Trading Est 2016-01 Article PeerReviewed text en http://psasir.upm.edu.my/id/eprint/55224/1/Bring%20your%20own%20device%20security%20challenges%20and%20a%20theoretical%20framework%20for%20two-factor%20authentication.pdf Olalere, Morufu and Abdullah, Mohd Taufik and Mahmod, Ramlan and Abdullah, Azizol (2016) Bring your own device: security challenges and a theoretical framework for two-factor authentication. International Journal of Computer Networks and Communications Security, 4 (1). pp. 21-32. ISSN 2410-0595; ESSN: 2308-9830
institution Universiti Putra Malaysia
building UPM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Putra Malaysia
content_source UPM Institutional Repository
url_provider http://psasir.upm.edu.my/
language English
description In this paper, the security challenges of BYOD are discussed, including existing security solutions which often are too restrictive. Data leakage is one of the security challenges confronting BYOD. Data leakage can occur as a result of stolen, lost or compromised employee devices. When an employee device is stolen, lost or comprised, an attacker can obtain access directly to the enterprise data on the employee device if a strong authentication technique is not in place. The traditional means of authenticating employees when connecting to an enterprise server in a traditional network environment which relies on either knowledge or ownership is too weak for the BYOD environment. In such a traditional enterprise network, employees obtain access to an enterprise server using their respective stationary desktop, while in a BYOD environment access to an enterprise server is from anywhere, making it easy for an attacker in possession of an employee device and password to gain unauthorised access. To address this problem, there is need for a strong authentication technique. This study proposes a theoretical framework for a two-factor authentication method that combines knowledge-based (Password) and biometric-based (Keystroke dynamic) features for authentication of mobile devices in a BYOD environment. Technical details on how the framework can be implemented are presented. It is the belief of the authors that proper implementation of the proposed potential future application framework will go a long way in addressing the problem of data leakage in a BYOD environment.
format Article
author Olalere, Morufu
Abdullah, Mohd Taufik
Mahmod, Ramlan
Abdullah, Azizol
spellingShingle Olalere, Morufu
Abdullah, Mohd Taufik
Mahmod, Ramlan
Abdullah, Azizol
Bring your own device: security challenges and a theoretical framework for two-factor authentication
author_facet Olalere, Morufu
Abdullah, Mohd Taufik
Mahmod, Ramlan
Abdullah, Azizol
author_sort Olalere, Morufu
title Bring your own device: security challenges and a theoretical framework for two-factor authentication
title_short Bring your own device: security challenges and a theoretical framework for two-factor authentication
title_full Bring your own device: security challenges and a theoretical framework for two-factor authentication
title_fullStr Bring your own device: security challenges and a theoretical framework for two-factor authentication
title_full_unstemmed Bring your own device: security challenges and a theoretical framework for two-factor authentication
title_sort bring your own device: security challenges and a theoretical framework for two-factor authentication
publisher Dorma Trading Est
publishDate 2016
url http://psasir.upm.edu.my/id/eprint/55224/1/Bring%20your%20own%20device%20security%20challenges%20and%20a%20theoretical%20framework%20for%20two-factor%20authentication.pdf
http://psasir.upm.edu.my/id/eprint/55224/
_version_ 1643835831962566656