Mobile devices today play an essential role in communications, especially in accessing or storing private information of the users, making it a treasure trove for malicious intent attackers. Additionally, enterprises also encourage use of employee-owned devices resulting in convenience, lower costs and higher employee productivity. In this scenario, an employee's mobile device compromise not only results in leakage of personal information but also enterprise secrets and protected data. Thus, requirement for strong protection of stored data and hardening of mobile devices against malicious attacks is essential. One such approach for an enterprise would be to reinforce underlying Android operating system; the most widely used system due to its open-source nature. In this work, we followed a risk assessment approach and conducted security feature comparison of Android (AOSP) with iPhone's (iOS) to identify potential security enhancements for enterprise use, and later on also performed a comparison of Android custom ROMs to further refine the security enhancements.
Android securityAndroid custom ROMsenterprise security requirementsecurity enhancements in Androidmobile OS security analysisiOS security
Syed Rameez Rehman、Mudassar Waheed、Ammar Masood
展开 >
Devices and Network Security Lab, National Center for Cyber Security, Air University
NSTL
