July 5, 2016
Queen’s University researcher Shahrear Iqbal is borrowing from an urban development concept in an effort to improve smartphone security.
“Smartphones are everywhere. We use them for everything, but they just aren’t secure,” says Mr. Iqbal, a PhD student with the Queen’s Reliable Software Technology Group in the School of Computing. “To address this issue, I’m drawing on the “smart city” model because it integrates multiple information and technology solutions to secure and manage a city’s assets.”
Using the smart city model, the operating system in the smartphone maintains a list of all the applications and their status - newly installed, trusted source, untrusted, malicious. Each application would be treated differently, with a different level of security based on its status. Similar to the government in a smart city, all of this would be managed by the operating system, which is a secure anti-malware framework (SAM) Mr. Iqbal is designing.
“Apps that come from a third party, for example, would be subject to more vigorous security checks than those unknown to the operating system,” says Mr. Iqbal. “Known apps like Facebook or Twitter would be subject to a different level of security, similar to permanent residents in a smart city environment.”
Governing all of the security would be a series of rules and policies, similar to laws in a smart city.
Mr. Iqbal is also proposing different zones be developed for smartphones, such as work, home and public, that would each have its own set of rules. For example, upon arriving at work, the user’s smartphone would go into work mode, which would change the security parameters. The security rules would be different for each scenario.
With the framework in place, Mr. Iqbal is now implementing SAM on a version of Android and then will evaluate the overall security.
The research was published in IEEE Wireless Communications and Networking Conference (WCNC) 2016.