Institute for Internet-Security
if(is)

Links  | Kontakt  | Sitemap  | Impressum  |  if(is) auf Twitter if(is) Facebook if(is)
Mobile Security

Initial situation in the company

Grafik: mobile security - Ausgangssituation in Unternehmen

The Institute for Internet Security also focuses the secure integration of mobile users into existing company networks.   IT solutions at the moment are affected by the requirements of the business world: All employees need to be able to access a companies’ network at any time from any place in the world. The back seat of a taxi becomes a mobile office as well as the public hot spot of an airport. For this reasons we need to focus different aspects that we are going to introduce in the following sections.

User needs

It is important to fulfil a user’s need for information through user friendly solutions. The user requires a simple and practical solution that helps him to work worldwide and mobile. Security is a secondary need for the user and means additional work. If the company doesn’t provide a solution, the user finds his own, in most cases insecure solution. These users are not just managers or sales representatives anymore, but every employee of a company who has to work outside of his office for a few months.

Mobile devices

The market for mobile devices can hardly be overviewed. For this issue those devices are interesting, that enable the user to access company data independent from the residence of the user.
Mobile phones, Smartphones, PDA’s and laptop computers belong to that category. The connection can take places through various access scenarios which will be explained within the next section. The connection doesn’t have to be established through a wireless solution. Depending on the level of mobility, the existing memory or CPU performance and the available in- and output features, various classes of mobility can be defined.
All these devices got different hard- and software architectures, have different applications and data and got various interfaces to the outside world.
These devices could also be private property of the user. This is relevant when checking the security techniques.

Grafik: Mobile Endgeräte
Click to zoom

In general there are a lot of applications running on mobile devices, which are supported by services provided by the company network. These are various text and multimedia messages as well as contact and calendar data. When accessing information systems there is more data like customer data. In addition the user is able to install numerous other applications on his device, like navigation systems, dictionaries and games. Videos, Photos and voice data  can be stored as well. The devices can access the internet, e.g. via web browser.
Recent mobile devices have a large number of different interfaces. Besides keyboard and display those devices are often equipped with a connection to the mobile provider via GSM/(E)GPRS and UMTS/HSDPA. Some devices also are equipped with WLAN and LAN interfaces.
In the field of Personal Area Networking there are many options to connect to a network. These options are Bluetooth, IR, USB and serial cable connections. Exchangeable memory cards are an interface as well. Memory cards can be unplugged and then be read out by a card reader or other devices.

Access Network to reach the company network

There are many scenarios for the access of mobile devices to the company network. In general we can assume that this access is realized over one or more than one insecure networks. These networks could be company networks, public hot spots, cafes or airport lounges. The access can be realized through WLAN or Bluetooth or on a direct packet- or line-switched way like a dial-in connection.

Company networks

A company network offers its employees different services which are provided through the access on several servers. These are Exchange servers, databases, Customer Relation Systems, Groupware solutions and file servers. The company network may have to be adapted to enable an access from outside onto the server. For that reason company networks so far were protected against threats from outside.

contact address

Institute for Internet-Security
Faculty: Computer Sciences

Prof. Dr. (TU NN) Norbert Pohlmann
Oliver Achten
Gelsenkirchen University of Applied Sciences
Neidenburger Str. 43
45887 Gelsenkirchen
E-Mail: achten@internet-sicherheit.de
E-Mail: norbert.pohlmann@internet-sicherheit.de
Phone: 0209 / 95 96 515


Link zum moeglichen Abschlussarbeiten des if(is)
Marktplatz IT-Sicherheit, Lösungen, Anbieter, Dienstleistungen, IT-Jobs
Anbieter finden!
Jobs finden!

Logo zum neuen Studiengang: Master Internet-SicherheitEinstieg auch zum
Sommersemster!

Logo zum Professor des Jahres 2011

Logo: Buch Sicher im Internet

Logo: DIX - Deutscher Internet-Index

Logo: Frühwarn- und Intrusion Detection-System auf der Basis von kombinierten Methoden der KI

Logo: Live Hacking / Awareness Performance

Logo: Turaya