Accession Number : AD1027197

Title :   Rapidly Deployable Mobile Security Solution

Descriptive Note : Technical Report

Corporate Author : Naval Postgraduate School Monterey United States

Personal Author(s) : Dorney,Liam J ; Miller,Travis C

Full Text :

Report Date : 01 Mar 2016

Pagination or Media Count : 205

Abstract : The Navy has seen a significant increase in the presence of mobile and smart devices on its units due to advancements in technology and younger sailors desire to be connected at all times. These devices create security threats due to their easily concealable size and their host of connectivity and image related features. The insider threat(intentional or not) now includes the ability to take photos, record conversations, share data wirelessly, and communicate official use and classified information, all more easily than ever before. Current enterprise solutions and associated policy does not address managing personal devices. In fact, management of personal devices is currently outside the Department of Defense (DOD) effort to control Personal Electronic Devices (PED) since the organization does not own the device and therefore has no way to mandate what must or must not be installed on them. The current path to a bring your own device (BYOD) policy is unclear. Security vulnerabilities with these devices have not been addressed in a uniform matter in policy or in practice. It is with these statements in mind that we address how to take the first steps in developing feasible management of personal devices on naval units and potentially throughout the DOD. In this thesis, we provide a thorough evaluation of National Institute for Standards and Technology, Defense Information Systems Agency, and DOD publications to provide a starting point for adapting current policy and to guide the development of our application. We then examine the feasibility of implementable software application solutions to hardware features that pose a threat to security. Specific research addresses why each hardware feature on a mobile device is a security concern, how it is controlled inside the Android Studio API, and how we utilize these controls to lockdown and then unlock said hardware features through a simple proof of concept Android application.

Descriptors :   mobile phones , computer security , text messaging , mobile devices , computer access control , RISK MANAGEMENT

Subject Categories : Computer Systems Management and Standards

Distribution Statement : APPROVED FOR PUBLIC RELEASE