Accession Number:

AD1092652

Title:

Smartphone Security

Descriptive Note:

Technical Report

Corporate Author:

Carnegie-Mellon University, Software Engineering Institute Pittsburgh United States

Personal Author(s):

Report Date:

2019-01-01

Pagination or Media Count:

7.0

Abstract:

Smartphones handle and store sensitive data that should be protected. The vast amount of private information stored on smartphones was even cited by the US Supreme Court, in Riley v. California 2014, as a factor in ruling that searches of these devices require a warrant. Taint-flow analyzers use static or dynamic analysis techniques to trace the flow of sensitive data to undesired locations. If a users location data, such as GPS coordinates or Wi-Fi access point information, is disclosed, it can compromise the users privacy and, in extreme cases, put the users physical safety at risk. Medical information is also increasingly an issue, given the increased popularity of wearable computing devices such as health sensors that communicate with users smartphones. In addition, data from the phones sensors or stored on the device in emails, texts, or photos could be used for theft bank and credit card numbers, blackmail, stalking, unfair competition, public humiliation, and other abuses. Malware could surveil the smartphone user with microphone, video, and other sensors. Furthermore, privacy threats to users can come from many sources, including advertisers, hackers, and governments. Finally, employees often use their smartphones for both personal and business purposes accordingly, technological measures should ensure that the employees personal data is not leaked to the employer and that proprietary business data is kept secure. Here, we discuss in detail various smartphone security issues and present tools and strategies that can help us better protect sensitive data.

Subject Categories:

  • Radio Communications
  • Information Science

Distribution Statement:

APPROVED FOR PUBLIC RELEASE