Threat modeling of a mobile device management system for secure smart work

Authors:
Keunwoo Rhee;Dongho Won;Sang-Woon Jang;Sooyoung Chae;Sangwoo Park
Affiliations:
The Attached Institute of ETRI, Daejeon, Korea 305-600;College of Information and Communication Engineering, Sungkyunkwan University, Gyeonggi-do, Korea 440-746;The Attached Institute of ETRI, Daejeon, Korea 305-600;The Attached Institute of ETRI, Daejeon, Korea 305-600;The Attached Institute of ETRI, Daejeon, Korea 305-600
Venue:
Electronic Commerce Research
Year:
2013

Citing 14
Cited 0

Threat Modeling

Threat Modeling
Toward a threat model for storage systems

Proceedings of the 2005 ACM workshop on Storage security and survivability
Security requirement analysis of business processes

Electronic Commerce Research
Web Services and Grid Security Vulnerabilities and Threats Analysis and Model

GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
Value Driven Security Threat Modeling Based on Attack Path Analysis

HICSS '07 Proceedings of the 40th Annual Hawaii International Conference on System Sciences
Threats Analysis and Prevention for Grid and Web Service Security

SNPD '07 Proceedings of the Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing - Volume 03
A Threat Analysis Methodology for Security Evaluation and Enhancement Planning

SECURWARE '09 Proceedings of the 2009 Third International Conference on Emerging Security Information, Systems and Technologies
Rootkits on smart phones: attacks, implications and opportunities

Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications
The design of a reliable reputation system

Electronic Commerce Research
Experiences from using a UML-based method for trust analysis in an industrial project on electronic procurement

Electronic Commerce Research
Exploiting smart-phone USB connectivity for fun and profit

Proceedings of the 26th Annual Computer Security Applications Conference
A practical analysis of smartphone security

HI'11 Proceedings of the 2011 international conference on Human interface and the management of information - Volume Part I
Modeling users' acceptance of mobile services

Electronic Commerce Research
Android platform based linux kernel rootkit

MALWARE '11 Proceedings of the 2011 6th International Conference on Malicious and Unwanted Software

Quantified Score

Hi-index	0.00

Visualization

Abstract

To enhance the security of mobile devices, enterprises are developing and adopting mobile device management systems. However, if a mobile device management system is exploited, mobile devices and the data they contain will be compromised. Therefore, it is important to perform extensive threat modeling to develop realistic and meaningful security requirements and functionalities. In this paper, we analyze some current threat modeling methodologies, propose a new threat modeling methodology and present all possible threats against a mobile device management system by analyzing and identifying threat agents, assets, and adverse actions. This work will be used for developing security requirements such as a protection profile and design a secure system.