Abstract :
With powerful computing capability, plentiful functionality and advanced operating systems with flexible APIs, smartphones have become indispensable part of our daily lives. However, growing functionality, complexity and popularity of smartphones have also increased concerns about information security, and these concerns have been further exacerbated by rich third-party applications. In order to protect information security, significant research and standardizations efforts have been made in recent years. However, most of these activities focus on specific issues, which cannot mitigate negative effects as a whole. In this paper, we first introduce a common architecture of smartphones including main smartphone assets. Then we identify smartphone threats which are clustered into vulnerabilities and attacks. Based on the layered structure of smartphones, we propose a hierarchical security framework for smartphones including hardware security, operating system security, application security, user data security and communication security. Finally, we present the preliminary security solutions with regard to the security framework, and give future research direction.
Keywords :
mobile computing; security of data; smart phones; advanced operating systems; communication security; flexible API; hardware security; hierarchical security framework; information security; operating system security; preliminary security solutions; smartphone assets; smartphone layered structure; smartphone threat identification; third-party applications; user data security; Communication system security; Hardware; Malware; Operating systems; Smart phones; attack; security framework; smartphone security; threat; vulnerability;
