Designing an Enterprise Security Strategy for Mobile Intranet Access

Author

Trojahn, M. ; Ortmeier, Frank

Author_Institution

Volkswagen AG, Wolfsburg, Germany

fYear

2013

fDate

18-20 June 2013

Firstpage

8

Lastpage

15

Abstract

Modern IT allows new markets and business process for many enterprises. One aspect is that new networks tolerate intranet access from almost any location. Some examples include completing health insurance contracts online at the customer or supporting a maintenance team with company expertise while working at customers. However, the increasing mobility of employees brings also high risk from a security point of view. This paper presents a decision support strategy for enterprises to decide on their security strategy for dealing with mobile intranet access. The paper only focuses on user authentication methods. Security protocols and encryption are - of course - needed but not in scope of this paper. The core idea is to derive generic scenarios and requirements for mobile intranet access which can be weighted to represent the needs of a specific company. Optimal solutions can be found by analyzing the model. The output is a rated ranking of different authentication techniques for the company.

Keywords

authorisation; business data processing; cryptography; decision support systems; intranets; mobile computing; authentication techniques; business process; decision support strategy; encryption; enterprise security strategy; maintenance team; mobile Intranet access; modern IT; optimal solutions; security protocols; user authentication methods; Authentication; Companies; Hardware; Internet; Mobile communication; Smart cards;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Security and Reliability-Companion (SERE-C), 2013 IEEE 7th International Conference on

Conference_Location

Gaithersburg, MD

Print_ISBN

978-1-4799-2924-5

Type

conf

DOI

10.1109/SERE-C.2013.14

Filename

6616319