Advantages and Disadvantages
In the field of computing, few inventions, innovations or technological improvements, have been moving quite like wireless technology. With the advent of fourth generation cell phones and networks (4G), there have literally been leaps and bounds made in the realm of personal computing, productivity and data sharing. It is this increased connectivity both in our personal and business lives that introduce risks to intrusion, corruption or theft of data, or in the worst case, access to personal data that would lead to identity theft. In the business realm, this translates to problems for firm infrastructure and exposure to proprietary leaks, loss of customer data, or damage to the reputation of the business entity. Therefore, it is important that adequate measures are taken to evaluate risks and take steps both personally and professionally to minimize those risks. We present several advantages and disadvantages of the Android OS platform with very high visibility right now in the wireless arena. Both for the flexibility and open architecture, this platform presents some unique challenges in terms of security.
The landscape of business is ever-changing, and with the introduction of mobile computing platforms, this amounts to changes that are orders-of-magnitude less than in previous eras of business. The inherent flexibility of mobile computing allows businesses to capitalize on market shifts quickly, translating into a competitive advantage or disadvantage in much less time than it takes to engineer, develop, and market products of any type. It is no less important then, for firms to understand and adopt this technology in a proper perspective considering the measure of risk. We attempt to identify some of the risks inherent in one aspect of this technology: the Android OS platform, upon which a rapidly growing smart phone market is based.
The Threat
While previous iterations of phones were exposed to threats in
References: Anagnostakis, K., Bos, H., Homburg, P., Portokalidis, G. (2010). “Paranoid Android: Versatile Protection for Smartphones”. Proceedings of the 26th Annual Computer Security Applications Conference. New York, NY: ACM. Chin, E., Felt, A.P., Hanna, S., Song, D., Wagner, D. (2011). “Android Permissions Demystified”. Proceedings of the 18th ACM conference on Computer and communications security. New York, NY: ACM. Delac, G., Silic, M., Krolo, J. (27 May 2011) “Emerging Security Threats for Mobile Platforms”. Proceedings of the 34th International Convention. Pp.1468-1473. Citation:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5967292&isnumber=5967009. Enck, W., Ongtang, M., McDaniel, P. (Feb 2009) “Understanding Android Security”. Security & Privacy, IEEE, 7, 1, 50-57. Citation:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4768655&isnumber=4768640. Enck, W., et.al. (2010) “TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones”. Proceedings of the 9th USENIX conference on Operating systems design and implementation. Berkeley, CA: USENIX. Jahanian, F., Oberheide, J. (2010) “When Mobile is Harder Than Fixed (and Vice Versa): Demystifying Security Challenges in Mobile Environments”. Proceedings of the Eleventh Workshop on Mobile Computing Systems and Applications. New York, NY: ACM. Landman, M. (2010). “Managing Smart Phone Security Risks”. 2010 Information Security Curriculum Development Conference. New York, NY: ACM. Miller, C. (Aug 2011) “Mobile Attacks and Defense”. Security & Privacy, IEEE, 9, 4, 68-70. Citation:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5968091&isnumber=5968077. Shabtai, A., et al. (April 2010) “Google Android: A Comprehensive Security Assessment”. Security & Privacy, IEEE, 8, 2, 35-44. Citation:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5396322&isnumber=5439518.