Wednesday, May 6, 2020
Mobile Security
Question: Write an essay on Mobile Security. Answer: 1.0 Introduction The contemporary mobile technology has offered services and features, no less lucrative than those the personal computers have. With an extensive connectivity convenience, facilitated by GPRS, HSPA, UMTS, GSM, and others, the smart mobile devices are mediums of mass access and hence, a potential target of the intruders or attackers. Initially, the nearly homogeneous Operating Systems offered the attackers single points of vulnerability to cause critical security breaches in a huge number of devices. Contrary to this, the diversity in the OS for the modern mobile phones currently has led to the development of a variety of intrusive operations. As a result, the increasing networking of the mobile phones will also witness the parallel increase in the range of malware or intrusions. The essay consists of the critical evaluation of the two research journals namely Usability and Security of Text Passwords on Mobile Devices, conducted by Melicher et al. (2016) and Mobile Security Requires a New Approach, conducted by Leavitt (2013). The evaluation parameter includes the significance of the topics on which the research is conducted and their significance on the topic of Mobile Security. The other evaluations judge the clarifications of the research topics, apart from analyzing the correlation of the mentioned heads, detecting the noticeable biases and flaws in the analyzed researched methodologies and the ethical analysis of both the reports. Nevertheless, both the journals address the basic focus of the mobile security research domain, specializing two different sectors namely the security threats and management evaluation in the case of mobile passwords and the security concerns relating to the BYOD trend, in most of the organizations and the security of the corpo rate sensitive information. 2.0 Mobile Security 2.1 Research Question and its Significance The fundamental problem, that the research namely Usability and Security of Text Passwords on Mobile Devices, conducted by Melicher et al. (2016) addresses is the extent of utility of the text passwords, the users apply to ensure the security of their mobile devices and hence, the study highlights the level of security, which the text passwords offer. The significance of the addressed problem can be justified by taking into account the need to protect the information and the sensitive data that are involved in the mobile networking operations. The data may have the users contact details and his transactional data that is always prone to be attacked by the malicious intruders, who can perform disruptions and embezzlements during net banking or such transaction processes. The research clearly covers the advantages and the effects of the text passwords on the mobile security. The main question that the research named as Todays Mobile Security Requires a New Approach, conducted by Leavitt (2013), addresses is the need for the protection concerns required in the modern trend of the BYOD process or the Bring Your Own Device trend that enables the employees to bring their respective mobile devices such as tablets to their workplace. The topic chosen is highly significant because the organizations may afford to allow technological advancements but not at the cost of the security of the corporate information and organization-specific data. The respective devices of the employees gain access to the network through Wi-Fi or other connectivity and involve the use of mainly the Internet. These processes highlight the vulnerability to the leakage of credential data, besides malware, phishing, and other intrusive actions. 2.2 Research Coverage on Existing Literature The prime topics that are discussed in the report Usability and Security of Text Passwords on Mobile Devices, conducted by Melicher et al. (2016), are the introduction to the research specification that highlight a brief theory on the context of text passwords as an implementation of security in the mobile devices. The research also includes the relevant work and efforts to evaluate the password creation and its policies before analyzing the methods that the users follow to apply the passwords on the devices, and the presence of alternative approaches such as face-detection and fingerprint based graphic patterns. The latter study reveals the crowd sourcing methods followed and the acquired results of the tests, including the comparison of the former and recommended password policies. Nevertheless, the tail of the study includes the effect of the entry of excess text for the passwords before concluding with relevant recommendations. On the other hand, the introduction to the research named as Todays Mobile Security Requires a New Approach, conducted by Leavitt (2013) involves the context of the modern trend of bringing the respective smart mobile devices to the workplace of the employees. The issues address the requirement of the safety of the organizational data and sensitive corporate information from the malicious attacks causing disorder and denial of service at the organizations, by applying passwords, firewall guards, intrusion detection methods and its preventions. The security issues included in the journal carry information regarding the statistical data of the extent of use of BYOD, the vulnerabilities offered by this trend, the potential attacks, and threats, the evolution of the protection policies, the management of the cloud and the devices, including the precious recommendations of the security vendor organizations. The research ends on a relevant research on the modern methods of BYOD threat coun ter and the essential risk management of the multi-layered BYOD processing environment. 2.3 Research Methodology The methodology utilized by the journal Usability and Security of Text Passwords on Mobile Devices, conducted by Melicher et al. (2016) consists of online research, the backbone of which is crowd sourcing, and the service is provided by the Mechanical Turk service of Amazon. The test comprises two sections. The first part involved the creation of passwords under diverse policies and string entry patterns, and the second part studied the ability of the re-entry of the same password. The methodology had conditions namely the policy, the characteristics of he entered text and the device used. The parameter of the usability had the span of creation, attempts to retrieve the password, and other operations in failed or successful attempts. As discussed by Melicher et al. (2016), the test analyzed attacking methods such as Context-free Grammar guessing through probability and oclHashing distortion. The statistical tests included regression and algorithm to obtain and verify the results. Figure 1: Guess ability of passwords under PCFG attacks (Source: Melicher et al. 2016) Figure 2: Guess ability of passwords under Hashing attacks (Source: Melicher et al. 2016) In the case of the journal, named Todays Mobile Security Requires a New Approach, conducted by Leavitt (2013), the research initially has performed a statistical analysis of the extent of utility and real-time use of the BYOD service, by comparing the analysis based on a selected sample of countries with emerging economic conditions and developed economical strengths. The results revealed are showed below. Figure 3: Extent of use of BYOD in the emerging and developed economy countries (Source: Leavitt 2013) The other methods in the approach of the research, conducted by Leavitt (2013), are the collection of reports and other relevant statistical data along with case studies conducted by the security software vendors. An instance is research of Check Point Software Technology based on the reports of a large number of Information Technology professionals, as for instance a security leakage case causing major network compromises and huge financial losses. It also includes the recommendations for the process of mobile security in the BYOD security domain including the encryption of corporate data, as stated by Matt Bancroft of Helix security service vendor. The potential feature of the journal is the inclusion of the recommendations and other case studies for each of the mentioned areas such as the data security measures and approach, the security concerns for the cloud storage, etc. 2.4 The Correlation of the Research Framework and the Point of Study The primary purpose of the journal, Usability and Security of Text Passwords on Mobile Devices, conducted by Melicher et al. (2016) is the understanding and the evaluation of the utility, usability features and the extent of security that the text or other graphical passwords in a mobile device offers. The research is performed through online tests at first, and then relying on or conducting statistical analysis to find the best fitting results and to determine concepts of password breaching attacks and guessing attacks. The philosophical framework of the research justifies the point of research very well. The methodologies followed by the researchers adhere to the fundamental focus on the mobile security. To perform mass sampling and that too for the analysis of password entry policies and patterns, one of the most suitable solutions is the crowd sourcing method. On the other hand, the theoretical framework of the journal namely Todays Mobile Security Requires a New Approach, conducted by Leavitt (2013) consists of defining the key concepts of a brief context of the mobile security subarea of the protection of corporate data requirements in the case of BYOD, the discussion on the security issues, the points of threats and vulnerabilities, the overall management of the security maintenance for the BYOD in the organizations and the concluding note on the recommended policies. The discussion on the mentioned points is well fulfilled with the support of discussions from other sources and the case studies and recommendations from other IT professionals. Thus, there is the justified agreement between the theoretical framework and the research question of mobile security in the case of BYOD. 2.5 The Flaws in the Journals The critical evaluation of the journal namely Usability and Security of Text Passwords on Mobile Devices, published by Melicher et al. (2016), reveals that the report has succumbed to an important flaw. Though the report carries queues to and topics about passwords attacks, it has failed to provide a detailed discussion of the consequences, which the users may face due to the attacks causing their passwords to get hacked. The report has mentioned about the serviced of the Mechanical Turk on Amazon for providing the crowd sourcing facilities, but the utilization of the mentioned service without the measurement of the other available services a matter of bias, due to Amazons reputation as its parameter of data quality. Moreover, the study conducted is only confines to the samples in the USA, whereas the research should have included participants from other countries keeping in mind the web-based approach of the study. However, after the evaluation of the journal named Todays Mobile Security Requires a New Approach, conducted by Leavitt (2013), it has been observed that the research has mentioned various opinions and recommendations from the IT officials but does not provide a detailed support and scope to these recommended operations. This flaw has always been countered in good researches. Though the research has mentioned a column namely the new data security approaches, it has not highlighted on some of the major BYOD security management methods such as network segregation and options to blacklist and white list data. Apart from this, the research does not include a column mentioning the acknowledgments and the references to the case studies and the recommendations. This is a major flaw of an incomplete research report. 2.6 Ethical Analysis of the Research The analysis of the research named Usability and Security of Text Passwords on Mobile Devices, conducted by Melicher et al. (2016) reveals the fact that the research has abided by the fundamental principles of ethics in research those are Minimizing Harm, Respecting the Autonomy, Protecting privacy, Offering the required reciprocity and treating the people equally. This research has a harmless topic of mobile security and the password domain, which is a topic of user awareness. The research has provided the degree of freedom for the users to make the decisions autonomously keeping in mind the security criteria in the passwords. The data is well justified in the context of privacy, and the reciprocity is maintained by mentioning the sources of the study results in the references columns. Thus, the study may be concluded as ethical. On the contrary, the critical evaluation of the journal namely Todays Mobile Security Requires a New Approach, conducted by Leavitt (2013) reveals the fact that the study is ethical, except in the case of the non-inclusion of the acknowledgment or reference column. Though the research includes the recommendations and topics on the case studies of the security breaches caused due tot attacks caused by the BYOD trend, it does not account for the authenticity and the parameter of reciprocity, which results in this section of the study to be unethical. However, the other criteria as mentioned above are well fulfilled except for the lack of the reference column. 2.7 Data Collection and Analysis The data collection for the journal called Usability and Security of Text Passwords on Mobile Devices, conducted by Melicher et al. (2016) can be stated to be appropriate. The analysis conducted for the research involves the online crowd sourcing based tests, which can account to be the best method for the accumulation and analysis of the statistical data regarding the identification of the password policies maintained and the string patterns for the passwords. The research also includes the testing methods and the test results, based on different conditions. The most crucial part of the research is the highlight of the ecological suiting of the password generation methods that imply the validity of the results, to be implemented in the real-time operations. On the other hand, the evaluation of the journal namely Todays Mobile Security Requires a New Approach, conducted by Leavitt (2013), reveals that the data provided regarding the mobile security concerns highlights a major range of security threats and the management of the security methods but lacks the detailed insight into the mentioned topics. The research has produced many topics namely the threats, new security management methods, case studies and the recommendations of the IT officials, but it lacks the details that should have been present on the inclusion of this domain. 2.8 Evidence Support of the Research In the case of the research finding of the journal namely Usability and Security of Text Passwords on Mobile Devices, conducted by Melicher et al. (2016), the test findings include a wide number of evidence. The tests include the sampling standards like the presence of password patterns such as basic20, 3class8, 2word16, and 3word20 and the inclusion of conditions like basic20MM and 2word16TM. The evidence from the tests reveal the parameter and characteristics of usability like the challenges faced regarding time, creation criteria, ambiguity in the entered password, deletions and copy-pasting. Thus, the wide range testing methods have led to diverse evidence, which have led to the extensive findings of the research, due to the presence of widespread standards. On the contrary, the critical evaluation of the research named Todays Mobile Security Requires a New Approach, conducted by Leavitt (2013) reveals the fact that the research has included a major evidence towards the extent of the implementation of the BYOD trend in the countries, economically emerging and those with developed economies. The research also contains evidence from the case studies of different software breaches and the recommendations from the IT officials of the software service vendors. Thus, the evidences are adequate for the validity of the research. 3.0 Conclusion The essay comprises the evaluation of the key parameters for both the journals. The research questions addressed by both the journals are distinctly clear and are adequately significant in the context of contemporary mobile security. The essay further provides insight into the methodologies and the philosophical framework that the journals have followed. The analysis part of the essay describes the association of the addressed topics of the essay and the journals comprise noticeably associative data evaluation. However, the second journal has offered areas of criticizing like the flaws in not elaborating on the mentioned points and not including the reference list for the sources, from which it has acquired the statistical results as well as the case studies and the recommendations. References Leavitt, N., 2013. Today's mobile security requires a new approach.Computer, (11), pp.16-19. Melicher, W., Kurilova, D., Segreti, S.M., Kalvani, P., Shay, R., Ur, B., Bauer, L., Christin, N., Cranor, L.F. and Mazurek, M.L., 2016, May. Usability and security of text passwords on mobile devices. InProceedings of the 2016 Annual ACM Conference on Human Factors in Computing Systems, CHI(Vol. 16).
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.