Professional Documents
Culture Documents
G.ARUN KUMAR
1. Introduction
Mobile devices, such as laptops and PDAs, make it possible for workers to access information anywhere. However, enhanced mobility means data can travel outside the boundaries of LAN firewall. The use of mobile devices to access information has made it easier for users to be more productive by making data available outside the enterprise.
1. 2.
3.
4. 5.
It is important to find and address the weakest link in the security system. Addressing an area of weakness could Include encrypting data on the device, encrypting data communications, password- protecting devices, incorporating user login mechanisms, or implementing.
: Confidentiality : Communications should remain private. Integrity : No one should be able to change the data, regardless of
whether they are able to see it.
communicating with on the other end and avoid a man-in-the-middle attack. Clients connecting to the enterprise system should know that they
3.1.1. Communication
architecture
Only the physical layer is responsible for actually placing data onto the wire or over the air and all other layers provide some well-defined level of functionality, such as error detection, correction, and encryption.
1. 2. 3. 4.
We have to be certain that only authorized clients can connect to server and that client are connecting to the correct server. Verifying that the correct entities are involved in data transmission is even more difficult in message systems because hand- shaking protocols cannot be used.
2.
Depending on the application, specific rights and permissions are configured on a per-user basis.
Mobile devices are small and expensive, so they are easily lost or left in taxis, and are a favorite target for thieves. If you dont want the new owner to have access to your corporate systems or view sensitive data, precautions must be taken
2.
Encrypting the entire file system (this may be useful when using data outside of a database, such as in a spread sheet).
4. Conclusion
Security is about minimizing risk, not eliminating it. This means identifying the weakest links in our system and then designing an appropriate solution that takes into account the associated risks and costs to protect the mobile data.
5. REFERENCES