Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Author(s):||Wayne Jansen; Athanasios T. Karygiannis; Serban I. Gavrila; Vlad Korolev;|
|Title:||Assigning and Enforcing Security Policies on Handheld Devices|
|Published:||May 01, 2002|
|Abstract:||The proliferation of mobile handheld devices, such as Personal Digital Assistants (PDAs) and tablet computers, within the workplace is expanding rapidly. While providing productivity benefits, the ability of these devices to store and transmit corporate information through both wired and wireless networks poses potential risks to an organization's security. This paper describes an approach to assigning and enforcing an organization's security policy on handheld devices. The approach relies on the device holding a valid policy certificate, obtained through synchronization with a user's desktop computer, organizational server, or other means, before conducting any security-sensitive operations. The paper describes a proof-of-concept implementation of the policy certificate issuing tool, policy specification language, certificate representation, and enforcement mechanisms that were used to demonstrate this approach, and discusses the associated benefits and drawbacks.|
|Conference:||Canadian Information Technology Security Symposium|
|Dates:||May 13-17, 2002|
|Keywords:||digital certificate,handheld devices,security policy,trust management|
|PDF version:||Click here to retrieve PDF version of paper|