NIST logo

Publication Citation: Assigning and Enforcing Security Policies on Handheld Devices

NIST Authors in Bold

Author(s): Wayne Jansen; Athanasios T. Karygiannis; Serban I. Gavrila; Vlad Korolev;
Title: Assigning and Enforcing Security Policies on Handheld Devices
Published: May 01, 2002
Abstract: The proliferation of mobile handheld devices, such as Personal Digital Assistants (PDAs) and tablet computers, within the workplace is expanding rapidly. While providing productivity benefits, the ability of these devices to store and transmit corporate information through both wired and wireless networks poses potential risks to an organization's security. This paper describes an approach to assigning and enforcing an organization's security policy on handheld devices. The approach relies on the device holding a valid policy certificate, obtained through synchronization with a user's desktop computer, organizational server, or other means, before conducting any security-sensitive operations. The paper describes a proof-of-concept implementation of the policy certificate issuing tool, policy specification language, certificate representation, and enforcement mechanisms that were used to demonstrate this approach, and discusses the associated benefits and drawbacks.
Conference: Canadian Information Technology Security Symposium
Location: Ottawa, CA
Dates: May 13-17, 2002
Keywords: digital certificate;handheld devices;security policy;trust management
Research Areas:
PDF version: PDF Document Click here to retrieve PDF version of paper Error in custom script module