Dynamic Context-Aware Data Protection Through Virtual Micro Security-Perimeters in Smartphones and Wearable Devices

Saman Zonouz and Dario Pompili received a 2.5 year, $576K grant from the Department of Homeland Security for their project "Dynamic Context-Aware Data Protection Through Virtual Micro Security-Perimeters in Smartphones and Wearable Devices".

The abstract follows.

Abstract: Smartphones are quickly becoming the dominant platform over which cloud services and content are consumed. However, security on current mobile platforms leaves much to be desired. Multi-user support on mobile operating systems (OSes) is just starting to be offered, and no mobile OSes offer first class facilities for separating sensitive data (e.g., a user's work files) from mixing with non-sensitive data or leaking to untrusted endpoints. An example is how multiple e-mail accounts are handled in today's mobile email clients. It is common for emails from one account to be accidentally forwarded over another account where they may be stored on untrusted servers, or leak to unintended recipients. The outcomes will provide fine-grained policy based data-protection as a first class primitive in the mobile OS itself so that the user doesn't have to maintain completely different environments. The proposed solution will allow individual data and applications to be contained in micro-security perimeters or capsules. These capsules can be securely installed on a phone, and are subject to a data security policy defined by the capsule owner. The OS will then track the flow of data on a per-capsule basis as it is used by applications on the phone, and enforce the security policies associated with it. The PIs will be working with AT&T Labs through their established collaborations and connections to realize the proposed solution as a real-world open-source software package for public use.