An enhanced smartphone security model based on information security management system (ISMS)

Abstract

As the penetration of smartphones increases rapidly, in the occurrence of security threats in smartphones, smartphone security technologies are not sufficient, and moreover, the security technologies and measures that can be applied to smartphones remain limited. This, as a result, creates a problem that smartphones are easily exposed to security attacks. Gradually, the studies on smartphone security are progressing and the development of security technologies is underway. However, such efforts remain inadequate in view of the vulnerabilities that lie in smartphone security. Therefore, studies are necessary on enhanced information security measures that can ensure the safe usage of smartphones in a real environment. In this paper, a Smartphone-information security management system (ISMS) model based on ISMS is proposed. Firstly, this study defines the elements of smartphone security threats, which can occur in the smartphone environment, and the requirements for smartphone security. Based on the results, this work derives seven relevant control items by combining existing ISMS-based information security models with the smartphone environment, and thereby proposes a Smartphone-ISMS model through the materialization of each control item. Additionally, the results of the comparison of characteristics between existing ISMS models and the proposed Smartphone-ISMS are presented.