Bring your own device: security challenges and a theoretical framework for two-factor authentication
In this paper, the security challenges of BYOD are discussed, including existing security solutions which often are too restrictive. Data leakage is one of the security challenges confronting BYOD. Data leakage can occur as a result of stolen, lost or compromised employee devices. When an employee d...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Dorma Trading Est
2016
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/55224/ http://psasir.upm.edu.my/id/eprint/55224/1/Bring%20your%20own%20device%20security%20challenges%20and%20a%20theoretical%20framework%20for%20two-factor%20authentication.pdf |
| _version_ | 1848852746966401024 |
|---|---|
| author | Olalere, Morufu Abdullah, Mohd Taufik Mahmod, Ramlan Abdullah, Azizol |
| author_facet | Olalere, Morufu Abdullah, Mohd Taufik Mahmod, Ramlan Abdullah, Azizol |
| author_sort | Olalere, Morufu |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | In this paper, the security challenges of BYOD are discussed, including existing security solutions which often are too restrictive. Data leakage is one of the security challenges confronting BYOD. Data leakage can occur as a result of stolen, lost or compromised employee devices. When an employee device is stolen, lost or comprised, an attacker can obtain access directly to the enterprise data on the employee device if a strong authentication technique is not in place. The traditional means of authenticating employees when connecting to an enterprise server in a traditional network environment which relies on either knowledge or ownership is too weak for the BYOD environment. In such a traditional enterprise network, employees obtain access to an enterprise server using their respective stationary desktop, while in a BYOD environment access to an enterprise server is from anywhere, making it easy for an attacker in possession of an employee device and password to gain unauthorised access. To address this problem, there is need for a strong authentication technique. This study proposes a theoretical framework for a two-factor authentication method that combines knowledge-based (Password) and biometric-based (Keystroke dynamic) features for authentication of mobile devices in a BYOD environment. Technical details on how the framework can be implemented are presented. It is the belief of the authors that proper implementation of the proposed potential future application framework will go a long way in addressing the problem of data leakage in a BYOD environment. |
| first_indexed | 2025-11-15T10:42:59Z |
| format | Article |
| id | upm-55224 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T10:42:59Z |
| publishDate | 2016 |
| publisher | Dorma Trading Est |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-552242018-08-14T02:30:33Z http://psasir.upm.edu.my/id/eprint/55224/ Bring your own device: security challenges and a theoretical framework for two-factor authentication Olalere, Morufu Abdullah, Mohd Taufik Mahmod, Ramlan Abdullah, Azizol In this paper, the security challenges of BYOD are discussed, including existing security solutions which often are too restrictive. Data leakage is one of the security challenges confronting BYOD. Data leakage can occur as a result of stolen, lost or compromised employee devices. When an employee device is stolen, lost or comprised, an attacker can obtain access directly to the enterprise data on the employee device if a strong authentication technique is not in place. The traditional means of authenticating employees when connecting to an enterprise server in a traditional network environment which relies on either knowledge or ownership is too weak for the BYOD environment. In such a traditional enterprise network, employees obtain access to an enterprise server using their respective stationary desktop, while in a BYOD environment access to an enterprise server is from anywhere, making it easy for an attacker in possession of an employee device and password to gain unauthorised access. To address this problem, there is need for a strong authentication technique. This study proposes a theoretical framework for a two-factor authentication method that combines knowledge-based (Password) and biometric-based (Keystroke dynamic) features for authentication of mobile devices in a BYOD environment. Technical details on how the framework can be implemented are presented. It is the belief of the authors that proper implementation of the proposed potential future application framework will go a long way in addressing the problem of data leakage in a BYOD environment. Dorma Trading Est 2016-01 Article PeerReviewed text en http://psasir.upm.edu.my/id/eprint/55224/1/Bring%20your%20own%20device%20security%20challenges%20and%20a%20theoretical%20framework%20for%20two-factor%20authentication.pdf Olalere, Morufu and Abdullah, Mohd Taufik and Mahmod, Ramlan and Abdullah, Azizol (2016) Bring your own device: security challenges and a theoretical framework for two-factor authentication. International Journal of Computer Networks and Communications Security, 4 (1). pp. 21-32. ISSN 2410-0595; ESSN: 2308-9830 |
| spellingShingle | Olalere, Morufu Abdullah, Mohd Taufik Mahmod, Ramlan Abdullah, Azizol Bring your own device: security challenges and a theoretical framework for two-factor authentication |
| title | Bring your own device: security challenges and a theoretical framework for two-factor authentication |
| title_full | Bring your own device: security challenges and a theoretical framework for two-factor authentication |
| title_fullStr | Bring your own device: security challenges and a theoretical framework for two-factor authentication |
| title_full_unstemmed | Bring your own device: security challenges and a theoretical framework for two-factor authentication |
| title_short | Bring your own device: security challenges and a theoretical framework for two-factor authentication |
| title_sort | bring your own device: security challenges and a theoretical framework for two-factor authentication |
| url | http://psasir.upm.edu.my/id/eprint/55224/ http://psasir.upm.edu.my/id/eprint/55224/1/Bring%20your%20own%20device%20security%20challenges%20and%20a%20theoretical%20framework%20for%20two-factor%20authentication.pdf |