Study of measures for detecting abnormal access by establishing the context data-based security policy in the BYOD environment

Abstract

With the trend of BYOD (Bring Your Own Device), i.e., using personal mobile devices for work, proliferating, one can easily find people doing their work anytime, anywhere. BYOD has the benefits of reducing business expense and increasing work productivity and efficiency. Nonetheless, the uncontrolled access of internal networks by the personal devices, for which enterprises have limitations in controlling, exposes the companies to security threats such as leak of confidential data and access by unauthorized users, yet there are inadequate countermeasures. Therefore, there is a need for a means of collecting the personalized context data of the user accessing the internal network and detecting and controlling abnormal user access by establishing a context-based policy. This paper presents measures for detecting abnormal access by collecting the context data according to the various devices and access environment and establishing the context data-based policy under the BYOD environment.