Theft Preventive Measures for Interconnected Personal Computer Devices as Proactive Physical Security of Data

Theft Preventive Measures for Interconnected Personal Computer Devices as Proactive Physical Security of Data

Ekaterina Pshehotskaya (Moscow Polytechnic University, Moscow, Russia) and Oleg Mikhalsky (Moscow Polytechnic University, Moscow, Russia)
DOI: 10.4018/IJERTCS.2018070107

Abstract

This article is concerned with the arising problems and implications of physical security and privacy of personal and control data on portable computer devices, especially smartphones. The authors consider various classifications of portable computer devices, isolate smartphones as a most common device, and study types of user behavior regarding the involved security risks of unauthorized access to the data stored both locally and remotely with accent of physical data access via device theft. Based on provided categorization the researchers discuss the factors and criteria suitable to generalize user patterns and evaluate the corresponding vulnerability level against specified statistics. The considered statistical criteria can be formulated as a mathematical model of relative risks and implemented as a service or an application to be used for improving user awareness on current threats to his personal data and respective interconnected personal portable devices.
Article Preview
Top

1. Introduction

The ongoing advance of computer technologies has already resulted in almost total civilization dependence on exponentially growing amounts volume of produced and stored data and the means of processing it. Modern hardware and software capabilities are generally both affordable and user-friendly to the general public. The simplicity of operation has already resulted in the fact that manufactured devices with WAN access are outnumbering human population. The growing network of such standardized communication nodes is usually termed as “Internet of things” (IoT).

However, the simple and comfortable way of operating portable devices doesn’t imply appropriately high level of security. On the contrary, the security measures are usually subdued to increase usability and achieve more cost reduction. Therefore, the remaining unresolved issue of most concern is the vulnerability of majority of devices, lacking any plausible means to provide reliable authentication of incoming connections. The range of the devices spans from network-accessible digital modules with MQTT-protocol for primitive sensors (e.g. house-hold Wi-Fi digital thermometers) to embedded single-board computers (e.g. Raspberry Pi) for more sophisticated consumer electronics like refrigerators, washing machines and TV-sets. Due to standardization of both machine architecture and communication protocols every node can serve as a breaching point for malicious cyber activity. Thus, the modern technologies gave rise to wide diversity of threats to device-stored data with multiple vectors of attack.

The overall problem of data security already gained a planetary scale. According to the recent Breach Level Index by Gemalto (Gemalto, 2017) the volume of the reported data breaches exceeded 1.9 billion of records only in the first half of 2017. The primary sources of the breaches where identified as malicious outsiders (74 percent), accidental loss (18 percent) and malicious insiders (8 percent). Narrow focused Bitglass report on financial services breaches (Bitglass, 2016) shows that the major proportions of breaches in the financial services sector where attributed to lost or stolen devices (25.3 percent) and hacking (19.2 percent), while malicious insiders where considered a source in 13.1 percent of cases. These facts indicate that device theft poses a serious threat to data security, and is a major factor contributing to large scale data breaches. The survey of Kensington IT Security Systems (Kensington, 2016) demonstrate that, despite such circumstances, more than a third (34 percent) of IT personnel lacks any physical security policy for corporate electronic assets, over half (54 percent) of survey participants do not consider physical locks for IT equipment, and 80 percent of survey respondents disregard use of locks for accompanying auxiliary equipment. Thus, 52 percent of the devices are stolen from the offices, and 24 percent from the conferences. The Recipero report on US Cell Phone Crime Statistics in 2016 (Recipero, 2016) addresses the issue of personal thefts, and reveals that 31 percent of devices reported stolen were NOT blocked by operators. Moreover, 7 percent of devices that are blocked when an insurance claim is made for loss or theft were unblocked within 30 days.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 11: 4 Issues (2020): Forthcoming, Available for Pre-Order
Volume 10: 4 Issues (2019)
Volume 9: 2 Issues (2018)
Volume 8: 2 Issues (2017)
Volume 7: 2 Issues (2016)
Volume 6: 2 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing