Offline security for corporate mobile application

Abstract

This paper presents a novel approach to the security of the corporate mobile devices, in particular the offline mode. The protection of the confidential data in use when the mobile client is not connected to the corporate cloud is provided by the combination of the cryptographic methods, such as AES file encryption, ABE authorization based both on user and share attributes, user key secret sharing (SS) based protection between the device and the user as well as MOS-based analytics methods to prevent the malicious user behavior. The proposed security architecture supports the minimized traffic load and reduced communication with the cloud.