Context-aware Security

Modern devices and applications are becoming more and more user-centric and aligned to the usage context. However, security mechanisms today are still very static and restrictive. The dissertation describes techniques to automatically recognize the usage context of mobile devices and to adapt security mechanisms accordingly. Users are less restricted, while adequate security is always guaranteed

---

Strong security for mobile devices plays an increasingly important role in protecting sensitive data and preserving privacy. However, as security controls are usually rather static and cannot adapt to changing contexts, they put an unnecessary burden on the user. In the worst case, users bypass security controls to get their job done. Of course, some mobile usage scenarios (e.g., business trip, commuting, or shopping) require stronger security controls than others (e.g., being at home, working in the office, or driving a car). Considering contextual information, we can always switch to appropriate security settings that are both secure and usable. This book addresses context-aware security for mobile devices. The proposed solution comprises a context model for expressing usage situations by logically linking contextual information as a context description, a context engine using these context descriptions for context detection at runtime, and a context derivation process for systematically deriving these context descriptions. Context-awareness disburdens the user, while still guaranteeing an adequate level of security at any time.