A Secure In-Depth File System Concealed by GPS-Based Mounting Authentication for Mobile Devices

Yong JIN  Masahiko TOMOISHI  Satoshi MATSUURA  Yoshiaki KITAGUCHI  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E101-D   No.11   pp.2612-2621
Publication Date: 2018/11/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2017ICP0017
Type of Manuscript: Special Section PAPER (Special Section on Information and Communication System Security)
Category: Mobile Application and Web Security
Keyword: 
data breach,  data destruction,  concealed file system,  in-depth file system,  GPS-based mounting authentication,  mobile security,  

Full Text: PDF(2.3MB)
>>Buy this Article


Summary: 
Data breach and data destruction attack have become the critical security threats for the ICT (Information and Communication Technology) infrastructure. Both the Internet service providers and users are suffering from the cyber threats especially those to confidential data and private information. The requirements of human social activities make people move carrying confidential data and data breach always happens during the transportation. The Internet connectivity and cryptographic technology have made the usage of confidential data much secure. However, even with the high deployment rate of the Internet infrastructure, the concerns for lack of the Internet connectivity make people carry data with their mobile devices. In this paper, we describe the main patterns of data breach occur on mobile devices and propose a secure in-depth file system concealed by GPS-based mounting authentication to mitigate data breach on mobile devices. In the proposed in-depth file system, data can be stored based on the level of credential with corresponding authentication policy and the mounting operation will be only successful on designated locations. We implemented a prototype system using Veracrypt and Perl language and confirmed that the in-depth file system worked exactly as we expected by evaluations on two locations. The contribution of this paper includes the clarification that GPS-based mounting authentication for a file system can reduce the risk of data breach for mobile devices and a realization of prototype system.