中文摘要
智慧手機及行動上網裝置過去幾年來全球普及率已超過30%,不僅為人們帶來大量的便利智慧生活服務,其不斷提升的運算效能,更逐漸取代傳統筆記型電腦,成為工作上最重要的智慧終端設備。然而員工自攜智慧手機至工作環境使用時,各式各樣自行下載的APP及不同手機中運行的系統服務,亦同時接續入到企業網路內部網路,而造成嚴峻的自攜裝置(BYOD)安全管理挑戰。現行以MDM(Mobile Device Management)嚴格控管智慧終端的方式,仍面臨取捨智慧終端安全管理與使用便利之兩難。智慧手機虛擬化(Smartphone Virtualization)技術以運行彼此相互隔離的安全工作手機環境之能力,達到安全威脅隔離同時可兼顧提供個人自由應用之便利,為BYOD安全的管理帶來新的技術突破契機。本文提出虛擬化智慧手機(Virtualized Smartphone)及虛擬行動基礎架構(Virtual Mobile Infrastructure)兩種方式,可有效滿足在高度安全控管的條件下,仍能兼俱提供自主便利應用服務功能。藉由已可在商用智慧手機中展示的雛型成果,我們已證明智慧手機虛擬化技術可作為BYOD安全的有效解決方案,並且已具備導入到商業環境應用之成熟度。
Abstract
With a more than 30% rapid growth in global smartphone dispersion in last few years, not only are people experiencing exponential increase in convenience from intelligent application services, the continuous breakthroughs on end-device computing have also caused more and more smartphones entering enterprise network environment. Massive and various user-installed apps and services are prone to bring numerously potential security threats directly into enterprise network without any firewall protection. Using MDM (Mobile Device Management) to add strict security policies and monitoring may improve the BYOD security management, but it still encounters a great challenge to strike a balance between security and convenience. In this paper, two smartphone virtualization technologies - Virtualized Smartphone and Virtual Mobile Infrastructure - are proposed to provide a best balance between security management and user convenience. The prototype solutions have been successfully implemented and demoed using generally available commercial smartphones, and the performance evaluation results also support the proposed solutions that are able to provide a close-to-native smartphone user experience.
Key Words
Smartphone Virtualization (智慧手機虛擬化技術)
Bring Your Own Device;BYOD (自攜裝置)
Virtualized Smartphone (虛擬化智慧手機)
Virtual Mobile Infrastructure (虛擬行動基礎架構)
相關檔案: 用於自攜裝置(BYOD)安全之智慧手機虛擬化技術(全文)
