TY - GEN
T1 - Towards a Smartphone User Competency Evolution Model
AU - Louw, Candice
AU - Von Solms, Sebastiaan
N1 - Publisher Copyright:
© 2015 ACM.
PY - 2015/9/28
Y1 - 2015/9/28
N2 - Over the past few years smartphones have evolved from being basic devices that support stock-standard, static Operating Systems (OSs) to powerful devices that are capable of running dynamic, customizable OSs. In turn, these OSs also support the installation of additional, mobile applications (apps) on the fly. With an increase in the number of apps that users may choose to install on their smartphones, the vulnerability of the information stored on the device potentially also increases as a result. This is due to the fact that cyber criminals are able to write apps that can often gain access to not only personal user information, but also sensitive organizational information stored on these smartphone devices. In this paper we have a look at smartphone OS trends over the past 5 years on both a global and a local scale. We subsequently identify Android as the top grossing OS in both scenarios making it the most popular OS in the world. We proceed with an investigation of various aspects relating to smartphone apps including a discussion on some of the official app distribution platforms (referred to as marketplaces), the problems experienced by marketplaces due to malicious apps being distributed and also the current techniques being employed in an attempt to minimize the publication of malicious apps. We continue our discussion on apps by looking at the typical process followed for downloading and also updating an app ' these are in turn used to form a complete user journey map of a generic app marketplace. Finally, we focus our attention to the smartphone user. By introducing the Smartphone User Competency Evolution (SUCE) model as well as the Smartphone Application User Security Competency Evolution (SAUSCE) model, we discuss the significance of determining an individual user's level of understanding and competence relating to the usage of their smartphone and the apps installed on it. We conclude by noting that the SAUSCE model could potentially aid individual users and/or their organizations at providing level appropriate training and awareness to aid smartphone users in their ongoing battle against smartphone abusers. The efficacy that such a model may have when used in conjunction with other best practices however, relies greatly on the successful implementation of 'if the shoe fits, put it on' understanding, regulation and enforcement. As a result, it will no longer be a question of if the shoe fits, put it on, but rather, if the smartphone security level fits, put (switch) it on.
AB - Over the past few years smartphones have evolved from being basic devices that support stock-standard, static Operating Systems (OSs) to powerful devices that are capable of running dynamic, customizable OSs. In turn, these OSs also support the installation of additional, mobile applications (apps) on the fly. With an increase in the number of apps that users may choose to install on their smartphones, the vulnerability of the information stored on the device potentially also increases as a result. This is due to the fact that cyber criminals are able to write apps that can often gain access to not only personal user information, but also sensitive organizational information stored on these smartphone devices. In this paper we have a look at smartphone OS trends over the past 5 years on both a global and a local scale. We subsequently identify Android as the top grossing OS in both scenarios making it the most popular OS in the world. We proceed with an investigation of various aspects relating to smartphone apps including a discussion on some of the official app distribution platforms (referred to as marketplaces), the problems experienced by marketplaces due to malicious apps being distributed and also the current techniques being employed in an attempt to minimize the publication of malicious apps. We continue our discussion on apps by looking at the typical process followed for downloading and also updating an app ' these are in turn used to form a complete user journey map of a generic app marketplace. Finally, we focus our attention to the smartphone user. By introducing the Smartphone User Competency Evolution (SUCE) model as well as the Smartphone Application User Security Competency Evolution (SAUSCE) model, we discuss the significance of determining an individual user's level of understanding and competence relating to the usage of their smartphone and the apps installed on it. We conclude by noting that the SAUSCE model could potentially aid individual users and/or their organizations at providing level appropriate training and awareness to aid smartphone users in their ongoing battle against smartphone abusers. The efficacy that such a model may have when used in conjunction with other best practices however, relies greatly on the successful implementation of 'if the shoe fits, put it on' understanding, regulation and enforcement. As a result, it will no longer be a question of if the shoe fits, put it on, but rather, if the smartphone security level fits, put (switch) it on.
KW - Android
KW - Application lifecycle
KW - Application marketplace
KW - BYOD
KW - Bring Your Own Device
KW - Smartphone application permissions
KW - Smartphone applications
UR - http://www.scopus.com/inward/record.url?scp=84959420038&partnerID=8YFLogxK
U2 - 10.1145/2815782.2815802
DO - 10.1145/2815782.2815802
M3 - Conference contribution
AN - SCOPUS:84959420038
T3 - ACM International Conference Proceeding Series
BT - SAICSIT 2015 - Proceedings of the 2015 Annual Research Conference of the South African Institute of Computer Scientists and Information Technologists
A2 - Cleophas, Loek
A2 - Kourie, Derrick G.
A2 - Watson, Bruce W.
A2 - Barnett, Richard J.
A2 - le Roux, Daniel B.
PB - Association for Computing Machinery
T2 - 2015 Annual Research Conference of the South African Institute of Computer Scientists and Information Technologists, SAICSIT 2015
Y2 - 28 September 2015 through 30 September 2015
ER -