Portal de Periódicos da CAPES

Extension of ISO/IEC27001 to Mobile Devices Security Management

2019; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-981-13-6621-5_3

1865-0937

Xiaobo Zhu, Yunqian Zhu,

Advanced Malware Detection Techniques

Mobile security is more and more important with the fast growth of mobile devices, and people are becoming more dependent on mobile devices in their daily life. Malicious samples in mobile devices are growing in double times each year from 2011 to 2017 in China. ISO/IEC 27000 family of standards helps organizations keep information assets secure, such as financial information, intellectual property, employee details or information entrusted to you by third parties. ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS). However, ISO/IEC 27001 is not quite adaptable for mobile devices, because these developing mobile information devices lead to new challenges and security risks. This paper analyzes mobile devices security issues, and gives the drawback for 27001 in mobile security. Finally, this paper gives a consideration to these issues under ISO/IEC 27001 information security management system framework.