MANHASSET, NY -- A team of Virginia Tech researchers has modified Google’s Android operating system to create security features to remotely lock smart phones and wipe out sensitive data downloaded in specific physical locations.
“There are commercial products that do limited versions of these things, but nothing that allows for automating wiping and complete control of settings and apps on smart phones and tablets,” explained Jules White, assistant professor in the Department of Electrical and Computer Engineering. “This system provides something that has never been available before. It puts physical boundaries around information in cyberspace.”
“Technology like this may be ripe not only for commercialization, but it could also improve our nation’s defense and security,” said John Provo, director of the Virginia Tech Office of Economic Development.
Medical caregivers could also be beneficiaries of the technology by safeguarding patient privacy.The software also enables central control of phone features such as preventing a smart phone’s camera or email from working.
“For instance, you could keep certain apps from working in the operating room so surgeons wouldn’t get distracted, or you could prevent nurses from taking patient photos and putting them on the Internet,” said White. "In that same way, parents could restrict children from texting to prevent distraction at school."
Last month Virginia Tech in cooperation with government contractors L-3 Communications, Northrop Grumman, General Dynamics Advanced Information Systems, and security firm Verisign Labs established an Industry/University Cooperative Research Center in cybersecurity. Virginia Tech received from the NSF a five-year continuing grant to establish the center.
This new cybersecurity site joins the Security and Software Engineering Research Center (S2ERC), which is led by Ball State University and includes a primary site at Iowa State University and now Virginia Tech.
The NSF established S2ERC 25 years ago as the only I/UCRC dedicated to software engineering and recently rechartered the center with an added focus on security.
"A number of high-profile incidents have caused both the federal government and private industry to re-prioritize computer and network security," said Charles Clancy, associate professor of electrical and computer engineering at Virginia Tech and director of The Ted and Karyn Hume Center for National Security and Technology. This has resulted in a major need for research and education in the field."
Recently, in collaboration with the Naval Postgraduate School and L-3 Communications, Virginia Tech recently launched the Arlington-based Cybersecurity Innovations Lab.
The challenge with an open system is that security features can be added - which is great - but they can also be disabled or recoded to be non-functional. How would an employer confirm that the intended security features are all installed and intact as employees entered the facility?
you know android is linux, right? adding such features to any linux box merely demonstrates basic understanding of how *nix works, not some kind of breakthrough or heroic act of uber-coding.
also what is this about "trumping" android? the title implies a trap (trojan?) that overmatches (breaks into?) android. which if anything is the opposite of the article...
Battar: good idea. I believe that all these security issues are being, and will be, addressed by DOD and contractors. What I'm curious about is how do the security issues translate to the commercial world, in medical, and industrial applications. Any ideas?
Heres an idea - certain defence contractors do not allow cameras in their facilities, and employees must use cell-phones without cameras. A contractor could give their employees smartphones and automatically disable the camera when they swipe the badge at the entry gate.
Join our online Radio Show on Friday 11th July starting at 2:00pm Eastern, when EETimes editor of all things fun and interesting, Max Maxfield, and embedded systems expert, Jack Ganssle, will debate as to just what is, and is not, and embedded system.