I. Background (cont'd)
In this article, we will focus on the following three representative developments in information technology and introduce latest trends in the information security aspects.
- Mobile Computing
Mobile computing has been a hot topic for recent years. Mobile devices such as smartphones and tablets are getting much more powerful in these few years. In addition to the conventional telephone functions, they are capable of Internet browsing, making online transactions, downloading applications and providing location services like Global Positioning Services (GPS).
With the growing complexity of mobile devices, operating systems and applications, security threats are now more prevalent. According to a survey conducted by Juniper Network Inc. in 2010, about 72% of respondents had shared or accessed sensitive information, such as bank accounts and credit card numbers, via their mobile devices. Applications of these kinds raised the severity of sensitive data leakage or malicious attacks.
One of the popular Open mobile platforms, Android, has suffered several attacks from hostile software in the form of viruses, worms and Trojan horses. iOS, another widely used mobile operating system for Apple's iPhones, was once known to have a security flaw that allows an application to download and execute unsigned program codes (i.e. programs without proven authenticity) from a remote source.
- Cloud Computing
One of the biggest waves of technology innovation is the cloud computing. It defines a way to increase capacity or add capabilities quickly without investing in new infrastructure, training new personnel, or licensing new software.
There are a number of security flaws associated with cloud computing, which can be categorised into:
- Security Flaws in Cloud Providers - Security issues related to organisations providing the cloud services, including the underlying infrastructure, IT operational procedures and information systems deployed.
Researchers have pointed out that multiple security vulnerabilities are found in many cloud architectures. Amazon Web Services was found to have security flaws that may allow unauthorised access to all user data and cross-site scripting attacks.