Mobile working group
proposed charter
February 2012
Working Group Executive Overview
Mobile computing is experiencing tremendous growth and adoption, while the devices are gaining significant power and dynamic capabilities. Personally owned mobile devices are increasingly being used to access employers’ systems and cloud-hosted data - both via browser-based and native mobile applications. Clouds of mobile devices are likely to be common. The CSA Mobile working group will be responsible for providing fundamental research to help secure mobile endpoint computing from a cloud-centric vantage point.
Working GroupScope and Responsibilities
The working group is chartered to research the following areas:
- Securing application stores and other public entities deploying software to mobile devices
- Analysis of mobile security capabilities and features of key mobile operating systems
- Cloud-based management, provisioning, policy, and data management of mobile devices to achieve security objectives
- Guidelines for the mobile device security framework and mobile cloud architectures
- Scalable authentication from mobile devices to multiple, heterogeneous cloud providers
- Best practices for secure mobile application development and securely enabling existing applications on mobile platforms
- Identification of primary risks related to individually owned devices accessing organizational systems (commonly known as BYOD – Bring Your Own Device)
- Solutions for resolving multiple usage roles related to BYOD, e.g. personal and business use of a common device
Deliverables will be governed by CSA’s intellectual property rights policy.
Peer Review
The CSA Telecom Working Group will be responsible for primary peer review and targeting specific external organizations. Trusted Cloud Initiative/CSA Working Group 5 will have primary responsibility for internal peer review of architecture and authentication-related research. Peer review will be provided from at least three external organizations. Draft deliverables will also be posted on the CSA website and LinkedIn group for public comment.
Deliverables
April 1 – Working group roadmap
May 1 –Summary version of November report (see below)
November 1 – Security Guidance for Critical Areas of Focus in Mobile Computing: whitepaper covering the research areas listed in working group scope.
Infrastructure & Resource Requirements
Working group will be composed of CSA volunteers. Working group will have a steering committee and co-chairs. A minimum of two CSA chapters will be invited to participate. Working group will require typical project management, online workspace and technical writing assistance.
Communications Methods
Twice monthly phone calls and online collaboration.
Duration
Working group will operate until November 1, 2012 deliverable, and at that time consider charter renewal
Copyright © 2012, Cloud Security Alliance / 1