In early days of computers, user devices used to be physically connected to their main frames or networks and the only way to perform cyber-attacks on those environments was if the attacker had a physical connection. In the present era, user has multiple devices on her own, being connected by all sort of wireless mechanisms and being all part of the same global network, that is Internet itself. All those mobile devices are susceptible to be attacked, infected or compromised and in almost all cases there is no need for the attacker to be physically connected.
In corporate environments one of the most well accepted cyber-defense architectures is the multi-layer approach as defined in Defense-in-depth concept. Enterprise networks use to have a great number of cyber-protection mechanisms like firewalls, proxies, web-filtering, anti-malware, IDS/IPS, etc., all of them installed in dedicated servers and separately managed based on the multi-layer cyber-defense architecture. This provides a complete cyber-protection mechanism to all devices connected to these networks, even mobile ones.
Nevertheless, as mobile devices used to be connected to different networks, they are not protected outside corporate networks. In the case of personal cyber-protection, the common technical approach to the solution is to install almost the same corporative components but with less functions and inside the protected device. This means that people use to install different kind of protection software, like anti-viruses or personal firewalls, on their mobile devices. Some of them also use to configure their devices with cyber-security countermeasures like erasing all the device memory if someone writes the wrong password more than 10 consecutive times. Nevertheless, many device owners also use to install non-trusted software from non-well-verified repositories increasing the risk of cyber-infections. Moreover, many of them use to compromise their own mobile devices using “jailbreaking”1 or “rooting”2 techniques, granting administrator privileges to this software making them unsafe or even risky. In their article, Bass and Robichaux explain that one of the main cyber-security flaws is the user behavior. Talbot et al. explains how wireless technologies increases cyber-insecurities. 1 Jailbreak: Obtain administrator privileges and full access to Apple IOS operating system functions of devices like iPod, iPad or iPhone.2 Root: Obtain administrator privileges and full access to Android operating system function of Android devices.
In this scenario, the above mentioned protection countermeasures are rather effectiveness because if a malware is able to take control of the mobile device, the installed countermeasures may be completely invalidated by this malicious software. Normally users are unaware of these cyber-risks and many times want to install games or software applications that they do not know their security or confidence level. For this reason, from the cyber-security point of view, it is very hard to avoid that the device owner misuse their mobile devices.
A reasonable solution for this problem is that the user carries a second device, but specifically designed and built to mitigate cyber-risks. Nowadays, a popular multi-layer, small-scale approach is that named UTM3. UTM devices are special pieces of hardware which add a lot of cyber-countermeasures to protect user devices but in a separate box and with no other functionality that cyber-protection, so the users are not tempted to accidentally compromise its security. 3 UTM: Unified Threat Modules
UTM devices proved to be pretty reliable and their maturity levels have been increasing year by year. State of the art UTMs combines the following main cyber-security features:                Firewall        VPN (Virtual Private Networks)        IDS/IPS (Intrusion Detection/Prevention Systems)        Anti-virus/Anti-spyware/Anti-malware        Web Content Filtering        Anti-spam        Application Control        DLP (Data Leak Prevention)        SSL inspection        NAC (Network Access Control)        
UTM devices increase user protection; nevertheless they have two main disadvantages. The first one is that they are not designed to be portable, so they can only be used inside the networks they have been installed on. The second one is that they are so complete and have so many and sophisticated options that they are not suitable to be managed by the common, non-technical user.
In the last years, a number of methods, devices and/or apparatuses have been patented or are even commercially available with the aim of solving this particular mobile cyber-security problem. In fact, this invention relates to US20140090046, U.S. Ser. Nos. 00/921,0682, 00/897,3151, 00/884,4032, 00/884,4036, 00/862,7452, 00/859,5834, 00/850,5103, 00/837,0922, 00/837,0918, 00/831,6438 and 00/748,6666. Nevertheless these prior art developments have three main disadvantages explained as follows.
In these days, users work with many portable devices at the same time (one or more smartphones, tablets, notebooks, smart watches, Bluetooth beacons, etc.), all of them connected wirelessly and therefore, all of them susceptible to cyber-attacks.
The first disadvantage is that one of prior art is that though some of these apparatuses are portable, they still need physical cable connection with the mobile device to be protected. In this scenario, the amount of mobile devices connected to these kind of cyber-protection apparatuses is limited to the amount of available physical interface connectors. In FIG. 1 and FIG. 2 some of prior art devices functions are summarized. As it can be seen, hardwired connections go from mobile devices 100 to the prior art protection device 200. UTM functions are included in both type of prior art devices 202 and 212. Moreover, some of them need to be plugged in power wall plates 301 to work. Some of them have only small batteries to preserve power for controlled boot down in case of power loss 302
The second disadvantage is that as almost all prior art developed apparatuses contain a number of TCPIP or UDP/IP system services listening over the network like DHCP, DNS, web-based Administration applications, etc. 215. This means that their attack surface is the same that for every other network protection device. So, if an attacker is inside the network and knows the IP address of some of these prior art protection devices, it is possible for her to generate exploit attempts over some of these services vulnerabilities.
The third one is that many of these prior art protection devices also need some kind of software agent 111 installed inside the mobile device to be protected. This makes the protection non-completely transparent to the user because it adds an additional complexity level, so she can feel uncomfortable with it.
Finally, many of these prior art devices FIG. 2 were designed with the only purpose that users can use Internet with a certain increase on the security level at hotels when they are traveling.