Today's mobile devices such as smart phones and tablets face unique security issues, some of which go hand in hand with mobility. Enterprises, military, and intelligence agencies (collectively referred to herein as “organizations”) are all grappling with their users' use of mobile devices as many users are carrying out both business as well as personal activities on their mobile devices. This can be problematic even if a Bring Your Own Device (“BYOD”) device policy is in place.
BYOD can raise serious security issues when a user's personal device is used to access both non-sensitive and sensitive (and sometimes risky) networks and/or services. For example, if an employee uses his personal smartphone to access a company network and then loses that phone, untrusted parties could retrieve any unsecured data on the phone. Another type of security breach occurs when an employee leaves a company, she does not have to give the company back her personal device, so company-owned applications and other data may still be present on her personal device. A challenging but important task for organizations that utilize BYOD is to develop a policy that defines exactly what sensitive company information needs to be protected and which employees should have access to this information, and then to educate all employees on this policy. Commercial carriers are normally relied upon for implementing the security requirements of an organization's BYOD policy.
Because of Internet-based risks, some very risk-averse organizations issue devices specifically for Internet use (this is termed “Inverse-BYOD”), providing unfiltered access to the Internet and reserving filtered, sensitive network data for use within a secured, private network. However, this means that a user likely has to carry multiple devices (including one for his personal use) and organizations do not have a sure way of preventing the user from using his personal mobile device to communicate non-sensitive but company-related information. As such, organizations continue to search for solutions that allow mobile services to be delivered or shared within a single device, rather than having to issue their users multiple devices or separate devices for their personal use and locking them into private networks.
Finding viable solutions to handle mobile devices can be particularly challenging for organizations that operate in high assurance computing environments. A high assurance computing environment is one that provides a certain level of assurance as to its behavior, useful in ensuring a level of secrecy for classified information. For instance, a high assurance operating system may permit only certain certified applications to access a particular portion of a memory on a device where sensitive information is stored. However, this does not prevent the physical device itself to become suspect—how it was built, who has handled it from manufacturing through use, how it is used by the user, etc. Moreover, the device could be physically accessed or otherwise compromised in many ways. For instance, information stored or cached on a mobile device could be accessed while its owner is away (e.g., left on the table at a restaurant or on their desk at work, stolen, or lost) or the user may have downloaded an infected application or could be sent an infected document via email or instant messaging, or accessed an infected service.
Because a mobile device lives in a hostile world, securing the physical device itself (e.g., via Tempest hardware, encrypted storage, biometrics, etc.) is not enough and can be very expensive to do a thorough job. Even so, infiltration from any portion of the stack—from the chips to the software that is installed to the data the device receives—still leaves the device vulnerable to attacks from well-funded, motivated, adversaries. Attempts to provide the level of separation needed within the actual device face many challenges, and at best are likely to become a very expensive niche proposition in the overall commercial mobility ecosystem.
In view of unique challenges in incorporating mobile devices such as smart phones and tablets into secure computing environments, there is room for innovations and improvements. One area in need of improvement relates to the notifications that are provided by mobile devices. When a person is actively using a mobile device, the device may provide notifications of various events that may be of interest to the user. These notifications may include sounds that are made by the device or icons that are displayed by the device to indicate the type of event that has occurred. The most obvious notifications are the ones that are presented to the user of a smart phone when a telephone call is received. These notifications include turning on the display (which may include selected images and the caller's phone number), playing a selected ring tone, and/or causing the device to vibrate. Similarly, a device may present predetermined images or sounds to indicate that emails, text messages or other notifications have been received. Still other types of notifications may be provided by different applications that are executable by the device. Commonly, these notifications are configurable by the user.
Typically, a mobile device has a notification manager that executes on the device and manages the notifications. The various applications on the device which may need to have notifications communicated to the user are registered with the notification manager when they are installed. Then, when it is necessary for an application to notify the user of an event, the application communicates the desired information to the notification manager, which then provides a notification to the user (e.g., via displays or sounds). This mechanism works well when the notification manager is executing on a physical device, breaks down when it is executing on a virtual device that is disconnected from the physical device.
Although a notification manager executing on a virtual device could perform the same functions in the same manner as the notification manager on a physical device, the notifications cannot be directly communicated to the physical device when the physical device is disconnected from the virtual device. Further, because the virtual device has been implemented in order to maintain the security of a private network, it may not even be desirable to communicate notifications in the same manner as when the notification manager is executing on the physical device, because the notification itself may allow private information to escape the private network.
It would therefore be desirable to provide systems and methods for providing notifications to users when the users have mobile devices that can be alternately connected to or disconnected from virtualized devices in a private, secure network, where applications (and notification managers) are executed on the virtualized devices rather than the physical devices.