Crossover: Secure and Usable User Interface for Mobile Devices with Multiple Isolated OS Personalities

Bring your own device policies allow private phones to be used in corporate environments. To solve the tension be- tween the user’s needs and the corporate’s security policies, solutions with multiple operating system personalities in parallel have been proposed. These solutions succeed at iso- lating personal and corporate information at the data level. Thorough research of the security requirements of the user interface to handle different environments on one device is missing.
In this work we define a threat model and derive the pre- requisites for a practical and secure user interface for mobile devices. We designed an UI framework which provides the mechanisms to handle multiple environments on a mobile device. Our design is applicable to several different virtu- alization solutions. We implemented a prototype that runs on a real device and evaluated it in terms of usability and security.

Author(s):

Matthias Lange    
Technische Universität Berlin
Germany

Steffen Liebergeld    
Technische Universität Berlin
Germany