Sensitive Data Protection on Mobile Devices

—Nowadays, many mobile devices such as phones and tablets are used in the workplace. A large amount of data is being transferred from one person to another. Data transfer is used for several different fields. Many companies and institutions are focusing on research and development on the way to further protect sensitive data. However, sensitive data still get leaks on mobile devices. To analyze how sensitive data get leak, a simulation on transferring sensitive data is developed. In this paper, we present the analysis of mobile security problem dealing with sensitive data from getting out. The goals in our research are for users to have a greater understanding on how data is being transferred and prevention sensitive data from being stolen. Our work will benefit mobile device users and help to prevent sensitive data from being stolen. Our experiments show different ways to safely transfer information on mobile devices by testing three methods types, which are backup , encryption, and lock plus wipe data.


INTRODUCTION
Mobile Security is a very important field in the security world.Computer data transfer plays a very important role in daily life.The importance of the transfer data can range from business, schools, companies, and government documents.The process of transfer data is to focus on finding answers for life problem by transfer information from one person to another.In order to analysis how data being transfer from the mobile device and to prevent sensitive data from getting out there, we need to simulate several different ways how data can be transfer on the mobile device.Data transfer is achieving by safely copying or moving important data from one location to another.Some examples are, computer to computer, computer to mobile device, mobile device to mobile device, mobile device to the server, and computer to the server.Now it is much easier and faster to transfer data today than it was in the past few decades.
Nevertheless, it is even easier for hackers to get sensitive data from the users.As a result, many researches are needed to find safer ways to transfer data and information on the mobile device.
In this paper, we present analysis of mobile security problem dealing with sensitive data from getting out there.Data transfer is copying data from a storage device to memory also copying data from one computer to another [1].As a result transfer data has increased it range for transfer data it just not only are computer, but are phones, tablets, and server.Data transfer has many benefits, which include, offloading server work, robustness support environment, transferring only relevant data, backup data, and balancing resources in an application development environment.A redistribution of work load boosts response time for production systems that run on servers.
Increasing robustness to the decision support environment works in the case of a network failure that would temporarily eliminate access to the server's data.Transfers Only Relevant Data can transfer only the data that you need to use.Model of a Centralized Control Point automated jobs that can run during non-peak hours can distribute data and applications to multiple computers that need the data and the applications for the next day's work.Back-Up Client Data and applications can be copied from a client that has limited memory resources to a server that has more memory resources.This provides a backup in case of loss on the client.Balances Resources in Application Development Environment programmers can use Data Transfer Services to make efficient use of network resources [2].This paper focuses on three solutions on how to prevent sensitive data from getting out on the mobile device.They are back-up, encryption, and remote lock plus wipe data.These solutions can be used for many different applications not only for personal use but for the business world as well also can be used on a number of mobile devices such as, phones and tablets.Although many approaches were use on the computer and had been applied with advantage to the solutions of some of these problems, we will explored this issues on an Android phone or tablets to see if one or both can be prevent sensitive data from getting taken from the user.
The rest of the paper is organized as follow: Section II introduces some previous related work; Section III describes the background on Sensitive Data on mobile device briefly; Section IV presents the experiments and research on prevent sensitive data from getting out there; and our experimental results are presented in Section V; Finally Section VI concludes this paper with our future directions.

II. RELATED WORK
The smart mobile devices, such as smartphones and tablets, are becoming an essential tool in people's personal and business activities.A large amount of personal data and even more sensitive important company data are stored in these devices, which also exposes a severe risk to device users when their devices are lost or stolen.If no defense mechanisms were enforced a prior, the lost or stolen devices would leak user information: your passwords can be broken, your emails could be seen, e-commence data such as online purchasing or banking transaction might be viewed; The situation would be www.ijacsa.thesai.orgworse when a device has the access right to Enterprise networks, e.g., via VPN, in which company networks will be exposed to malware or could be hacked It is one of major focus of security concerns for Android mobile device [3].
Sensitive data have always been important but sensitive data on a mobile device just gaining attention.Also there is some work related to sensitive data on a mobile device.Here we just refer to some recent work closely related.University of Cincinnati and Southern Polytechnic focuses on the development of Mobile Security Lab ware which shows users on how to protect and prevent sensitive data before and after a device is lost or stolen.The different between their and our work is that what type of data can be prevented on the mobile device.
Another related work was from Dimensional Research.They mainly focused on is how many mobile devices store sensitive customer and business data.The statistics results show that users reported a significant level of very sensitive information was on their mobile devices, including customer data (47%), network login credentials (38%), and corporate information made available through business applications (32%) [4].
The Ponemon Institute research focuses on [5] conducting high quality, empirical studies on critical issues affecting the management and security of sensitive information about people and organizations.In addition, only 27% of users regularly update their passwords, again, leaving them vulnerable to security attackers [6].Ernst & Young research was explaining that sensitive information or application configurations maybe accessible to users or unauthorized parties through various means [7].American Health Information Management Association takes sensitive data on mobile security to medical point of view.
By saying, mobile devices are easily lost or stolen and thus pose increased risks to the confidentiality and security of patient health information.Loss or theft of a device could easily result in the need for patient breach notification and subsequent reporting to the Department of Health and Human Services and media as required under the American Recovery and Reinvestment Act [8].

III. SYSTEM ARCHITECTURE
The Android system that we used in our research and implementation is the API (Application Programming Interface), which connects with the devices to build functions program and create application to do many things.As the API level rises up the more add-ons.All Android system compatibles devices support 32 and 64 bit processing.This platform interacts with such mobile devices as phones and tablets.
The Sensitive Data Architecture is in Fig. 1 shows sensitive user data is only available through protected APIs [9].The components of a sensitive data on the mobile device are personal information, input device, and metadata.Those are the types of sensitive User Data.API is the only way that another user can access sensitive data from the user.

A. Personal Information
Personal Information is the information that identifies who you are.It will admission the user information and set it in a protected API.For example are contacts and calendar information on the device.

B. Sensitive Data Input Devices
Sensitive data inputs allow the applications or program to interact with the nearby environment, such as camera for taking pictures, microphone for speaking into or GPS for look for location.In order for third-party to gain access it needs the user permission for it.

C. Device Metadata
Device Metadata restricts access to data that is not natural, but also reveal some information about the user, user options, and the user method on the mobile device.For example are phones, logs, browser history, and text messages on the device.

IV. PROTECT SENSITIVE DATA
Sensitive data has always been important not only for mobile security but computer relative issues.Some of the common problems with protect sensitive data on the mobile device are if your device get stolen, hacked, or damage.These are three methods that can be used to help the user protect sensitive data from getting out there which are back-up, encryption, and lock plus wipe data.Now for the programming, testing, and application parts to see if protect multiple types of sensitive data.

A. Back-Up
Back-Up is a copy of a file, program, or entire computer system in an event for the original get stolen, hacked, or damage.We are going to test if we can backup file such as, calendar, contacts, SMS, and even phone calls on the mobile device.To see how fast the process and where backup files will go.The way we are going to back-up files is by using a backup agent.
The algorithm 1 labeled "Back-Up Agent Code" shows class name for your backup agent, which is declared in your manifest with the android:backupAgent attribute in the <application> tag [10]

V. EXPERIMENTAL RESULTS
We tested malware program to see whether malware can be removed by looking at coding.The reason we took a look at the coding is to understand how sensitive data can be protected.The methods we used in our research are back-up, encryption, and lock plus wipe data.Fig. 2 shows each method on protecting sensitive data for the mobile device.Many data were tested to see if they can be back-up, encryption, and lock plus wipe data.The results successfully show most of data can work using these three methods such as text message, phone calls, contacts, and etc.However, there are possibility better methods to deal with sensitive data.

A. Conclusion
In this paper we focus on and test sensitive data which can be protected from using a wide range options from back-up files encryption text, and lock plus wipe data.By using these methods and application was successful in protecting sensitive data from getting out in the open.It should not be too many problems to deal with sensitive data on the mobile device.

B. Future Work
There are some future problems in real world mainly in the business world.Since most sensitive data is protected from API.It is easily to avoid other users to get your information.However, it is difficult to tell how sensitive data will treat in the future and how it will change the mobile device.Future work will involve more and better methods on how to protect sensitive data on the mobile device by using more applications and different algorithms.We will focus on the applications such as Cosmos for Smartphones, and Super Backup for backup and protecting sensitive data.Also we will test if sensitive data can be protecting on mobile device using the cloud system.