Identity management and user authentication approach for the implementation of bring your own device in organizations
Recent years have seen gradual and systematic acquisition of devices by individuals and using of them as both personal and corporate devices. With the rapid development of new technological enhancements, there has been a shift in the way organizations and employees carry out their business. It is this rapid change from the traditional way of doing office work and/or business that has necessitated the adoption of new practices such as BYOD. To this effect then, corporates are faced with new security and privacy challenges in today’s mobile environment one among many being Identification, Authentication, Authorization and Access Control of the users. The research aimed to delve into the factors such as Mobile Device Security Models and Architectures, and current solutions that are being implemented when adopting BYOD whilst considering their strengths and weakness. This analysis of strengths and weakness is what showed that the current solutions are mainly device, data and/or application-centric and have not taken into consideration that illegitimate access to corporate systems can be made via the use of legitimate device and application by unauthorized users. The proposed device identity and user authentication management system is a strong hybrid of the device identity and user authentication solutions that sought to have an augmented solution there by having security in depth in the BYOD environment. The solution used the combination of the unique Media Access Control address and the device owners’ personal phone numbers which were concatenated for identification and authentication of the user device and its respective owner whereas an access control register was used for access authorization thereafter. The test results were discussed elaborately for clarity and to give merit for the need of this research work. The prototype tests were based on functional and non-functional requirements of the system. Sampling of the eventual testing results shows an average of 72.8% acceptability margin and potential of quick adoption among users which indicated a positive response to the implementation of the solution.