Multiplatform Usable Endpoint Security

The overall purpose of MUSES is to foster corporate security by reducing the risks introduced by user behaviour.Data security and privacy are of fundamental importance to organizations, where they are defined and managed via Security Policies. Most security incidents are caused by organization insiders, either by their lack of knowledge or inadequate or malicious behaviour.Nowadays information is highly distributed amongst corporate servers, the cloud and multiple per-sonal devices like PDAs, tablets and smart phones. These are not only information holders but also user interfaces to access corporate information. Besides, the Bring Your Own Device practice is becoming more common in large organisations, posing new security threats and blurring the limits between corporate and personal use.In this situation enforcement of Security Policies is increasingly difficult, as any strategy with a chance to succeed must take into account several changing factors: information delocalisation, access from heterogeneous devices and mixing of personal and professional activities. Besides, any mechanism or control must be user friendly and provide non-intrusive, clear feedback on the risk being incurred at any time.MUSES will provide a device independent, user-centric and self-adaptive corporate security system, able to cope with the concept of seamless working experience on different devices, in which a user may start a session on a device and location and follow up the process on different devices and locations, without corporate digital asset loss.During project development, metrics of usability, context risk evaluation, user current trust situation and device exposure level will be defined and several guidelines for design of secure applications, company policies and context-based security requirements will be produced. A real-time trust and risk analysis engine will also be developed with security mechanisms hard to compromise once installed on the target platforms