A Secure Portable execution Environment to Support Teleworking

Abstract

Purpose - Teleworking is an established work practice yet often the information security controls in the teleworking location are weaker than those in a corporate office. Security concerns also prevent organisations allowing personnel to telework. This paper presents the design, development and trialling of the Mobile Execution Environment (MEE), a secure portable execution environment designed to support secure teleworking. Design/methodology/approach - The design science research methodology was applied to develop the MEE and this paper is structured using the process elements of the methodology. Findings - In this paper the problem addressed and the design objectives are defined. The design and implementation is discussed and the testing and trialling approach adopted to demonstrate the MEE is summarised. An evaluation of the demonstration results against the design objectives is presented. Research limitations/implications - The MEE is part of an on-going research project using open source software; the structure and functionality of the software can limit or influence the direction of the research. Practical implications - The MEE provides a secure portable execution environment suitable for transaction oriented work performed remotely, e.g. teleworkers performing customer support work. Originality/value - The MEE builds upon the concept of a portable executable OS that uploads onto a PC through an external port. The MEE extends this concept by providing a hardened secure computing environment that is uploaded from a secure storage device or a standard thumb drive (USB flash drive).