Security Design for Configuration Management of Android Devices

In recent years, due to increasing popularity of mobile devices and the mobile Internet service, as well as device functions becoming more diverse and powerful, ensuring device security is gradually being taken seriously. Vulnerabilities of mobile devices are mostly caused by improper configuration settings, therefore, remediation of these settings can reduce vulnerabilities and thus improve system security. This research created a configuration management system for Android mobile devices that complies with Google Compatibility Definition Document (CDD) based on the Security Content Automation Protocol (SCAP) proposed by the National Institute of Standards and Technology (NIST) and conforms to the CIS Google Android OS Benchmark test items. The objective of this research is to reduce the vulnerabilities generated in the system due to incorrect user configuration settings and to uphold information security in Android mobile devices.