| dc.description.abstract | With the rapid development of smart phones, more and more employees are able to carry their own mobile devices to work now, and it derivatives "Bring Your Own Device (BYOD)" phenomenon. Under BYOD, enterprise would want to ensure that the corporate’s information is not abused by employees, so enterprise introduces powerful security systems to do the protection. However, employees concerned about privacy issues the most, but existing architectures do not take it into considerations. Therefore, in order to protect corporate’s information against illegally accessing by employees, but also to pay more attention to protect the privacy of employees while privacy information will not be violated by enterprise, we propose a system architecture to simultaneously protect corporate’s and employee’s data security, to achieve a win-win situation. In this study, business and employees both sides can protect their information by identifying the label, and by using these labels to develope security policies. We use the "Information Flow Tracking" mechanism to monitor the flow of information on mobile devices, and simultaneously check the situation with the security policy, to ensure real-time information on usage is indeed comply with security policy. In the end, we use a number of experiments to prove the functionalities, while corporate’s or employee’s data violate to the policy, our architecture is able to instantly detect it, and do the follow-up of the data protection operations, to protect both employee’s privacy and corporate’s security. | en_US |