Reviewed introduction to Chapter 2 and linked to introduction. Refere…

…nces #5

Chapters/02-byodSotA.tex

@@ -8,6 +8,17 @@
 \minitoc\mtcskip
 \vfill
 
+\lettrine{T}{he} way how users employ their devices has changed in the past few years; even the number of different devices per user is increasing because of the so-called Internet of Things \cite{weber2010internet}. Thanks to it, users have more flexibility since they can now use their devices to access company assets and continue working outside of the workplace. To allow this way of working, companies have started to adopt what has been called the Bring Your Own Device (BYOD) philosophy.
+
+But data security and privacy are key factors for a company, and thus, in order to protect them, it is usual that the Chief Security Officer (CSO) of a company defines a set of Organizational Security Policies \cite{Opp_Security11}. Allowing a BYOD environment implies taking care of the risks that the use of personal devices can bring to
+the company \cite{gangula2013survey}. For instance, the mixture between personal and professional information in these devices would allow the user to navigate inside social networks, where important data could be leaked in the event of a security incident.  
+
+In this scenario several solutions that manage corporate security have appeared. Most of them are geared for both smartphones and desktop PCs, although some are implemented only for a certain platform. However, almost all of them try to be non-intrusive with regards to users' personal data, friendly, and easy to use.
+
+Even with the help of those solutions, it has been demonstrated that employees who ignore company security policies are the main hazard for company security \cite{Adams_Users05}. In this situation, the tools that are appearing in the market aim to cope with the concept of seamless working experience on different devices. This concept is a methodology of work which allows users to start, or continue a working session, over multiple devices and locations, without any significant loss of data. This new situation has a big impact from the point of view of the security \cite{Schu_SecPatterns05}, since company data borders have changed in the last years. Therefore, now the users can access important data from outside the enterprise, and possibly through a non completely secure channel.
+
+As mentioned earlier, in the introduction, the aim of this thesis is to create a methodology that extracts knowledge and present it in the form of rules that the CSO can include in the initial, fixed set of security policies. To this end, in this chapter we start by giving numbers about the usage of personal devices by the workforce during working time, and how are the companies coping with the BYOD philosophy. Also, in this chapter we we propose a taxonomy to classify the features of BYOD systems. This taxonomy is used to present an overview of BYOD security solutions. Finally, we introduce a BYOD system named MUSES, from Multi-platform Usable Endpoint Security, which is being developed within an European Project\footnote{\url{http://musesproject.eu/}} of the same name. MUSES is a dev\-ice\--in\-de\-pen\-dent end-to-end user-centric tool, based on a set of security rules defined as specifications of the Corporate Security Policies. Then, a comparison between these tools and MUSES is conducted, focusing on the advances beyond the state of the art that this novel system includes.
+
 \section{Preliminary concepts and background about enterprise security}
 \label{sec:preliminaryconcepts}
 

FrontBackmatter/Bibliography.tex

@@ -11,4 +11,4 @@
 %\bibliographystyle{plainnat}
 \bibliographystyle{babplain-fl}
 \label{app:bibliography}
-\bibliography{tesis} 
+\bibliography{tesis,review_muses}