DeepDroid Dynamically Enforcing Enterprise Policy Manwoong (Andy) Choi 6440429.

Slides:

Advertisements

Similar presentations

User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)

Advertisements

MOOC on M4D 2013 I NTRODUCTION TO THE A NDROID P LATFORM Ashish Agrawal Indian Institute of Technology Kanpur.

© 2009 VMware Inc. All rights reserved VMware Horizon Mobile Intro - NetHope Deepak Puri Director Mobile Business Development +1 (415)

Aurasium: Practical Policy Enforcement for Android Applications By Yaoqi USENIX Security Symposium 2012.

Sophos Mobile Control. Tablets on the rise 2 Trends 3 75% of 157 polled companies encourage employee owned smart phones and tablets to access corporate.

Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.

Security and Personnel

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.

Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Chapter 7 Database Auditing Models

William Enck, Machigar Ongtang, and Patrick McDaniel.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

Authors: William Enck The Pennsylvania State University Peter Gilbert Duke University Byung-Gon Chun Intel Labs Landon P. Cox Duke University Jaeyeon Jung.

All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영

Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.

Presented by Amlan B Dey.  Access control is the traditional center of gravity of computer security.  It is where security engineering meets computer.

ANDROID Presented By Mastan Vali.SK. © artesis 2008 | 2 1. Introduction 2. Platform 3. Software development 4. Advantages Main topics.

Harris Schneiderman Account Manager Kloud Solutions.

DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.

Introduction + Track Time is a enterprise grade web based software with robust features to simplify Time.

Extending Forefront beyond the limit TMG UAG ISA IAG Security Suite

© 2009 Research In Motion Limited Advanced Java Application Development for the BlackBerry Smartphone Trainer name Date.

CloudAppSec : Cloud Based Application Security for Android Applications Animesh Nandanwar Kshitij Desai Mayuresh Randive

AppShield: A Virtual File System in Enterprise Mobility Management Zhengyang Qu 1 Northwestern University, IL, US,

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.

OCTAVE-S on TradeSolution Inc.. Introduction Phase 1: Critical Assets and threats Phase 2: Critical IT Components Phase 3: Changes Required in current.

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

Android Security Extensions. Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care…until.

Enterprise Solutions Chapter 12 – Mobility and Its Need in an Enterprise.

Chapter 2 Securing Network Server and User Workstations.

Securing Your Enterprise with Enterprise Manager 10g Amir Najmi Principal Member of Technical Staff System Management Products Oracle Corporation Session.

Leave Me Alone: App- level Protection Against Runtime Information Gathering on Android NAN ZHANG, KAN YUAN, MUHAMMAD NAVEED†, XIAOYONG ZHOU AND XIAOFENG.

Android System Security Xinming Ou. Android System Basics An open-source operating system for mobile devices (AOSP, led by Google) – Consists of a base.

Wireless and Mobile Security

The Claromentis Digital Workplace An Introduction

LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►

Mobile Security Tom Taylor. Roadmap Security Risks Security Risks Examples of Attacks Examples of Attacks Personal Protection Personal Protection Business.

By : Abhishek Verma Main Topics : 1. Introduction 2. Platform 3. Software Development 4. Overall Evaluation.

Java & The Android Stack: A Security Analysis Pragati Ogal Rai Mobile Technology Evangelist PayPal, eBay Java.

Welcome Information Security Office Services Available to Counties Security Operations Center Questions.

#SummitNow Managing Mobile Content Wednesday 13 th November 2013 Mike Hatfield, Lead Engineer Mobile Apps, Alfresco Marc Dubresson, Dir. Mobile Product.

Your data, protected and under control wherever they go SealPath Enterprise – IRM

COMPSCI 702 DeepDroid Dynamically Enforcing Enterprise Policy on Android Devices Presenter: Jie Yuan (Jeff)

The Fallacy Behind “There’s Nothing to Hide” Why End-to-End Encryption Is a Must in Today’s World.

ANDROID ACCESS CONTROL Presented by: Justin Williams Masters of Computer Science Candidate.

How to Enable Account Key Sign Instead Of Password In Yahoo? For more details:

Barracuda Mobile Device Manager

Understanding Android Security

Boxify: Full-fledged App Sandboxing for Stock Android

AUDACIOUS: USER DRIVEN ACCESS CONTROL WITH UNMODIFIED OPERATING SYSTEM

Outline What does the OS protect? Authentication for operating systems

AppShield: Enabling Multi-entity Access Control Cross Platforms for Mobile App Management Zhengyang Qu1, Guanyu Guo2, Zhengyue Shao2, Vaibhav Rastogi3,

Microsoft Ignite /18/2018 8:30 PM BRK2065

A Fast Track into Device Guard

Power BI Security Best Practices

Outline What does the OS protect? Authentication for operating systems

Suwen Zhu, Long Lu, Kapil Singh

County HIPAA Review All Rights Reserved 2002.

CS-3013 Operating Systems Hugh C. Lauer

Understanding Android Security

Microsoft Data Insights Summit

Presentation transcript:

DeepDroid Dynamically Enforcing Enterprise Policy Manwoong (Andy) Choi

Introduction Motivation: Company’s require a means of limiting access to resources in mobile devices belonging to employees to protect company assets.  Android  market share of 81%  “all-or-nothing” installation option  continuous access of approved permissions  Solutions  Android 4.3, experimental feature called “App Ops”  Device Administration APIs provided by Google  DeepDroid

Android Resource Access  Resource Access through Android Middleware  Resource Access through Linux kernel  Binder encapsulates inter-process communication (IPC) messages and interprets them to corresponding procedure calls  system_server acts as permission checking center with built-in permissions  Native code can bypass middleware permission checking mechanism  Group of IDs which are responsible for determining accessible resources for the app

DeepDroid  Portability  Fine Granularity  Trustworthy  Ease to Use  Solution is deployed on different Android versions and devices with minimum configuration  Various enterprise policies are supported by supervising and regulating  Access control policy rules are strictly enforced, so that no app can violate any rules  How easy the solution is deployed on different Android versions and devices

DeepDroid Enterprise Policy Center  Authenticate mobile devices  Distribute enterprise policies  Monitor mobile devices DeepDroid On-device  Device Monitor  Bridge between the mobile device and Enterprise Policy Center  Privilege Enforcement  Authorises access privilege to apps  Permission Configurator - middleware  Process Creation Guard - kernel  Context Enforcement  Monitor resource access  Trace system calls to regulate app operations  Policy Engine  Stores and maintains policy rules

Evaluations & Results Functional EvaluationPortability Evaluation Performance Evaluation

Summary  Dynamic enterprise security policy enforcement scheme on Android  Memory instrumentation  Evaluation  Portable  Negligible performance overhead

Criticism  Collusion Attack  Combination of privileges to cause malicious behavior  Communication through a covert channel  Policy rules are user defined  In report assumed to be trustworthy  May not be the case, no tracking of policies

Questions????