Chapter 10. Mobile Device Security

Slides:



Advertisements
Similar presentations
1 Pulsar The Eclipse Mobile Industry Working Group & Sequoyah Nov 6, 2010 Mailing listMailing list:
Advertisements

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.
!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
MANAGING AND SECURING BYOD Legal ITs Next Great Challenge.
Security for Mobile Devices
Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.
MOOC on M4D 2013 I NTRODUCTION TO THE A NDROID P LATFORM Ashish Agrawal Indian Institute of Technology Kanpur.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Case study 2 Android – Mobile OS.
Security issues for mobile devices Cvetko Andreeski.
IOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security – Cydia Substrate Dimitris.
Emerging Platform#4: Android Bina Ramamurthy.  Android is an Operating system.  Android is an emerging platform for mobile devices.  Initially developed.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
Presentation By Deepak Katta
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
Mobile Policy. Overview Security Risks with Mobile Devices Guidelines for Managing the Security of Mobile Devices in the Enterprise Threats of Mobile.
A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
Introduction to Android Swapnil Pathak Advanced Malware Analysis Training Series.
Detecting and Preventing Privilege- Escalation on Android Jiaojiao Fu 1.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
ANDROID Presented By Mastan Vali.SK. © artesis 2008 | 2 1. Introduction 2. Platform 3. Software development 4. Advantages Main topics.
Android for Java Developers Denver Java Users Group Jan 11, Mike
Kacper Rams, Matt Starr, Megan Stephens. Overview BYOD Introduction Risks Controls.
Mobility In the Enterprise Friend or Foe? Bob West, CEO, Echelon One 2012 Workshop on Cyber Security and Global Affairs 20 Junio, 2012 Barcelona, España.
1 Company Proprietary and ConfidentialThe document name can go here Android OS Security Omar Alaql July 8, 2013 Kent State University Android OS Security.
Chapter 3 Software. Learning Objectives Upon successful completion of this chapter, you will be able to: Define the term software Describe the two primary.
ADV. NETWORK SECURITY CODY WATSON What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protections of External Resources.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
ANDROID BY:-AANCHAL MEHTA MNW-880-2K11. Introduction to Android Open software platform for mobile development A complete stack – OS, Middleware, Applications.
Vulnerability Study of the Android Ryan Selley, Swapnil Shinde, Michael Tanner, Madhura Tipnis, Colin Vinson (Group 8)
Android System Security Xinming Ou. Android System Basics An open-source operating system for mobile devices (AOSP, led by Google) – Consists of a base.
Wireless and Mobile Security
By, Rutika R. Channawar. Content Introduction Open Handset Alliance Minimum Hardware Requirements Versions Feature Architecture Advantages Disadvantages.
Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA.
Wireless Mesh Networking or Peer to Peer Technology Andre Lukito – Johnsonsu – Wednesday, 9.
©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals CHECK POINT MOBILE THREAT PREVENTION.
Šarūnas Končius Technology Strategist of Microsoft Microsoft Lithuania.
DeepDroid Dynamically Enforcing Enterprise Policy Manwoong (Andy) Choi
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Android and IOS Permissions Why are they here and what do they want from me?
Mobile Security Solution Solution Overview Check Point Mobile Threat Prevention is an innovative approach to mobile security that detects and stops advanced.
Total Enterprise Mobility Comprehensive Management and Security
The Fallacy Behind “There’s Nothing to Hide” Why End-to-End Encryption Is a Must in Today’s World.
Google. Android What is Android ? -Android is Linux Based OS -Designed for use on cell phones, e-readers, tablet PCs. -Android provides easy access to.
Chapter 6: Securing the Cloud
WELCOME Mobile Applications Testing
Visit for more Learning Resources
Understanding Android Security
Android System Security
Architecture of Android
Who owns your phone? Who feels that they have the right to use your phone for their purposes or on your behalf?
Android Application Permission Manager
CMPE419 Mobile Application Development
CYB 110 Teaching Effectively-- snaptutorial.com
IS4680 Security Auditing for Compliance
Chapter 27 Security Engineering
Draft Proposal for an Eclipse Mobile Development Suite Architecture
Android Introduction Platform Mihail L. Sichitiu.
Understanding Android Security
PLANNING A SECURE BASELINE INSTALLATION
Emerging Platform#3 Android & Programming an App
Getting Started with Android…
In the attack index…what number is your Company?
LM 7. Cellular Network Security
LM 7. Mobile Network Overview
LM 5. Wireless Network Security
Chapter 3 Software.
Presentation transcript:

Chapter 10. Mobile Device Security Dr. Lei Li Note: The content of this slides are adapted from La Polla et. al, 2013 Wireless Security

Road Map Introduction WLAN Security Mobile Security Security Auditing & Risk Analysis Evolution of Wireless Network WLAN Overview Mobile Network Overview Infor. Security Essentials WLAN Threats & Vulnerabilities Cellular Network Security WLAN Security Mobile Devices Security WLAN Security Tools

Learning Objectives After this chapter, student will be able to: Describe the Google Android security architecture Discuss Android security challenges Discuss the exploitation tools for Android Describe Apple iOS security architecture Discuss iOS security challenge Discuss BYOD and its security implication

Android Framework Image source: https://source.android.com/security/ IT4833/6833 Android Framework Image source: https://source.android.com/security/ Building Blocks (I)

Android Security Program Design review Penetration testing and code review Open source and community review Incident Response Monthly security updates Building Blocks (I)

Android Platform Security Architecture Robust security at the OS level through the Linux kernel Mandatory application sandbox for all applications Secure interprocess communication Application signing Application-defined and user-granted permissions

Android Security Challenge Fragmentation Malware Management tool selection User behavior Compartmentalization

Android Exploitation Tools Android SDK AdroRAT Android framework for exploitation

Apple iOS Security Architecture Image source: https://www.apple.com/business/docs/iOS_Security_Guide.pdf

iOS Security Features System security Encryption and data protection App security Network security Apple Pay Internet services Device controls Privacy controls

iOS Security Challenges Internal processes and the difficulties of maintaining security on multiple platforms (mobile or otherwise) with a common code base Slow to offer patches for known vulnerabilities Patches their own software flaws on different schedules for different platforms Jailbreak of iOS relies on exploitation of security vulnerabilities

Bring Your Own Device Devices at work vs. devices for work Increased employee productivity Greater employee satisfaction Security measures to mitigate the risk involved

BYOD Security Policy Essential policies Acceptable use Minimum required security controls for devices Company-provided components Company rights for altering the device Specifying the permissible device types and establishing a stringent security policy Outlining ownership of the apps and data Employee exit Disclosing risks, labilities, and disclaimers

BYOD Security Measures Encryption for data at rest and in transit Application installation control Mobile device management Containerization Blacklisting/whitelisting

References https://source.android.com/security/ https://searchmobilecomputing.techtarget.com/tip/Top-five-Android-device-management-security-challenges Android SDK: https://developer.android.com/studio/index.html AndroRAT: https://geekviews.tech/androrat/ Android Framework for Exploitation: http://airodump.net/android-framework-for-exploitation-afe-an-efficient-framework-for-anroid-exploitation/ https://www.apple.com/business/docs/iOS_Security_Guide.pdf https://tidbits.com/2010/08/09/apples-ios-security-challenges-and-advantages/ https://digitalguardian.com/blog/ultimate-guide-byod-security-overcoming-challenges-creating-effective-policies-and-mitigating

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.