Vivek-Vijayan University of Tennessee at Chattanooga.

Slides:



Advertisements
Similar presentations
Sophos Mobile Control SophSkills Session Name: Thomas Lippert – Product Management DPG Date: 17-Feb-2011.
Advertisements

Digital Certificate Installation & User Guide For Class-2 Certificates.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)
Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.
Avaya – Proprietary. Use pursuant to the terms of your signed agreement or Company policy. idEngines® Avaya Identity Engines And Mobile Device Management.
Sophos Mobile Control. Tablets on the rise 2 Trends 3 75% of 157 polled companies encourage employee owned smart phones and tablets to access corporate.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Locking the Backdoor: Computer Security and Medical Office Practice Dr. Maury Pinsk, FRCPC University of Alberta Division of Pediatric Nephrology.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
CMPTR1 CHAPTER 3 COMPUTER SOFTWARE Application Software – The programs/software/apps that we run to do things like word processing, web browsing, and games.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Maintaining and Updating Windows Server 2008
Android Security What is out there? Waqar Aziz. Android Market Share - I 2.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Installing and Troubleshooting Hardware Device and Drivers Chapter 6 powered by dj.
Presentation By Deepak Katta
The Study of Security and Privacy in Mobile Applications Name: Liang Wei
Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
Mobile Operating System Security A PRESENTATION BY DANIEL ADAMS CSC 345 DR. BOX.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Introducing Quick Heal Endpoint Security 5.2. “Quick Heal Endpoint Security 5.2 is designed to provide simple, intuitive centralized management and control.
Ken Dorsey KA8OAD. What is EchoLink? The simple answer is EchoLink software uses VoIP technology to link ham radio stations together around the world.
 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영
1 NETE4631 Mobile Cloud Computing Lecture Notes #10.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Computer and Information Sciences
Controlling Files Richard Newman based on Smith “Elementary Information Security”
Types of Electronic Infection
Protecting and Sharing Documents Lesson 13. Objectives.
ADV. NETWORK SECURITY CODY WATSON What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protections of External Resources.
Small Business Security Keith Slagle April 24, 2007.
Convenience product security Collin Busch. What is a convenience product? A convenience product is a device or application that makes your life easier.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Wireless and Mobile Security
The world leader in serving science Overview of Thermo 21 CFR Part 11 tools Overview of software used by multiple business units within the Spectroscopy.
Understand Permissions LESSON Security Fundamentals.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Cybersecurity Test Review Introduction to Digital Technology.
TCS Internal Security. 2 TCS Internal Objective Objective :  Android Platform Security Architecture.
4P13 Week 5 Talking Points 1. Security Provided by BSD a self-protecting Trusted Computing Base (TCB) spanning kernel and userspace; kernel isolation.
KASPERSKY INTERNET SECURITY multi-device  Average number of devices in households: 4.5  Consumer device diversity will continue to expand.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
© 2014 IBM Corporation Mobile Customization & Administration IBM Connections 5.0 Workshop Author: Paul Godby IBM Ecosystem Development Duration: 30 minutes.
Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
Phase 4: Manage Deployment
DATA SECURITY FOR MEDICAL RESEARCH
Instructor Materials Chapter 7 Network Security
Outline What does the OS protect? Authentication for operating systems
Power BI Security Best Practices
Security of Mobile Operating Systems
Outline What does the OS protect? Authentication for operating systems
Lesson #8 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 8 Configuring Applications and Internet Explorer.
CHAPTER 2: OPERATING SYSTEMS (Part 2) COMPUTER SKILLS.
Securing Windows 7 Lesson 10.
PLANNING A SECURE BASELINE INSTALLATION
Designing IIS Security (IIS – Internet Information Service)
Test 3 review FTP & Cybersecurity
Presentation transcript:

Vivek-Vijayan University of Tennessee at Chattanooga

 Web based and network based attacks: The mobile device is connected to the internet, browsing websites with malicious content.  Malware: traditional viruses, worms and trojan horses.  Social engineering attacks: phishing. Also used to install malware.  Resource and service availability abuse: botnet, spamming, overcharging (SMS and calls).  Attacks on the integrity of the device’s data: malicious encryption with ransom, modification of data such as address book.

 Traditional Access Control  Application Provenance  Encryption  Isolation  Permissions-based access control

 Traditional Access Control: This mechanism seeks to protect devices using techniques such as passwords and idle-time screen locking.  Application Provenance: is an approach where each application is stamped with the identity of its author and made tamper resistant (eg: digital signature). Thus enabling a user to decide to use or not to use the application based on the identity of the author.  Encryption: is a approach to conceal data on the device to address device loss or theft.  Isolation: limits applications ability to access sensitive data or systems on a device.  Permission-based access control: grants set of permissions to each application, limiting each application to access device data/systems within the scope of the permission. Blocks the application if it attempts to perform actions exceeding the permissions given.

Apple iOS  I OS provides traditional access control security options, which include password configuration options such as account lockout options. Example: The strength of the passcode can be chosen by the administrator and the administrator can also specify how frequently the user can update the passcodes, and the maximum number of failed login attempts before the device wipes itself. An droid  Android provides password configuration options, which include specifying the strength of the device passcode, phone’s lockout time span, failed login attempts before device wipes data, indication of password expiration, enabling administrators to compel users to update their passwords on a regular basis.

Apple’s iOS  The access control feature of the iOS provides a reasonable level of security for the devices data in the event of loss or theft.  The iOS is in par with traditional windows based desktops in this scenario. Android  The password policy system is sufficient to protect devices against casual attacks.  The previous versions of Android do not encrypt data stored on removable SD memory card, thus allowing the attacker to eject the SD memory card, and obtain the data by bypassing all password controls.

Apple iOS  Before releasing the software to iPhone, iPod, and iPad users. The developer goes through a registration process with apple and pay an annual licensing fee. The developers then “digitally sign” each app with an apple-issued digital certificate before its release. This signing process of the developer into the app proves that the app author is an apple-approved developer and the app’s logic cannot be tampered with after its creation by the developer. Through App Store  The developer submits the app for a cerifitcation by apple – approval process takes one or two weeks and then the app is deployed into the app store.  If the app is found malicious or any violation of license agreement occurs, the app is removed from the appstore, but no automated mechanism has been implemented to remove the app from the devices (iphone/ipad) after it has been installed.

Android  Google undermines both the goals of ensuring that the app’s logic is not tampered with and to allow the user of the app to determine the identity of the app’s author.  Android OS only installs and runs apps that have been properly signed with a digital cerificate. Unlike apple software developers need not apply to google to obtain a code-signing certificate, thus the developer can generate their own signing certificates.  This results in an malware author generating anonymous digital certificate, and no certificate or malware signed with google that can be tracked back to the author. Through google’s android market  For developers to sell their apps on android marketplace, a 25$ fee is charged via credit card, thus allowing google to associate the payee with the digital ceritificate, which may reduce the chances of distribution of malicious apps (if the developer uses his own credit card).

Apple iOS  Apple’s approach is effective as - The developer must register and pay to obtain a signing certificate from apple, which makes it more easy to identify if any malicious activities are performed. - Each and every application is tested before submission to the app- store. - Apple’s code signing model prevents tampering with published apps. Android  Since no single authority evaluates or verifies all Android apps, attackers are more likely to release attacks without worrying of getting caught.

Apple iOS  The iOS uses a hardware accelerated AES-256 encryption to encrypt all data stored in the flash memory of the device.  The iOS protects specific additional data items, such as using an additional layer of encryption.  Within 10 seconds of the device locking, the decryption keys for files in device are discarded. Android  Android recently began offering built in encryption in 3.0, earlier versions of android contain no encryption capability, instead to rely on islolation and permissions to safeguard data. A simple jailbreak of an android phone, or theft of device’s SD card can lead to significant loss of data.

Apple iOS  iOS operating system isolates each app from every app on the system.  The apps are not allowed to modify or view each other’s data, or even know if other apps exist on the OS, nor can they access the OS kernel, nor install privileged driver’s or obtain root level administrator access to the device.  The apps are also isolated from the phone’s SMS, in-out box and other attachments. Android  Like iOS, Android employs a strong isolation system. It not only isolates apps from each other but also prevents apps from accessing or modifying the OS kernel, ensuring the app doesn’t get admin control over a device.

Blackberry (BB10):  introduces us to Blackberry Balance. Balance allows organizations to create isolation between personal and work environments on a device. Additional logical security is used to keep personal applications, files and network separate from the work environment.  When Balance is enabled, workspace is automatically encrypted, leaving personal environment unencrypted. Windows Phone 8:  WP8 uses the Unified Extensible Firmware Interface for secure boot, ensuring devices do not load rooted or unauthorized system images.  WP8 apps run in isolated “chambers”, which are similar to sandbox. Chambers keep applications and their data separate from one another.  The data between the applications is shared in the cloud and not on the device.

Apple iOS  The iOS denies access under all circumstances to many of the device’s sensitive subsystems. Thus increasing the security of iOS based devices since it removes the user from security decision- making process.  The above process also limit’s each applications functionality, potentially limiting the utility of certain classes of iOS apps. Android  The Android permission system relies on the user to make all policy decisions and decide whether an apps requested combination of permission is safe or not.

 ecurity-mobile_management, html ecurity-mobile_management, html  obile-security-summit-10-mobile-risks obile-security-summit-10-mobile-risks  tip/Data-and-device-encryption-on-iOS- Android-Windows-Phone-and-BlackBerry