Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mobile Device Protocol Sunil Vallamkonda 11/19/2012.

Published byDaniela Lin Modified over 10 years ago

Similar presentations

Presentation on theme: "Mobile Device Protocol Sunil Vallamkonda 11/19/2012."— Presentation transcript:

1 Mobile Device Protocol Sunil Vallamkonda 11/19/2012

2 Previous topics Security: AAA RADIUS, IPSec etc. Virtualization Cloud Technologies Contact: sunil_vall@yahoo.com

3 Discussion Introduction Concepts Trends Q&A Do not cover: Protocol Specifications Vendor details Certificates

4 Background Has existed by vendors: MS update, Sicap Client-Server based technology. Application protocol. Brings features as: o Updates: remote configuration/provision, backup. o Monitor: license, troubleshoot and diagnose. o Accounting: logging and reporting o Tracking: GPS and bread crumb mapping.

5 History

6 Approaches Vendor specific: Smart Message text, NOK- ERIC OTA, etc. OMA groups: CD, inter-op, DM, etc. Models: SaaS, On-site, mixed. BYOD: Hybrid employee/corporate mix.

7 Vendors APPLE: APNS Android: Google: C2DM Air-watch: ActiveSync Black berry: Push Availability: -Specs -APIs -Implementation -Reference deployments

8 Vendors (contd)

9 Competition

10 BYOD From recent AT&T survey: 40% of small business employees use smartphones for work and two-thirds use tablets…: BYOD survey: (source: Ponemon Institute): 51% of Organizations lose data through mobile devices.

11 IPCU

12 Challenges Centrally Manage Security: BYOD identity, access rights, privileges, etc. Scalability: Apps, Devices, Users. Complexity: Policies Vendor Variances: iOS, Android, ActiveSync, Windows Phone, Black berry etc. Enterprises: requirements and use case life cycles. Roles, multi-tenants. Compliances !

13 Process

14 Packet

15 Check-in

16 Pkt Trace

17 Trace (contd)

18 Push Notification Device needs to have match three items in order for a push notification to trigger an MDM response, viz; The Device Token (without which the notification will never reach the device), and the Push Magic token (without which the MDM client will just discard the notification). Finally, the Subject Name / User ID field in the push notification certificate used to sign the notification must match the Topic field in the MDM profile.

19 Schema

20 Device-MDM

21 Notif (contd)

22 Command sequence

23 Commands First, Device must make persistent connection to APNS Server. Then for every MDM server command:

24 plist

25 iOS MDM commands

26 plist

27 plist response

28 Device Lock

29 iOS security model

30 iOS Keybag

31 Example: File key wrapping (iOS)

32 Sample: Evil Maid attack

33 Specs For PUSH: Apple: gateway.push.apple.com port 2195 Devices: TCP port 5223 MDM port: defined by MDM profile

34 MDM limitations User can terminate MDM relationship. Multi-user model not supported. Jailbreak cannot be detected. Location service not available. App features very minimal. Security: command auth optional, accepts any cert with trusted root, etc. Malware install attacks: push webclip, etc., DoS Attacks. Delays and bugs and etc. MDM profile issues…

35 References http://www.openmobilealliance.org/ http://developer.apple.com/ http://zdnet.com http://www.interpidusgroup.com/ http://developers.google.com/ http://enterpriseios.com http://ey.com http://samsung.com http://google.com http://microsoft.com http://shmoocon.org/

Download ppt "Mobile Device Protocol Sunil Vallamkonda 11/19/2012."

Similar presentations

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
MANAGING AND SECURING BYOD Legal ITs Next Great Challenge.

MANAGING AND SECURING BYOD Legal ITs Next Great Challenge.
Enable Bring Your Own Device with SCCM 2012 David Caddick Solutions Architect, Quest Software WCL315.

Enable Bring Your Own Device with SCCM 2012 David Caddick Solutions Architect, Quest Software WCL315.
Security for Mobile Devices

Security for Mobile Devices
November 14, 2012 Securely Manage your devices, applications and data. Deploy your corporate policies on smart devices. Comply with Regulatory Laws. Detroit.

November 14, 2012 Securely Manage your devices, applications and data. Deploy your corporate policies on smart devices. Comply with Regulatory Laws. Detroit.
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
Securely connecting users and applications from anywhere to anywhere in todays global economy. www.arraynetworks.com 1-866-MY-ARRAY DesktopDirect Bring.

Securely connecting users and applications from anywhere to anywhere in todays global economy MY-ARRAY DesktopDirect Bring.
IBM Endpoint Manager for Mobile Devices Mobile Device Management

IBM Endpoint Manager for Mobile Devices Mobile Device Management
Mobile Protection Overview

Mobile Protection Overview
People Centric IT Unified Device Management with SCCM + Windows Intune

People Centric IT Unified Device Management with SCCM + Windows Intune
New Release Announcements and Product Roadmap Chris DiPierro, Director of Software Development April 9-11, 2014

New Release Announcements and Product Roadmap Chris DiPierro, Director of Software Development April 9-11, 2014
Designing Enterprise Mobility Cortado Corporate Server.

Designing Enterprise Mobility Cortado Corporate Server.
© 2009 VMware Inc. All rights reserved VMware Horizon Mobile Intro - NetHope Deepak Puri Director Mobile Business Development +1 (415) 606-4416

© 2009 VMware Inc. All rights reserved VMware Horizon Mobile Intro - NetHope Deepak Puri Director Mobile Business Development +1 (415)
What’s new in this release? September 6, 2012. Milestone Systems Confidential Milestone’s September release 2012 XProtect ® Web Client 1 Connect instantly.

What’s new in this release? September 6, Milestone Systems Confidential Milestone’s September release 2012 XProtect ® Web Client 1 Connect instantly.
Avaya – Proprietary. Use pursuant to the terms of your signed agreement or Company policy. idEngines® Avaya Identity Engines And Mobile Device Management.

Avaya – Proprietary. Use pursuant to the terms of your signed agreement or Company policy. idEngines® Avaya Identity Engines And Mobile Device Management.
6218 Mobile Devices- Are They Secure Enough for our Patient's Data? Presented By Aaron Hendriks, CISSP Other: Employee of University Health Network, Toronto,

6218 Mobile Devices- Are They Secure Enough for our Patient's Data? Presented By Aaron Hendriks, CISSP Other: Employee of University Health Network, Toronto,
Managing and Securing Devices using Exchange, System Center, and Intune LAWRENCE NOVAK MICHAEL INDENCE DMVMUG Reston, VA

Managing and Securing Devices using Exchange, System Center, and Intune LAWRENCE NOVAK MICHAEL INDENCE DMVMUG Reston, VA
iOS & other Android devices KNOX EMM (Client) Cloud Service Active Directory integration (Optional) Mobile Device & App Management MDM IAM Samsung Device.

iOS & other Android devices KNOX EMM (Client) Cloud Service Active Directory integration (Optional) Mobile Device & App Management MDM IAM Samsung Device.
IPads Everywhere! Management Considerations for the Enterprise Bill Morrison Director of Technology, Rapides Parish School District

IPads Everywhere! Management Considerations for the Enterprise Bill Morrison Director of Technology, Rapides Parish School District
Desktop Central Managing Desktops, Servers & Devices Romanus Prabhu R Technical Account Manager LinkedIn : romanus.prabhu.

Desktop Central Managing Desktops, Servers & Devices Romanus Prabhu R Technical Account Manager LinkedIn : romanus.prabhu.

Similar presentations

Ads by Google