Presentation is loading. Please wait.

Presentation is loading. Please wait.

05-05-2005Sujeeth Narayan1 Smartphones Security CS 691 Sujeeth Narayan.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "05-05-2005Sujeeth Narayan1 Smartphones Security CS 691 Sujeeth Narayan."— Presentation transcript:

1 05-05-2005Sujeeth Narayan1 Smartphones Security CS 691 Sujeeth Narayan

2 05-05-2005Sujeeth Narayan2 Agenda Part 1 - Introduction to Smartphones Part 2 - Security Issues Part 3 - Unified Framework Part 4 - New Authentication Method Part 5 - Conclusion

3 05-05-2005Sujeeth Narayan3 Motivation A developing Technology Industry Security is unstable in Mobile phones Easy to Test

4 05-05-2005Sujeeth Narayan4 Part 1: Introduction to Smartphones

5 05-05-2005Sujeeth Narayan5 What are Smartphones? Includes : Vocal Communications – GSM,GPRS Web Browsing eMail Organizer Functions Multimedia Capabilities Media Player Audio, Video Recorder Camera

6 05-05-2005Sujeeth Narayan6 Smartphones Internals Capabilities : Personal Information Management Synchronize using protocols such as ActiveSync, IntelliSync Connect using Bluetooth, IrDA or GPRS Operating Systems : Windows Mobile TM - Audiovox SMT 5600 Symbian (Linux) – Motorola A760

7 05-05-2005Sujeeth Narayan7 OS Architecture

8 05-05-2005Sujeeth Narayan8 Based on Operating System – Bugs, Security Holes Data Security – PIN exists but not applied for data Risks related to Inherent Characteristics

9 05-05-2005Sujeeth Narayan9 Risks related to Users Mobile usage Surveyby Pointsec Mobile Technologies Ease to synchronize data with Personal Computer Not Enough Data Security

10 05-05-2005Sujeeth Narayan10 Risks related to Networks Bluetooth : Short range wireless connections Has Security specification but not used many users. Setting Bluetooth Service in Discoverable Mode Possible Attacks: BTBrowser scans for nearby Bluetooth devices and Browses Directories Buffer overflows attacks in some response messages Bluejacking : Putting a message in place of ones device name Sending with a pairing request With a prompting message, the victim presses a key Victim would be allow attacker to access files

11 05-05-2005Sujeeth Narayan11 Risks related to Networks GPRS (General Packet Radio Service) : Works on Radio waves Work with Internet connectivity Possible Attacks: Attacks from Internet – eMails, Messenger Messages Compromised backbone of GGSN – Gateway GPRS Support Node

12 05-05-2005Sujeeth Narayan12 Enterprises Security Policy Banning use of Personal Smartphones Unrealistic Impossible to physically control Should Define: Synchronization Use of devices in public places (Deactivate Bluetooth) Information Exchange between Device and Enterprise System

13 05-05-2005Sujeeth Narayan13 USF - Unified Security Framework Driven by: NIST – National Institute of Standard and Technology CSRC – Computer Security Resource Center Published on June 2004 http://csrc.nist.gov/mobilesecurity/Publications/PP-UNIsecFramework-fin.pdf

14 05-05-2005Sujeeth Narayan14 User Authentication – The first line of defense for an unattended, lost, or stolen device. Multiple modes of authentication increase the work factor for an attacker. Content Encryption – The second line of defense for protecting sensitive information. Policy Controls – Policy rules, enforced for all programs regardless of associated privileges, protect critical components from modification, and limit access to security-related information. USF- Addresses Issues

15 05-05-2005Sujeeth Narayan15 Part 4: New Authentication Method

16 05-05-2005Sujeeth Narayan16 Picture Password : A Visual Login Technique for Mobile Devices http://csrc.nist.gov/publications/nistir/nistir-7030.pdf Wayne Jansen, Serban Gavrila, Vlad Korolev, Rick Ayers, Ryan Swanstrom

17 05-05-2005Sujeeth Narayan17 Method: Extracting the selection of Images Matrix Formation of Images Associated value for each image Generate equivalent Password Extracting the characteristics of Image ???

18 05-05-2005Sujeeth Narayan18 Part 5: Conclusion

19 05-05-2005Sujeeth Narayan19 Smartphones are complex in Architecture and Design Network protocols are complex to implement Technology is growing and possibly more weaknesses discovered Organizations should consider these devices in policy making Conclusion

20 05-05-2005Sujeeth Narayan20 References http://csrc.nist.gov/mobiledevices/projects.html http://www.wirelessdev.net http://www.smartphonethoughts.com http://www.AirScanner.comhttp://www.AirScanner.com -Mobile Firewall and Antivirus http://www.PointSec.comhttp://www.PointSec.com - Mobile Security Software

21 05-05-2005Sujeeth Narayan21 Questions ??

Download ppt "05-05-2005Sujeeth Narayan1 Smartphones Security CS 691 Sujeeth Narayan."

Similar presentations

INTRODUCTION TO COMPUTER NETWORKS Zeeshan Abbas. Introduction to Computer Networks INTRODUCTION TO COMPUTER NETWORKS.

INTRODUCTION TO COMPUTER NETWORKS Zeeshan Abbas. Introduction to Computer Networks INTRODUCTION TO COMPUTER NETWORKS.
Slide 1 Electronic Communication 2.01: Recall components of electronic communication.

Slide 1 Electronic Communication 2.01: Recall components of electronic communication.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
The Natural way for Secure Mobile Email v.1.4 www.AGATSolutions.com.

The Natural way for Secure Mobile v.1.4
For further information computersecurity.wlu.ca

For further information computersecurity.wlu.ca
Meraki Mobile Device Management

Meraki Mobile Device Management
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
Cell Phone Trends By Valentin Kifumbi. Overview Old cell phone Make calls Big No features New cell phone More features Small Different purpose.

Cell Phone Trends By Valentin Kifumbi. Overview Old cell phone Make calls Big No features New cell phone More features Small Different purpose.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
SmartPhones Student 1 Student 2 Student 3. SmartPhone Definition “A SmartPhone is one device that can take care of all your handheld computing and communication.

SmartPhones Student 1 Student 2 Student 3. SmartPhone Definition “A SmartPhone is one device that can take care of all your handheld computing and communication.
INTRODUCTION TO COMPUTER NETWORKS INTRODUCTION Lecture # 1 (

INTRODUCTION TO COMPUTER NETWORKS INTRODUCTION Lecture # 1 (
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.

MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Bluetooth Jennifer Portillo Thomas Razo Samson Vuong By Sonny Leung.

Bluetooth Jennifer Portillo Thomas Razo Samson Vuong By Sonny Leung.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services

Similar presentations

Ads by Google