Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet November 2014.

Published byStewart Brown Modified over 9 years ago

Similar presentations

Presentation on theme: "Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet November 2014."— Presentation transcript:

1 Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet November 2014

2 Emails are a Priority for Enterprises 2 Forrester, December 2011

3 Main Requirements Addressed 3 BYOD Same mobile device for professional and private usages Mobility Access to emails anywhere, anytime Security Mobile devices are more exposed than PCs

4 Mobile OS Market Share Evolution in Q2 2014 4 Operating System 2Q14 Shipment Volume (Mu) 2Q14 Market Share 2Q13 Shipment Volume (Mu) 2Q13 Market Share 2Q14/2Q13 Growth Android255.384.7%191.579.6%33.3% iOS35.211.7%31.213.0%12.7% Windows Phone 7.42.5%8.23.4%-9.4% BlackBerry1.50.5%6.72.8%-78.0% Others1.90.6%2.91.2%-32.2% Total301.3100%240.5100%25.3% Source IDC Worldwide Quaterly Mobile Phone Tracker (August 2014)IDC Worldwide Quaterly Mobile Phone Tracker

5 5 Secure Elements Now and Future MicroSD UICC TEE eSE Badge via contact reader As of today: 10 Million Gemalto smartcard active users 20 Million 3 rd party smartcard active users Next 2 years: Prototypes in progress Badge via NFC Semi- detached credentials Embedded credentials Smart card on a stick Badge via Bluetooth reader Detached credentials In 2 - 5 years: Next generation of handsets BYOD/ mobile desktop will increase needs for Secure Elements Secure Element adoption

6 IDGo 800 Middleware and SDK 6 Other reader drivers NFC driver PKI Crypto Layer API Test tools OTP API 3 rd party client applications Middleware SDK IDPrime cards TEE (*) PC-SC like API (*) OTG: On-The-Go = USB Master TEE: Trusted Execution Environment USB OTG (*) driver Other Secure Elements

7 Supported Readers and Tokens on Android 7 USB On-The-Go port (= USB Master ) or BlueTooth USB Female – Micro USB adaptor or cable BHXT and Feitian readers USB tokens & IDBridge K3000 PC-Link readers Micro USB cable

8 ISE Security Features S/MIME email signature and encryption Encryption algorithms: 3DES, AES256, RSA Signature algorithms: MD5, SHA1, SHA256, SHA512, RSA 8 8 Gemalto middleware and Secure Elements IDGo 800 for Android and associated readers: USB, NFC, BLE, µSD IDPrime MD,.NET and PIV PKI applets SSL / TLS communication with the server

9 Other Features and Benefits Microsoft Exchange ActiveSync (EAS) protocol Synchronization with the native Android Contacts and Calendar Email reception by push or periodical synchronization Support of Global Address List (GAL) Various PKI certificate managements Local validation with the Certification Authority (CA) Validation with the EAS server or OCSP protocol Certificates retrieved from validated emails, (multi) LDAP and EAS server Revocation by Certificate Revocation List (CRL) POP3, IMAP4 and SMTP email protocols for BYOD usage Multi accounts, mailboxes and folders, combined mailbox HTML or plain text email format Group and Search email functions 9 9

10 What is Exchange ActiveSync? EASEAS is a communication protocol that synchronizes emails, calendars, contacts and tasks between email servers and mobile client applications It also provides some Mobile Device Management (MDM) features and security policy controls It is based on XML and HTTP(S) protocols More details… EAS is licensed by Microsoft is the main provider of EAS compliant email servers EAS is supported by Windows Phone, Android, iOS, BB, Gmail, Google Apps, Office 365, Lotus Notes 10

11 What is S/MIME? Secure / Multipurpose Internet Mail Extensions Standard protocol based on X509 PKI certificates Described by several specifications: RFC 3851, 5751, 5652 Present version is S/MIME v3.2 Insures compatibility between the various email applications and servers Main applications Outlook, Mozilla Thunderbird, MacOS Mail, Gmail, OWA Main email server: Microsoft Exchange Active Sync (EAS) 11 S/MIME specifies the email Digital Signature and encryption / decryption

12 S/MIMES/MIME Operations 12 The email is encrypted with the Recipient Public Key and signed with the Sender Private Key The email is decrypted with the Recipient Private Key and the signature is verified with the Sender Public Key

13 Basic Operations 13 Email edition Input mailbox

14 Wide Settings Capabilities 14

15 ISE Roadmap ISE for Android V1.0 November 2014 V1.0 Version 1.0 + Initial version Version 2.0 (to be confirmed) + Database encryption + User authentication + Android version L Q1 2015 V2.0 September 2014

16 Thank you!

Download ppt "Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet November 2014."

Similar presentations

Mobile Devices in the DoD

Mobile Devices in the DoD
Mobile Access: BYOD Trends SCOTT DUMORE - DIRECTOR, TECHNOLOGY, CHANNELS & ALLIANCES AUTONOMY, HP SOFTWARE.

Mobile Access: BYOD Trends SCOTT DUMORE - DIRECTOR, TECHNOLOGY, CHANNELS & ALLIANCES AUTONOMY, HP SOFTWARE.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Office 365 for Enterprises: Pricing & Licensing Overview

Office 365 for Enterprises: Pricing & Licensing Overview
| Copyright© 2010 Microsoft Corporation Quick Start into Activating and Selling Office 365.

| Copyright© 2010 Microsoft Corporation Quick Start into Activating and Selling Office 365.
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards

Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards
A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.

A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Chapter 9 Deploying IIS and Active Directory Certificate Services

Chapter 9 Deploying IIS and Active Directory Certificate Services
Lab4 Part2 Lau Ting Nga Virginia Tsang Pui Yu Wong Sin Man.

Lab4 Part2 Lau Ting Nga Virginia Tsang Pui Yu Wong Sin Man.
eToken PKI Client Overview

eToken PKI Client Overview
70-284 MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.
Mobile Credentials Ennio J. Carboni Product Manager, Keon PKI

Mobile Credentials Ennio J. Carboni Product Manager, Keon PKI
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
An In-Depth Examination of PKI Strengths, Weaknesses and Recommendations.

An In-Depth Examination of PKI Strengths, Weaknesses and Recommendations.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Similar presentations

Ads by Google