Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mobile Device Security

Published bySamson Malone Modified over 9 years ago

Similar presentations

Presentation on theme: "Mobile Device Security"— Presentation transcript:

1 Mobile Device Security
Common Mobile OS Android iOS Windows Mobile Symbian ? RIM (Blackberry)? Who are attackers targeting? In 2013 Android accounts for "nearly all mobile malware." -- McAfee report

2 Android The good  built on top of Linux kernel
 apps largely written in Java (Apache Harmony)  open source The bad (challenges)  must support different hardware (phones, netbooks, GoogleTV, cameras, Google glass…)  version proliferation (Cupcake, Donut, Éclair, Froyo, Gingerbread, Honeycomb, Ice Cream Sandwich, Jelly Bean, KitKat …)  legal issues  application piracy

3 Android Security Security a priority in the software life cycle
Mandatory app sandbox  each process is a subject & has its own ID  safe mode ensures the system partition is read-only  the API includes common encryption ciphers  user consulted to grant permission to new app Application signing  every application must be signed with a public key  CA not required and no CA verification is currently performed Other the kernel intercepts common software vuls (buffer overflow, integer overflow, heap corruption, format string errors) hardware-based Never eXecute

4 iOS Layers of Security  secure boot process
 secure system install/upgrade  app security  runtime protections  file encryption  passcode security  support for network security standards

5 iOS ROM Secure Boot Process Boot Program ApplePublicKey
1) run boot program (integrity guaranteed by ROM) 2) Remaining system code is signed by Apple 3) Recovery to iTunes if necessary

6 iOS System install/upgrade

7 iOS app security  provided software (Mail, Safari, etc.) signed by Apple  other apps from registered developers are signed Apple supplies certificates to registered developers.  firms can use Apple service for in-house only software runtime protections  each app has its own home directory for files  most processes run in a non-privileged mode  all OS code is in read-only memory  processes are assigned to random memory locations

8 iOS file encryption crypto engine for AES-256 and SHA-1
UID | GID crypto engine for AES-256 and SHA-1 There is also a random number generator using interrupt timing.  Each file encrypted with _________ key  Each per-file key is wrapped (encrypted) with _________ key  Each class key is encrypted with UID (and possibly a passcode) Each file's metadata includes wrapped per-file key and class key encrypted with ____________ key

9 iOS passcode security  The passcode is "tangled with UID
 Passcode checking ________ to 80 msec.

10 iOS support for network standards
 secure low-level protocols (SSL, TLS)  secure higher-level VPN (L2TP, PPTP)  wi-fi via 128-bit AES encryption  …and many others

Download ppt "Mobile Device Security"

Similar presentations

OPERATING SYSTEM REVIEW AND SIMULATIONS

OPERATING SYSTEM REVIEW AND SIMULATIONS
Vpn-info.com.

Vpn-info.com.
David Angulo Rubio ANDROID OS Open Software Platform for Mobile Devices.

David Angulo Rubio ANDROID OS Open Software Platform for Mobile Devices.
Chapter 1: Voilà! Meet the Android

Chapter 1: Voilà! Meet the Android
Joemarie Comeros Amparo Android Development Orientation for Starters.

Joemarie Comeros Amparo Android Development Orientation for Starters.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
IOS VS ANDROID Presented by, Lowkya Pothineni.

IOS VS ANDROID Presented by, Lowkya Pothineni.
Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.

Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Android and Project Structure. Android Android OS – Built on Linux Kernel – Phones – Netbooks – Readers – Other???

Android and Project Structure. Android Android OS – Built on Linux Kernel – Phones – Netbooks – Readers – Other???
Android Wentworth Institute of Technology Elec101 07/08 Douglas A. Arevalo-Santos.

Android Wentworth Institute of Technology Elec101 07/08 Douglas A. Arevalo-Santos.
Case study 2 Android – Mobile OS.

Case study 2 Android – Mobile OS.
Chapter 1: Voilà! Meet the Android. Smartphones –Can browse the Web –Allow you to play games –Use business applications –Check e-mail –Play music –Record.

Chapter 1: Voilà! Meet the Android. Smartphones –Can browse the Web –Allow you to play games –Use business applications –Check –Play music –Record.
©1992-2013 by Pearson Education, Inc. All Rights Reserved. 1 Introduction to Android From “Android: How to Program” By Paul Deitel and Harvey Deitel.

© by Pearson Education, Inc. All Rights Reserved. 1 Introduction to Android From “Android: How to Program” By Paul Deitel and Harvey Deitel.
Mobile Application Development with ANDROID. Agenda Mobile Application Development (MAD) Intro to Android platform Platform architecture Application building.

Mobile Application Development with ANDROID. Agenda Mobile Application Development (MAD) Intro to Android platform Platform architecture Application building.
Mobile Operating System Security A PRESENTATION BY DANIEL ADAMS CSC 345 DR. BOX.

Mobile Operating System Security A PRESENTATION BY DANIEL ADAMS CSC 345 DR. BOX.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Android Introduction Based on slides made by

Android Introduction Based on slides made by
 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.

 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.

Similar presentations

Ads by Google