DOCSLIB.ORG

Anatomy of a Mobile Device Julian Lovelock HID Global Definition of Mobile

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Anatomy of a Mobile Device Julian Lovelock HID Global Definition of Mobile Anatomy of a Mobile Device Julian Lovelock HID Global Definition of Mobile Creating a Safe place on the mobile device Smartphone Phablet Tablet Safe place for what? Physical Access Credentials Safe place for what? Logical Access Credentials Safe place for what? Secure Remote Access from the phone Secure Remote access Intranets Applications Networks Cloud Virtual Desktops Safe place for what? Phone as a One Time Password Token App on the phone generates a One Time Password Turns the Phone into an OTP token Next OTP 53769270 OTP key is stored in ‘safe place’ Safe Place on the Mobile device Protect credentials against malware on the device. Software based vault UI / Keyboard Software Application #1 based vault Operating system NFC Controller Hardware based vault UI / Keyboard Application #1 Operating system Applet NFC Controller Secure Element / SIM chip Secure Elements . On Phone: • Embedded SE . Removable • UICC / SIM • Smart micro SD Multiple Hardware based vaults UI / Keyboard Application #1 Application #2 Secure Element Access OS AppletApplet #1 Applet #3 Applet #5 Contactless Frontend (CLF) Applet #2 Applet #4 Smart micro SD Secure Embedded UICC/SIM Element SE External vaults . On Phone: • Embedded SE . Removable • UICC / SIM • Smart micro SD . External • Phone Sleeves (ex. iCarte for Apple phones) (still harbours micro SD) • Attached reader inserting ISO smart card • Stickers Multiple options UI / Keyboard Application #1 Application #2 Crypto Middleware Secure Element Access OS Applet #1 Applet #3 Applet #5 External Contactless Reader Frontend (CLF) Applet #2 Applet #4 Smart Micro SD Embedded UICC/SIM SE TEE Trusted Execution Environment • Trusted input/output • Processsor speed video decoding and bio verification • Resource allocation greater (Mb rather th Kb) Trusted Execution Environment UI / Keyboard Trusted UI / Keyboard Application #1 Application #2 TEE Crypto Middleware Trusted App #1 Secure Element Access Trusted App #2 OS Applet #1 Applet #3 Applet #5 External Contactless Reader Frontend (CLF) Applet #2 Applet #4 Smart Micro SD Embedded UICC/SIM SE New developments in the last 12 Months - Bluetooth Smart - Host Card Emulation 17 Bluetooth Smart Supported cross platform (unlike NFC) Different to Bluetooth “classic” Doesn’t require pairing codes Low energy consumption Trend towards software based storage • Secure transactions use NFC Card Emulation mode. • Phone emulates an RFID card. • For payments or access control • Traditionally this mode required NFC reader to use the Secure Element • Secure Element is controlled by the Mobile Network Operator • Host Card Emulation, enables ‘Card Emulation’ mode accessing Host CPU • Leverage software vault, or off phone storage Security Continuum Security SE + TEE Secure combination Element (SE) Trusted Execution Environment Software (TEE) Based Solution Phone OS Complexity Julian Lovelock HID Global [email protected].
Load more

Recommended publications
  • Mobile Gaming Victor Bahl 8.13.2012 Internet & Devices Growth (Obligatory Slide)
    mobile gaming Victor Bahl 8.13.2012 internet & devices growth (obligatory slide) Apps are ~$10 Billion market, growing at ~100% per year Fun Fact: Getting to 1 M users: AOL: 9 years; Facebook: 9 months; “Draw Something”: 9 days Mobility & Networking, Microsoft Research bandwidth demand! 1 ~ 10 billion mobile devices in 2016 10B (1.4 devices / human) 6B 6 2007 2011 2007 2011 2016 2011-2016 ~ 18X growth in mobile data traffic2 (~ 10 exabytes / month) Source: (1) GSMA; (2) Cisco Visual Networking Index: Global Mobile Data Traffic Forecast Update, 2011–2016 Mobility & Networking, Microsoft Research gaming today Source: Strategy Analytics - Apptrax4 Mobility & Networking, Microsoft Research …but you already knew that Some things I heard today: . how game analytics was used to increase dwell time . how in-the-wild user behavior may be modeled (& used) . The challenges in getting to MMOG games . wireless peer-to-peer games . power management by making use of saliency All great stuff, let me say a few words about some things I didn’t hear ….. Mobility & Networking, Microsoft Research services behind the games Fun fact: in 2011 ~$12 billion was spent on social/mobile games in 2015 revenue is projected to be ~24 billion (19% CGR) Apps that connect to backends receive higher rankings and more downloads because they are likely dynamic with more fresh content and are more social and contextual - Kinvey Inc., 2012 Xbox LIVE 30% growth year over year 40+ Million Users 2.1 billion hours played per month 35 Countries 176,802,201,383 Gamer Points scored
    [Show full text]
  • Android Operating System
    Software Engineering ISSN: 2229-4007 & ISSN: 2229-4015, Volume 3, Issue 1, 2012, pp.-10-13. Available online at http://www.bioinfo.in/contents.php?id=76 ANDROID OPERATING SYSTEM NIMODIA C. AND DESHMUKH H.R. Babasaheb Naik College of Engineering, Pusad, MS, India. *Corresponding Author: Email- [email protected], [email protected] Received: February 21, 2012; Accepted: March 15, 2012 Abstract- Android is a software stack for mobile devices that includes an operating system, middleware and key applications. Android, an open source mobile device platform based on the Linux operating system. It has application Framework,enhanced graphics, integrated web browser, relational database, media support, LibWebCore web browser, wide variety of connectivity and much more applications. Android relies on Linux version 2.6 for core system services such as security, memory management, process management, network stack, and driver model. Architecture of Android consist of Applications. Linux kernel, libraries, application framework, Android Runtime. All applications are written using the Java programming language. Android mobile phone platform is going to be more secure than Apple’s iPhone or any other device in the long run. Keywords- 3G, Dalvik Virtual Machine, EGPRS, LiMo, Open Handset Alliance, SQLite, WCDMA/HSUPA Citation: Nimodia C. and Deshmukh H.R. (2012) Android Operating System. Software Engineering, ISSN: 2229-4007 & ISSN: 2229-4015, Volume 3, Issue 1, pp.-10-13. Copyright: Copyright©2012 Nimodia C. and Deshmukh H.R. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
    [Show full text]
  • A Survey Onmobile Operating System and Mobile Networks
    A SURVEY ONMOBILE OPERATING SYSTEM AND MOBILE NETWORKS Vignesh Kumar K1, Nagarajan R2 (1Departmen of Computer Science, PhD Research Scholar, Sri Ramakrishna College of Arts And Science, India) (2Department of Computer Science, Assistant Professor, Sri Ramakrishna College Of Arts And Science, India) ABSTRACT The use of smartphones is growing at an unprecedented rate and is projected to soon passlaptops as consumers’ mobile platform of choice. The proliferation of these devices hascreated new opportunities for mobile researchers; however, when faced with hundreds ofdevices across nearly a dozen development platforms, selecting the ideal platform is often met with unanswered questions. This paper considers desirable characteristics of mobileplatforms necessary for mobile networks research. Key words:smart phones,platforms, mobile networks,mobileplatforms. I.INTRODUCTION In a mobile network, position of MNs has been changing due todynamic nature. The dynamic movements of MNs are tracked regularlyby MM. To meet the QoS in mobile networks, the various issuesconsidered such as MM, handoff methods, call dropping, call blockingmethods, network throughput, routing overhead and PDR are discussed. In this paper I analyse the five most popular smartphone platforms: Android (Linux), BlackBerry, IPhone, Symbian, and Windows Mobile. Each has its own set of strengths and weaknesses; some platforms trade off security for openness, code portability for stability, and limit APIs for robustness. This analysis focuses on the APIs that platforms expose to applications; however in practice, smartphones are manufactured with different physical functionality. Therefore certain platform APIs may not be available on all smartphones. II.MOBILITY MANAGEMENT IP mobility management protocols proposed by Alnasouri et al (2007), Dell'Uomo and Scarrone (2002) and He and Cheng (2011) are compared in terms of handoff latency and packet loss during HM.
    [Show full text]
  • Guidelines on Mobile Device Forensics
    NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Sam Brothers Wayne Jansen http://dx.doi.org/10.6028/NIST.SP.800-101r1 NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Software and Systems Division Information Technology Laboratory Sam Brothers U.S. Customs and Border Protection Department of Homeland Security Springfield, VA Wayne Jansen Booz-Allen-Hamilton McLean, VA http://dx.doi.org/10.6028/NIST.SP. 800-101r1 May 2014 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Under Secretary of Commerce for Standards and Technology and Director Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. § 3541 et seq., Public Law (P.L.) 107-347. NIST is responsible for developing information security standards and guidelines, including minimum requirements for Federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate Federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information Systems, as analyzed in Circular A- 130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in Circular A- 130, Appendix III, Security of Federal Automated Information Resources. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on Federal agencies by the Secretary of Commerce under statutory authority.
    [Show full text]
  • Guidelines on Mobile Device Forensics
    NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Sam Brothers Wayne Jansen http://dx.doi.org/10.6028/NIST.SP.800-101r1 NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Software and Systems Division Information Technology Laboratory Sam Brothers U.S. Customs and Border Protection Department of Homeland Security Springfield, VA Wayne Jansen Booz Allen Hamilton McLean, VA http://dx.doi.org/10.6028/NIST.SP. 800-101r1 May 2014 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Under Secretary of Commerce for Standards and Technology and Director Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. § 3541 et seq., Public Law (P.L.) 107-347. NIST is responsible for developing information security standards and guidelines, including minimum requirements for Federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate Federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information Systems, as analyzed in Circular A- 130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in Circular A- 130, Appendix III, Security of Federal Automated Information Resources. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on Federal agencies by the Secretary of Commerce under statutory authority.
    [Show full text]
  • MOBILE OPERATING SYSTEM TRANSITION Insights and Considerations Mobile Operating System Transition – Insights and Considerations | 1
    MOBILE OPERATING SYSTEM TRANSITION Insights and Considerations Mobile Operating System Transition – Insights and Considerations | www.honeywellaidc.com 1 Introduction A shift in the mobile operating system landscape has occurred over the last several years. The transition from legacy Windows® is well underway. While there remain several distinct choices on the roadmap, the tradeoffs and compromises associated with each have become clearer. This paper will elaborate on these points and provide the reader with guidance on recommended solutions. Mobile Operating System Transition – Insights and Considerations | www.honeywellaidc.com 2 Table of contents 3 Mobile Operating System History 4 Legacy Operating Systems 5 Android Enterprise Evolution 6 How Honeywell Helps 8 Android Lifecycle Management 10 Conclusion and Recommendations Mobile Operating System Transition – Insights and Considerations | www.honeywellaidc.com 3 Mobile Operating System History For the open source Android operating system, Google OEMs and third parties began developing extensions that enabled device management capabilities, provided more control over user actions, and added support for Ten years ago, operating systems for mobile devices in the enterprise space were provided by Microsoft. Windows CE and Windows Mobile (later Windows Embedded Handheld) offered industrial Wi-Fi features and capabilities needed for enterprise deployment, while a robust ecosystem of networks and developer tools and third-party offerings allowed customers to create the solution needed barcode scanning to effectively operate and manage their businesses. Apple had only recently shown the first capabilities. iPhone®. Google acquired Android™ a few years earlier and had yet to see a phone come to market. Other options available at that time were largely focused around the white collar professional user and proved largely unsuitable for the unique needs of the purpose-built enterprise environment.
    [Show full text]
  • The Application of Personal Digital Assistants As Mobile Computing Device on Construction Site
    The Application of Personal Digital Assistants as Mobile Computing Device on Construction Site Kenji Kimoto, Kazuyoshi Endo, Satoru Iwashita and Mitsuhiro Fujiwara Konoike Construction Co., Ltd., Research Institute of Technology 1-20-1 Sakura, Tsukuba-Science City, IBARAKI 305-0003, Japan. {kimoto_kj, Iwashita_st, fujiwara_mh}@konoike.co.jp . Kogakuin University, Department of Architecture, 1-24-2 Nishishinjuku, Shinjyuku-ku, TOKYO 163-8677, Japan. [email protected] ABSTRACT: Construction managers need to access the real construction site to manage the construction project. They have recently handled various types of digital information such as drawings, specification, checklists and daily reports. They usually use sheets of paper and/or field notes. As a result, a gap in time and space between the outdoor construction site and the office, which leads to the low efficiency, occurs. This paper reports the application of PDA (Personal Digital Assistants) as mobile computing device for construction managers on construction sites. First, this paper describes the aim and the essential element of the mobile systems. This also shows the analysis of necessary functions as mobile computing device through the discussion with construction managers, and the concept of development of this computer-aided engineering system. Secondly, this paper describes the outline of below subsystems with PDA: Progress Monitoring System, Inspection System and Position Check System. Subsystems have two programs: the data input program in PDA and the output program in PC. Finally, this paper indicates the development of more refined process of construction management with the mobile computing device on construction site. • Progress Monitoring System has been built for construction managers to monitor the progress of works.
    [Show full text]
  • A Comparative Analysis of Mobile Operating Systems Rina
    International Journal of Computer Sciences and Engineering Open Access Research Paper Vol.-6, Issue-12, Dec 2018 E-ISSN: 2347-2693 A Comparative Analysis of mobile Operating Systems Rina Dept of IT, GGDSD College, Chandigarh ,India *Corresponding Author: [email protected] Available online at: www.ijcseonline.org Accepted: 09/Dec/2018, Published: 31/Dec/2018 Abstract: The paper is based on the review of several research studies carried out on different mobile operating systems. A mobile operating system (or mobile OS) is an operating system for phones, tablets, smart watches, or other mobile devices which acts as an interface between users and mobiles. The use of mobile devices in our life is ever increasing. Nowadays everyone is using mobile phones from a lay man to businessmen to fulfill their basic requirements of life. We cannot even imagine our life without mobile phones. Therefore, it becomes very difficult for the mobile industries to provide best features and easy to use interface to its customer. Due to rapid advancement of the technology, the mobile industry is also continuously growing. The paper attempts to give a comparative study of operating systems used in mobile phones on the basis of their features, user interface and many more factors. Keywords: Mobile Operating system, iOS, Android, Smartphone, Windows. I. INTRUDUCTION concludes research work with future use of mobile technology. Mobile operating system is the interface between user and mobile phones to communicate and it provides many more II. HISTORY features which is essential to run mobile devices. It manages all the resources to be used in an efficient way and provides The term smart phone was first described by the company a user friendly interface to the users.
    [Show full text]
  • Securing and Managing Wearables in the Enterprise
    White Paper: Securing and Managing Wearables in the Enterprise Streamline deployment and protect smartwatch data with Samsung Knox Configure White Paper: Securing and Managing Wearables in the Enterprise 2 Introduction: Smartwatches in the Enterprise As the wearable device market heats up, wrist-worn devices Industries as varied as healthcare, such as smartwatches are leading the pack. According to CCS Insight, forecasts for global sales of smart wearable devices finance, energy, transportation, will grow strongly over the next five years, with the global public safety, retail and hospitality market reaching nearly $30 billion by 2023.1 are deploying smartwatches for While smartwatches for fitness and activity tracking are popular, consumer demand is only part of the equation. added business value. Enterprises are also seeing business value in wearable devices. In a report by Robert Half Technology, 81 percent of CIOs surveyed expect wearable devices like smartwatches to Samsung has been working to address these concerns and become common tools in the workplace.2 has developed the tools to make its Galaxy and Galaxy Active smartwatches customizable, easily manageable and highly secure for enterprise users. This white paper will look at how these tools address key wearable security and manageability challenges, as well as considerations for smartwatch 81% deployments. of CIOs surveyed expect wearable devices like smartwatches to become common tools in the workplace. Industries as varied as healthcare, finance, energy, transportation, public safety, retail and hospitality are deploying smartwatches for added business value, such as hands-free communication for maintenance workers, task management, as well as physical monitoring of field workers in dangerous or remote locations.
    [Show full text]
  • State of Mobile Linux Juha-Matti Liukkonen, Jan 5, 2011
    State of Mobile Linux Juha-Matti Liukkonen, Jan 5, 2011 1 Contents • Why is this interesting in a Qt course? • Mobile devices vs. desktop/server systems • Android, Maemo, and MeeGo today • Designing software for mobile environments 2 Why is this interesting in a Qt course? 3 Rationale • Advances in technology make computers mobile • Low-power processors, displays, wireless network chipsets, … iSuppli, Dec 2008 • Laptops outsell desktop computers • High-end smartphones = mobile computers Nokia terminology • Need to know how to make software function well in a mobile device • Qt is big part of Symbian & Maemo/MeeGo API 4 Developing software for mobiles In desktop/server computing: • Android smartphones Java :== server C/C++ :== desktop • Eclipse, Java Qt was initially developed for desktop applications. • Symbian smartphones Mobile devices today are more powerful than the • NetBeans / Eclipse, Java ME desktops 10 years ago. • Qt Creator, C/C++ Of particular interest in this course. • Maemo / MeeGo smartphones • Qt Creator, C/C++ 5 The elephant in the room • In 2007, Apple change the mobile world with the iPhone • Touch user interface, excellent developer tools, seamless services integration, … • Modern operating system, shared with iPod and Mac product lines • Caught “industry regulars” with their pants down • Nokia, Google, Samsung, et al – what choice do they have? Linux! We don’t talk about the iPhone here. 6 iPad “killed the netbook” • In 2010, Apple introduced another mobile game changer • iPad = basically, a scaled-up iPhone with a
    [Show full text]
  • Phablet Craze
    SUNDAY, MAY 04, 2014 (PAGE-4) BOLLYWOOD BUZZ PERSONALITY "Villains have more longevity than heroes" Razdan's odyssey with Sacred Geometry With his trademark lascivious sneer and menacing voice, Prem Lalit Gupta Chopra established himself as the stylish villain of the '60s and Appearing in Jammu after a long hiatus, Subhash Razdan '70s. The veteran actor is now out with his biography Prem naam has certainly sprung a sur- prise with his works that hai mera… Prem Chopra penned by his daughter Rakita Nanda recently were on show at Rinchin bZangpo Art where he chronicles his journey of 50 years in Bollywood. Gallery, University of Jammu. Unlike contem- Sreya Basu in conversation with the 'bad guy' in Mumbai porary artists in the The itch in me never went away. When I decided country in perpetual to try my luck in Bombay for a second time, I told struggle with and against myself that I have to get a job there first so that even the norms of a hegemon- if nothing happens at least I will have some money in ic Western pattern of hand. We were a large family of five brothers and modernity, Subhash Raz- one sister, so I could not possibly be a burden on my dan, moved by internal inspi- parents. rations, has quietly taken the When you played the baddie, there was a tinge meditative route that locates his contemporary art practice in the local (Kashmiri) as well as of humour to your 'evil' side. Was that your idea or pan-Indian imagery of Tantrik Art.
    [Show full text]
  • Apple and Nokia: the Transformation from Products to Services
    9 Apple and Nokia: The Transformation from Products to Services In the mid- to late 2000s, Nokia flourished as the world’s dominant mobile phone – and mobile phone operating software – producer. Founded in 1871 originally as a rubber boots manufacturer, by 2007 Nokia produced more than half of all mobile phones sold on the planet, and its Symbian mobile operating system commanded a 65.6 percent global market share. 1 But within half a decade, Nokia would falter and be surpassed in the smartphone market not only by Apple’s revolu- tionary iPhone but also by competitors including Google and Samsung. And in September 2013, Nokia would sell its mobile phone business to Microsoft for $7 billion. 2 Apple literally came out of nowhere – it sold exactly zero mobile phones before the year 2007 (the year Nokia held more than half of the global market share) – but by the first quarter of 2013, Apple had captured almost 40 percent of the US smartphone market and over 50 percent of the operating profit in the global handset industry.3 In fiscal year 2013, Apple would sell five times more smart- phones than Nokia: 150 million iPhones compared to Nokia’s sales of 30 million Lumia Windows phones. 4 In contrast to Nokia, Apple real- ized it wasn’t just about the mobile device itself, it was about leveraging software to create a platform for developing compelling mobile experi- ences – including not just telephony but also music, movies, applica- tions, and computing – and then building a business model that allows partners to make money alongside the company (e.g., Apple’s iTunes and AppStore) and, in so doing, perpetuate a virtuous cycle of making the iPhone attractive to customers over multiple life cycles through ever-ex- panding feature sets.
    [Show full text]