DOCSLIB.ORG

Mobility Capability Package

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Mobility Capability Package Mobility March 26 Capability Package 2012 This document defines the 2nd release of earlier phases of the Enterprise Secure VoIP Mobility Architecture and focuses on the architectural components of providing a Secure VoIP capability using commercial grade products. Version 1.2 Table of Contents 1 Overview of Enterprise Mobility ................................................................................................... 8 1.1 Goals...................................................................................................................................... 8 1.2 Description ............................................................................................................................ 9 1.3 Provisioning, Operations, and Management ...................................................................... 10 1.4 Component Requirements – Thresholds and Objectives ................................................... 11 2 Overview of Smartphone Secure Voice over Internet Protocol (VoIP) on Cellular Networks .... 12 2.1 Goals.................................................................................................................................... 12 2.2 Description .......................................................................................................................... 13 2.3 Threat Environment ............................................................................................................ 14 2.4 Security Principles ............................................................................................................... 14 2.5 Mobile User and Wireless Access ....................................................................................... 14 2.6 Mobile User to Mobile User ................................................................................................ 15 3 Operating System and Applications Mobile Device Security ...................................................... 17 3.1 Overview ............................................................................................................................. 17 3.2 Operation ............................................................................................................................ 18 3.3 Approach ............................................................................................................................. 18 3.3.1 Architecture .................................................................................................................... 18 3.3.2 Security Relevant Components ....................................................................................... 22 3.3.3 Inter-relationship to Other Elements of the Secure VoIP System .................................. 33 3.4 Gap Analysis ........................................................................................................................ 33 3.4.1 System Overview ............................................................................................................. 33 3.5 Risk ...................................................................................................................................... 33 3.5.1 Threats to the System ..................................................................................................... 33 3.5.2 Risks to the System ......................................................................................................... 34 3.6 References .......................................................................................................................... 35 4 Carrier Services Connections ...................................................................................................... 36 4.1 Overview ............................................................................................................................. 36 4.2 Description .......................................................................................................................... 36 4.3 Approach ............................................................................................................................. 37 2 4.3.1 Architecture .................................................................................................................... 37 4.3.2 Security Components ...................................................................................................... 43 4.3.3 Inter-relationship to Other Elements of the Secure VoIP System .................................. 45 4.4 Gap Analysis ........................................................................................................................ 46 4.4.1 Secure Roaming .............................................................................................................. 46 4.4.2 Network Authentication ................................................................................................. 46 4.4.3 Audit System ................................................................................................................... 47 4.4.4 Secure Identity Module ................................................................................................... 47 4.4.5 Secure Over-the-Air Provisioning Server ........................................................................ 47 4.4.6 Quality of Service ............................................................................................................ 48 4.5 Risk ...................................................................................................................................... 48 4.5.1 Rogue Base-Station ......................................................................................................... 48 4.5.2 Rogue Carrier .................................................................................................................. 49 4.5.3 Rogue Manufacturer/Supply Chain Compromise ........................................................... 50 4.5.4 Geo-location .................................................................................................................... 50 4.5.5 Frequency Jamming ........................................................................................................ 51 4.5.6 Passive Collection ............................................................................................................ 51 4.6 References .......................................................................................................................... 52 5 Enterprise Mobility Infrastructure .............................................................................................. 53 5.1 Overview ............................................................................................................................. 53 5.2 Description .......................................................................................................................... 54 5.2.1 Rationale for Security Design .......................................................................................... 55 5.2.2 Security Approach in the Enterprise Mobility Infrastructure ......................................... 56 5.3 Approach ............................................................................................................................. 57 5.3.1 Architecture .................................................................................................................... 57 Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) .................................... 57 Firewall (multiple) ................................................................................................................... 57 Collection of audit log records received from the mobile device ........................................... 58 5.3.2 Security Relevant Components ....................................................................................... 59 5.4 Gap Analysis ........................................................................................................................ 88 3 5.5 Risks..................................................................................................................................... 89 5.5.1 Threats and Risks to the System ..................................................................................... 89 5.5.2 Risk Mitigations to the System ........................................................................................ 89 5.6 References .......................................................................................................................... 90 6 Secure Voice over IP (SVoIP) Application .................................................................................... 92 6.1 Overview ............................................................................................................................. 92 6.2 Description .......................................................................................................................... 92 6.3 Approach ............................................................................................................................. 93 6.3.1 Architecture .................................................................................................................... 93 6.3.2 Security Relevant Components ....................................................................................... 94 6.3.3 Inter-relationship to Other Elements of the Secure VoIP System .................................
Load more

Recommended publications
  • Lessons from the Sony CD DRM Episode
    Lessons from the Sony CD DRM Episode J. Alex Halderman and Edward W. Felten Center for Information Technology Policy Department of Computer Science Princeton University Abstract system called XCP that had been installed when he in- In the fall of 2005, problems discovered in two Sony- serted a Sony-BMG music CD into his computer’s CD BMG compact disc copy protection systems, XCP and drive. MediaMax, triggered a public uproar that ultimately led News of Russinovich’s discovery circulated rapidly on to class-action litigation and the recall of millions of the Internet, and further revelations soon followed, from discs. We present an in-depth analysis of these technolo- us,1 from Russinovich, and from others. It was discov- gies, including their design, implementation, and deploy- ered that the XCP rootkit makes users’ systems more ment. The systems are surprisingly complex and suffer vulnerable to attacks, that both CD DRM schemes install from a diverse array of flaws that weaken their content risky software components without obtaining informed protection and expose users to serious security and pri- consent from users, that both systems covertly transmit vacy risks. Their complexity, and their failure, makes usage information back to the vendor or the music label, them an interesting case study of digital rights manage- and that none of the protected discs include tools for unin- ment that carries valuable lessons for content companies, stalling the software. (For these reasons, both XCP and DRM vendors, policymakers, end users, and the security MediaMax seem to meet the consensus definition of spy- community. ware.) These and other findings outraged many users.
    [Show full text]
  • (DNS) Risk Assessment
    Provide Domain Name Resolution Services and Provide Internet Routing, Access, and Connection Services Critical Functions Risk Assessment Information Technology Sector May 2017 formation Technology Sector Provide Domain Name Services and Provide Internet Routing, Access and Connection Table of Contents EXECUTIVE SUMMARY ......................................................................................................................................... 4 BACKGROUND AND CONTEXT ................................................................................................................. 11 IT SECTOR BASELINE RISK ASSESSMENT ..................................................................................................... 11 FIGURE 1: KEY IT SECTOR FUNCTIONS .................................................................................................................. 11 2017 DNS RISK PROFILE UPDATE ................................................................................................................ 12 SCOPE, PROCESS, AND AUDIENCE .......................................................................................................... 13 2.1. ASSESSMENT SCOPE .......................................................................................................................................... 13 2.2. ATTACK TREE EVALUATION PROCESS ............................................................................................................... 13 FIGURE 2: VULNERABILITY AND CONSEQUENCE RATING CRITERIA ........................................................................
    [Show full text]
  • The Strange World of Keyloggers - an Overview, Part I
    https://doi.org/10.2352/ISSN.2470-1173.2017.6.MOBMU-313 © 2017, Society for Imaging Science and Technology The strange world of keyloggers - an overview, Part I Reiner Creutzburg Technische Hochschule Brandenburg, Department of Informatics and Media, IT- and Media Forensics Lab, P.O.Box 2132, D-14737 Brandenburg, Germany Email: [email protected] Abstract events, as if it was a normal piece of the application instead In this article we give a bibliographic overview of keyloggers of malware. The keylogger receives an event each time the and review the relavant hard- and software and mobile keyloggers user presses or releases a key. The keylogger simply records that are available and in use. The functionalities, availability, it. + Windows APIs such as GetAsyncKeyState(), GetFore- detection possibilities of keyloggers are described and reviewed. groundWindow(), etc. are used to poll the state of the key- In a future Part II keyloggers for mobile devices and the eth- board or to subscribe to keyboard events [3]. A more recent ical and legal aspects are reviewed. example simply polls the BIOS for pre-boot authentication PINs that have not been cleared from memory [4]. Keylogger – Introduction • Form grabbing based: Form grabbing-based keyloggers Keystroke logging, often referred to as keylogging [1] or log web form submissions by recording the web browsing keyboard capturing, is the action of recording (logging) the keys on submit events. This happens when the user completes a struck on a keyboard, typically covertly, so that the person using form and submits it, usually by clicking a button or hitting the keyboard is unaware that their actions are being monitored.
    [Show full text]
  • Detecting Malicious Network Activity Using Flow Data and Learning Automata
    Detecting malicious network activity using flow data and learning automata By Christian Auby Torbjørn Skagestad Kristian Tveiten Thesis submitted in Partial Fulfillment of the requirements for the Degree Master of Technology in Information and Communication Technology Faculty of Engineering and Science University of Agder Grimstad May 2009 Table of Contents 1 Introduction.................................................................................................................9 1.1 Background and motivation...............................................................................10 1.2 Proposed solution...............................................................................................13 1.3 Limitations .........................................................................................................14 1.4 Assumptions.......................................................................................................15 2 Related work .............................................................................................................16 2.1 DDoS detection based on traffic profiles...........................................................17 2.1.1 Goal and results...........................................................................................17 2.1.2 Relevance....................................................................................................17 2.1.3 Differences..................................................................................................17 2.2 An intelligent
    [Show full text]
  • Creating a Malware Analysis Lab and Basic Malware Analysis
    Iowa State University Capstones, Theses and Creative Components Dissertations Fall 2018 Creating a Malware Analysis Lab and Basic Malware Analysis Joseph Peppers Iowa State University Follow this and additional works at: https://lib.dr.iastate.edu/creativecomponents Part of the Other Computer Engineering Commons Recommended Citation Peppers, Joseph, "Creating a Malware Analysis Lab and Basic Malware Analysis" (2018). Creative Components. 92. https://lib.dr.iastate.edu/creativecomponents/92 This Creative Component is brought to you for free and open access by the Iowa State University Capstones, Theses and Dissertations at Iowa State University Digital Repository. It has been accepted for inclusion in Creative Components by an authorized administrator of Iowa State University Digital Repository. For more information, please contact [email protected]. Creating a Malware Analysis Lab and Basic Malware Analysis by Joseph Peppers A creative component submitted to the graduate faculty in partial fulfillment of the requirements for the degree of MASTERS OF SCIENCE Major: Information Assurance Program of Study Committee: Dr. Doug Jacobson, Major Professor The student author, whose presentation of the scholarship herein was approved by the program of study committee, is solely responsible for the content of this creative component. The Graduate College will ensure this creative component is globally accessible and will not permit alterations after a degree is conferred. Iowa State University Ames, Iowa 2018 Copyright © Joseph Peppers, 2018.
    [Show full text]
  • Lessons from the Sony CD DRM Episode
    Lessons from the Sony CD DRM Episode J. Alex Halderman and Edward W. Felten∗ Center for Information Technology Policy Department of Computer Science Princeton University Extended Version – February 14, 2006† Abstract In the fall of 2005, problems discovered in two Sony-BMG compact disc copy protection systems, XCP and MediaMax, triggered a public uproar that ultimately led to class-action litigation and the recall of millions of discs. We present an in-depth analysis of these technologies, including their design, im- plementation, and deployment. The systems are surprisingly complex and suffer from a diverse array of flaws that weaken their content protection and expose users to serious security and privacy risks. Their complexity, and their failure, makes them an interesting case study of digital rights management that carries valuable lessons for content companies, DRM vendors, policymakers, end users, and the security community. 1 Introduction This paper is a case study of the design, implementation, and deployment of anti-copying technologies. We present a detailed technical analysis of the security and privacy implications of two systems, XCP and MediaMax, which were developed by separate companies (First4Internet and SunnComm, respectively) and shipped on millions of music compact discs by Sony-BMG, the world’s second largest record company. We consider the design choices the companies faced, examine the choices they made, and weigh the conse- quences of those choices. The lessons that emerge are valuable not only for compact disc copy protection, but for copy protection systems in general. Before describing the technology in detail, we will first recap the public events that brought the issue to prominence in the fall of 2005.
    [Show full text]
  • Secure Software Project Report on Key Logger
    Secure Software Project Report On Key Logger Mihir Dhanani College of Computer Science, University of Canterbury. Email: - [email protected] Abstract— The main objective of this project was to make a user aware of how a simple software can be a reason for an attack and also to develop an attacking software demonstrating an attack and measure of avoidance. The purpose of this report is to present all the preparations and work done on the project, this report consist of 5 sections; Introduction, System Models, Project Description, Discussion and Conclusion. Keywords— Key Logger, Anti Key Logging, Secure Key Logger, Key Logger threat. I. INTRODUCTION Keystroke logging, often referred to as key logging or Keyboard Capturing, is the action of recording (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. It also has very legitimate uses in studies of human-computer interaction. There are numerous key logging methods, ranging from hardware and software-based approaches to acoustic analysis. This project refers to a software based key logger. There are two main goals of this project, 1. To develop the key logger. Implementing the software with the tasks involved. 2. To avoid an attack (Security Awareness). Measures implementing the attack from occurring. [3][4] Key Loggers are computer programs designed to work on the target computer’s operating system. From a technical perspective there are six categories: 1. Hypervisor-based: The key logger can theoretically reside in a malware hypervisor running underneath the operating system, which remains untouched.
    [Show full text]
  • Building Fair Use and Other User Rights Into Digital Rights Management
    Building Fair Use and Other User Rights into Digital Rights Management A Thesis Presented to the Faculty of the Graduate School of Cornell University in Partial Fulfillment of the Requirements for the Degree of Master of Science by Amber Sami Kubesch 2014 ©2014 Amber Sami Kubesch ALL RIGHTS RESERVED Building Fair Use and Other User Rights into Digital Rights Management Amber Sami Kubesch, M.S. Cornell University 2014 In a fight to protect content from piracy, copyright holders have worked to develop Digital Rights Management (DRM) systems that are harder to break. The result of these stronger measures of protection has been to limit the ways that content can be used and enjoyed by legitimate users, even controlling private performances and displays of digital forms of content. DRM systems make it pos- sible for content owners to limit fair use rights further than allowed under Copyright Law—effectively strengthening these laws in their favor. In addition to the problems with fair use, privacy issues have been raised by DRM technologies that collect user data. This paper begins with a brief overview of how DRM technologies are being used to limit consumer rights. Next it is shown how this code is combined with a legal component, including the use of contractual agreements, to further narrow user rights. Providing a summary of the legal history, it builds up to the current legal environment surrounding DRM in the US. It concludes with my proposal for how DRM policies should be changed to better balance the interests of copyright holders and the public. Biographical Sketch I am a student in Electrical & Computer Engineering at Cornell University working with Professor Wicker.
    [Show full text]
  • Software Call Home
    Software call home click here to download Phoning Home in computing, refers to an act of client to server communication which may be It typically involves a software agent which is difficult to detect or remove. However, there transmitted. The Stuxnet attack on Iran's nuclear facilities was facilitated by phone home technology as reported by The New York Times. This is not really a war that you can win with the approach you have lined out. As others have pointed out, simply disabling the network. Phone home is the slang term used to describe a software installation function which will use an Internet connection, if one is found, to send information back to . A growing number of software applications come complete with a means by which the software periodically transmits usage information to the. The IBM PureData System for Operational Analytics provides call home functionality so that reports can be sent automatically to IBM Support when alerts . The Call Home feature is a communication link that is established between a With a background of 35 years in hardware support, and 20 years in software. Introduction CALLHOME American English Speech was developed by the format along with the software packages needed to uncompress the speech data. Various kinds of spyware and Trojan horses can phone home and We work hard to provide you our software news and we keep our ads. How to identify and prevent programs from phoning home on a Windows test machine to check if they'd phone home automatically. for instance by creating a new rule in a software or hardware firewall to block the domain.
    [Show full text]
  • TTLF Working Papers, No. 5: Separation Of
    Stanford – Vienna Transatlantic Technology Law Forum A joint initiative of Stanford Law School and the University of Vienna School of Law TTLF Working Papers No. 5 Separation of Ownership and the Authorization to Use Personal Computers: Unintended Effects of EU and U.S. Law on IT Security Lukas Feiler 2010 TTLF Working Papers About the TTLF Working Papers TTLF’s Working Paper Series presents original research on technology, and business- related law and policy issues of the European Union and the US. The objective of TTLF’s Working Paper Series is to share “work in progress”. The authors of the papers are solely responsible for the content of their contributions. The TTLF Working Papers can be found at http://ttlf.stanford.edu. Please also visit this website to learn more about TTLF’s mission and activities. If you should have any questions regarding the TTLF’s Working Paper Series, please contact Vienna Law Professor Siegfried Fina, Stanford Law Professor Mark Lemley or Stanford LST Executive Director Roland Vogl at the Transatlantic Technology Law Forum http://ttlf.stanford.edu Stanford Law School University of Vienna School of Law Crown Quadrangle Department of Business Law 559 Nathan Abbott Way Schottenbastei 10-16 Stanford, CA 94305-8610 1010 Vienna, Austria Sponsors This project was co-sponsored by the Stanford-Vienna Transatlantic Technology Law Forum (Stanford Law School/University of Vienna School of Law), the Stanford Center for E-Commerce, the Forum on Contemporary Europe at the Freeman Spogli Institute for International Studies at Stanford University, as well as supported by the University of Vienna Research Grant 2010.
    [Show full text]
  • Download (PDF)
    MISTRUST-BASED DIGITAL RIGHTS MANAGEMENT * RANDAL C. PICKER INTRODUCTION ....................................................................................... 48 I. WHY DIGITAL RIGHTS MANAGEMENT? .............................................. 51 A. Copy-Control DRM .................................................................. 51 B. Bundled Uses and Per-Use Pricing.......................................... 52 C. Patent-Royalty Collection ........................................................ 53 D. DRM and Shaping Competition ............................................... 54 II. THE PROBLEM OF THE CD: SONY BMG AND ADD-ON DRM ............ 55 A. Staring at the Jewel Box: Neil Diamond’s 12 Songs................ 56 B. Inside XCP and MediaMax....................................................... 57 C. Four Problems for Add-On DRM............................................. 60 III. IDENTITY-BASED DRM: SWITCHING FROM PRODUCTS TO SERVICES .......................................................................................... 62 A. Google Video ............................................................................ 63 B. Amazon Upgrade ...................................................................... 65 C. iTunes ....................................................................................... 66 D. Implementing Identity-Based DRM.......................................... 68 CONCLUSION........................................................................................... 70 * Copyright © 2006, Randal C. Picker.
    [Show full text]
  • The Root of All Evil? – Rootkits Revealed
    :: The Root of All Evil? - Rootkits Revealed Are rootkits the root of all evil, or just another branch on the threat tree? What you need to know about the rootkit threat. David Harley BA CISSP FBCS CITP Andrew Lee CISSP Table of Contents Introduction 2 Got Root? 3 Rootkits and Stealth 3 Rootkit Defi nitions 4 60-Second Guide to Account Management 5 User Privileges and Rooting 6 Rootkit objectives: 6 Traditional UNIX Rootkit Components 7 Windows Rootkits 7 User Mode versus Kernel Mode 8 Persistent versus Non-Persistent Rootkits 9 Macintosh Rootkits 9 Good intentions, and the Sony Rootkit Experience 10 Rootkit Detection Methodology 12 Preventative Measures 13 Conclusion: A Heuristic Paradox 14 References 15 Glossary 16 White Paper: The Root of All Evil? 1 Introduction Public awareness of rootkits has risen in recent years, but as with worms, viruses and other forms of malicious software (malware), the term rootkit is applied unselectively to a range of technologies and has attracted a number of not-very-compatible defi nitions. While several of these technologies and defi nitions are explored in this paper, our intention is to clarify common usages, not to supply a single “authoritative” defi nition. There are, however, some brief defi nitions in the glossary. Rootkits are in danger of becoming the latest in a long line of poorly understood threats to be hyped as the “End of Computing as We Know It”. Having attracted descriptions [1] such as “the most pernicious and sophisticated form of attack which currently can be made against a Windows system”, they have acquired some of the superstitious dread that terms like “stealth” and “polymorphic” inspired earlier in the history of “It’s easy to see why malicious software.
    [Show full text]