A Capability to Improve Security for Remote Working

Total Page:16

File Type:pdf, Size:1020Kb

A Capability to Improve Security for Remote Working Edith Cowan University Research Online Theses: Doctorates and Masters Theses 2015 Secure portable execution and storage environments: A capability to improve security for remote working Peter James Edith Cowan University Follow this and additional works at: https://ro.ecu.edu.au/theses Part of the Human Resources Management Commons, Information Security Commons, and the Technology and Innovation Commons Recommended Citation James, P. (2015). Secure portable execution and storage environments: A capability to improve security for remote working. https://ro.ecu.edu.au/theses/1707 This Thesis is posted at Research Online. https://ro.ecu.edu.au/theses/1707 Edith Cowan University Copyright Warning You may print or download ONE copy of this document for the purpose of your own research or study. The University does not authorise you to copy, communicate or otherwise make available electronically to any other person any copyright material contained on this site. You are reminded of the following: x Copyright owners are entitled to take legal action against persons who infringe their copyright. x A reproduction of material that is protected by copyright may be a copyright infringement. x A court may impose penalties and award damages in relation to offences and infringements relating to copyright material. Higher penalties may apply, and higher damages may be awarded, for offences and infringements involving the conversion of material into digital or electronic form. SECURE PORTABLE EXECUTION AND STORAGE ENVIRONMENTS: A CAPABILITY TO IMPROVE SECURITY FOR REMOTE WORKING Peter James BSc. (Hons) Computer Science MSc. System Design Grad. Dip. Management Studies This thesis is presented in fulfilment of the requirements for the degree of Doctor of Philosophy Faculty of Health, Engineering and Science Edith Cowan University October 2015 Abstract Remote working is a practice that provides economic benefits to both the employing organisation and the individual. However, evidence suggests that organisations implementing remote working have limited appreciation of the security risks, particularly those impacting upon the confidentiality and integrity of information and also on the integrity and availability of the remote worker’s computing environment. Other research suggests that an organisation that does appreciate these risks may veto remote working, resulting in a loss of economic benefits. With the implementation of high speed broadband, remote working is forecast to grow and therefore it is appropriate that improved approaches to managing security risks are researched. This research explores the use of secure portable execution and storage environments (secure PESEs) to improve information security for the remote work categories of telework, and mobile and deployed working. This thesis with publication makes an original contribution to improving remote work information security through the development of a body of knowledge (consisting of design models and design instantiations) and the assertion of a nascent design theory. The research was conducted using design science research (DSR), a paradigm where the research philosophies are grounded in design and construction. Following an assessment of both the remote work information security issues and threats, and preparation of a set of functional requirements, a secure PESE concept was defined. The concept is represented by a set of attributes that encompass the security properties of preserving the confidentiality, integrity and availability of the computing environment and data. A computing environment that conforms to the concept is considered to be a secure PESE, the implementation of which consists of a highly portable device utilising secure storage and an up-loadable (on to a PC) secure execution environment. The secure storage and execution environment combine to address the information security risks in the remote work location. A research gap was identified as no existing ‘secure PESE like’ device fully conformed to the concept, enabling a research problem and objectives to be defined. Novel secure ii storage and execution environments were developed and used to construct a secure PESE suitable for commercial remote work and a high assurance secure PESE suitable for security critical remote work. The commercial secure PESE was trialled with an existing telework team looking to improve security and the high assurance secure PESE was trialled within an organisation that had previously vetoed remote working due to the sensitivity of the data it processed. An evaluation of the research findings found that the objectives had been satisfied. Using DSR evaluation frameworks it was determined that the body of knowledge had improved an area of study with sufficient evidence generated to assert a nascent design theory for secure PESEs. The thesis highlights the limitations of the research while opportunities for future work are also identified. This thesis presents ten published papers coupled with additional doctoral research (that was not published) which postulates the research argument that ‘secure PESEs can be used to manage information security risks within the remote work environment’. iii The declaration page is not included in this version of the thesis Acknowledgements I would like to acknowledge and thank Don Griffiths and Peter Hannay for their contribution to the four jointly written papers forming part of this thesis. Thank you also for the support provided by my employer Secure Systems Limited and my supervisors. Finally a big thank you to my family for the support they have provided during this long and, at times demanding experience. v Table of Contents ABSTRACT II DECLARATION IV ACKNOWLEDGEMENTS V TABLE OF CONTENTS VI 1 INTRODUCTION 1 1.1 BACKGROUND 1 1.2 OVERVIEW OF RESEARCH AND THE RESEARCH ARGUMENT 3 1.3 MOTIVATION FOR RESEARCH 4 1.4 KEY TERMS AND DEFINITIONS 6 1.5 THE RESEARCH PROBLEM AND QUESTIONS 8 1.6 RESEARCH PARADIGM AND METHODOLOGY 9 1.7 PRIOR RESEARCH AND EXISTING KNOWLEDGE 10 1.7.1 Knowledge Classes 10 1.7.2 Knowledge Consumed 11 1.8 KNOWLEDGE CONTRIBUTION AND ITS SIGNIFICANCE 11 1.8.1 The Growth of Knowledge over Time 11 1.8.2 Positioning the Research 12 1.8.3 Significance of Research 12 1.9 SCOPE OF RESEARCH 13 1.9.1 Remote Work Categories Considered 13 1.9.2 Security Issues 14 1.9.3 Remote Workers 15 1.9.4 Secure PESEs 15 1.9.5 Limitations and Constraints 16 1.10 THE RESEARCH PAPERS 17 1.11 EVOLUTION OF KEY CONCEPTS AND TERMINOLOGY 19 1.12 STRUCTURE OF THESIS 22 1.13 SUMMARY 23 2 RESEARCH PROBLEM AND OBJECTIVES 24 2.1 OVERVIEW 24 2.1.1 Structure 24 2.1.2 Establishing the Research Problem and Objectives - Design Cycle 1 24 2.2 PART 1: SEARCHING FOR A RESEARCH GAP 25 2.2.1 Overview 25 2.2.2 Background to Papers 1, 2 and 3 25 2.2.3 Integrating Security Technology into Commercially Available Smartphones 26 2.2.3.1 Preamble 26 2.2.3.2 Prior Research and Knowledge 27 2.2.3.3 Paper 1 28 2.2.3.4 Synopsis 48 2.2.4 Preventing Data Loss from Secure Portable Storage Devices 50 2.2.4.1 Preamble 50 2.2.4.2 Prior Research and Knowledge 51 2.2.4.3 Paper 2 52 2.2.4.4 Synopsis 64 2.2.5 Applicability of Existing Security Models 66 2.2.5.1 Preamble 66 2.2.5.2 Prior Research and Knowledge 66 2.2.5.3 Paper 3 67 2.2.5.4 Synopsis 81 2.2.6 Summary 81 vi 2.3 PART 2 – LITERATURE REVIEW 82 2.3.1 The Approach 82 2.3.2 Introducing the Concept of the Secure PESE 83 2.3.2.1 Preamble 83 2.3.2.2 Prior Research and Knowledge 85 2.3.2.3 Paper 4 86 2.3.2.4 Synopsis 108 2.3.2.5 Attributes of the Initial Concept 109 2.3.3 Remote Work – Categories Considered 110 2.3.4 Prior Research into Secure Remote Working 111 2.3.5 Prior Research and Development into Secure PESEs 116 2.3.5.1 Bespoke Hardware based Secure PESEs with Virtualised Secure PEE 116 2.3.5.2 USB Flash Drive based Secure PESEs with Bootable Secure PEE 121 2.3.5.3 Synopsis of Prior Research and Development into Secure PESEs 125 2.3.6 Holistic Review of Security Issues and the Secure PESE Countermeasures 125 2.3.6.1 Background 125 2.3.6.2 Consumed Knowledge 126 2.3.6.3 Location Security 127 2.3.6.4 Personnel Security 129 2.3.6.5 Insecure Use of Technology 133 2.3.6.6 Technology Vulnerabilities. 137 2.3.7 Synopsis of Analysis 139 2.4 THE RESEARCH PROBLEM 140 2.4.1 Establishing the Secure PESE Concept 140 2.4.2 Research Gap 142 2.4.3 Research Problem Definition 143 2.4.4 Research Objectives 143 2.4.5 Research Questions 144 2.5 SUMMARY 145 3 RESEARCH DESIGN 146 3.1 OVERVIEW 146 3.2 RATIONALE FOR SELECTING DESIGN SCIENCE RESEARCH 147 3.2.1 CHOOSING THE RESEARCH PARADIGM AND METHODOLOGY 147 3.2.2 SELECTION OF DSR 148 3.3 DESIGN SCIENCE RESEARCH METHODOLOGY 149 3.3.1 OVERVIEW OF METHODOLOGY 149 3.3.2 DEVELOPMENT ENVIRONMENT 152 3.4 THE CONSUMPTION AND PRODUCTION OF KNOWLEDGE 154 3.4.1 KNOWLEDGE CLASSES 154 3.4.2 DESIGN CYCLES 156 3.4.3 KNOWLEDGE CONSUMED 159 3.4.4 PRODUCTION OF KNOWLEDGE 160 3.5 DEMONSTRATION 161 3.6 EVALUATION 162 3.7 SUMMARY 164 4 DESIGN AND DEVELOPMENT 165 4.1 OVERVIEW 165 4.1.1 Structure 165 4.1.2 The Papers 165 4.2 BASELINING THE DESIGN - DESIGN CYCLE 2 166 4.2.1 Discounting the use of Virtualisation 166 4.2.1.1 Preamble 166 4.2.1.2 Prior Research and Knowledge 167 4.2.1.3 Paper 5 168 4.2.1.4 Synopsis 189 4.2.2 Modelling the Secure PESE Concept 190 4.2.2.1 Threat Model 191 vii 4.2.2.2 Conceptual Design Model 191 4.2.2.3 Operational Model 191 DEVELOPING THE COMMERCIAL GRADE SECURE PESE – DESIGN CYCLE 3 196 4.2.3 Background 196 4.2.4 A Secure Up-loadable Hardened Application 197 4.2.4.1 Preamble 197 4.2.4.2 Prior Research
Recommended publications
  • Google Android
    Google Android 2008/3/10 NemusTech, Inc. Lee Seung Min 네무스텍㈜ Agenda Introduction Mobile Platform Overview Background : Current Linux Mobile Platform What is Android? Features Architecture Technical Detail Android SDK Porting Android to Real Target Future of Android A conceptual model for mobile software Software Stack Kernel the core of the SW (HW drivers, memory, filesystem, and process management) Middleware The set of peripheral software libraries (messaging and communication engines, WAP renders, codecs, etc) Application Execution Environment An application manager and set APIs UI framework A set of graphic components and an interaction framework Application Suite The set of core handset application ( IDLE screen, dialer, menu screen, contacts, calendar, etc) Mobile Platforms Feature Phone Vendor Platform : Mocha, PDK, WAVE, WISE, KX, etc...... Carrier Platform : SKTelecom TPAK, NTT i-Mode (WAP), Java, WIPI, BREW, etc…… 3rd Party Solution : TAT Cascade, Qualcomm uiOne Smart Phone MicroSoft Windows Mobile Nokia : Symbian, Series 60 Apple, iPhone – OSX 10.5 Leopard Linux Customers & Licensees Not all customers or licensees are shown Source:vendor data Smartphone OS Market Share by Region Smartphone OS market share by region, 2006 Source : Canalys Current Linux Mobile Platforms LiMo Foundation https://www.limofoundation.org/sf/sfmain/do/home TrollTech Qtopia GreenPhone Acquired by Nokia OpenMoko : GNU/Linux based software development platform http://www.openmoko.org , http://www.openmoko.com Linux
    [Show full text]
  • Linux on Cellphones
    Linux on cellphones Pavel Machek Phones are everywhere ● everyone has their cellphone ● and carries it whereever they go ● cellphones are not just phones any more ● they browse web ● can read mail ● play mp3s and videos ● play radio ● they show maps, and you can use them for navigation Phones are sensitive ● They contain your contacts ● ...your passwords ● ...your emails ● ...can eavesdrop on you ● ...can steal your money and transfer them to attacker ● Backups are important because they break down ● non-smart phones do not have adequate ways to backup more than contacts Phones are working against their owner ● Cellphone operators have „interesting“ requirements before they'll sell a cellphone ● Branded phones are actively evil here ● right button takes you right into provider's portal, and you pay for it ● without confirmation ● without chance to change that ● branding is non-removable, so you are stuck with looking at red wallpaper ● you can't use it with other operator ● MMS / push to talk are designed to be expensive ● Voice-over-IP is a big no-no for a phone Phones are working against their owner ● You can only transfer pictures out of a phone using MMS ● You can only download applications using GPRS ● You can't transfer pictures/apps/songs between phones ● Have to confirm actions even of your own apps Phones are limited ● (but maybe that's a good thing?) ● Java applications work everywhere ● but they can't do interresting stuff ● usually can't access microphone, camera ● can't go background ● can't interact with one another ● Symbian
    [Show full text]
  • Mobile Phone Programming and Its Application to Wireless Networking
    Mobile Phone Programming Mobile Phone Programming and its Application to Wireless Networking Edited by Frank H.P. Fitzek Aalborg University Denmark and Frank Reichert Agder University College Norway A C.I.P. Catalogue record for this book is available from the Library of Congress. ISBN 978-1-4020-5968-1 (HB) ISBN 978-1-4020-5969-8 (e-book) Published by Springer, P.O. Box 17, 3300 AA Dordrecht, The Netherlands. www.springer.com Printed on acid-free paper © 2007 Springer No part of this work may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, microfilming, recording or otherwise, without written permission from the Publisher, with the exception of any material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. To Sterica and Lilith. — Frank H.P. Fitzek I dedicate this book to Tim (WoW Level 70, mighty Undead Warrior), Max (Wow Level 70, fearless Tauren Hunter), and Aida (Reality Level 80++, loving Human Wife and Mother) — Frank Reichert (Level 64) Foreword Saila Laitinen Nokia The technology evolution has been once and for all beyond comparison during the past decade or two. Any of us can nowadays do numerous things with numerous devices to help in everyday life. This applies not least to mobile phones. If we compare the feature set of a mobile phone model in 1995 with the latest smartphone models the most visible difference is of course in the user interface, the mp3 player, integrated camera, and the access to the mobile Internet.
    [Show full text]
  • Mobile Operating Systems, the New Generation V1.01 FINAL
    Executive Summary Much has changed from the world of open operating Contents systems of 2003. The mobile software market has Chapter A: Mobile Software Today: Open OSs, Linux grown into a landscape of 100s of vendors where and other Misperceptions understanding the roles, functionality, lines of A.1. The New Generation of Operating Systems partnership and competition across software products A.2. Linux: Myth and Reality is a complex endeavour, even for a seasoned industry A.3. Java: A False Start, But Efforts Continue observer. This paper aims to help change that. A.4. Nokia against Symbian A.5. Conclusions and Market Trends The paper firstly presents the key software layers for mobile phones today and explains the importance of Chapter B: Making Sense of Operating Systems, UI application execution environments and UI frameworks. Frameworks and Application Environments Section A then examines common misperceptions in Chapter C: Product reviews the software market of 2006; the flexible OS genre as In-Depth reviews of A la Mobile, Access Linux the successor to the open OSs, the myth and reality Platform, Adobe Flash Lite, GTK+, MiniGUI, Mizi behind Linux for mobile phones, and the false start but Prizm, Montavista Mobilinux, Nokia S60, Obigo, continued efforts around J2ME. Chapter B compares Openwave Midas, Qualcomm Brew, SavaJe, several software platforms for product functionality, Symbian OS, Trolltech Qtopia, UIQ And Windows licensees and speed of market penetration. Mobile. A reference section follows, consisting of 2-page Chapter D: Trends in the Mobile Software Market reviews of 16 key software products, covering historical Open OSes are out; Flexible OSs are in product background, positioning, technology, strategy, Commoditisation of the core OS technology and including the author’s critical viewpoint.
    [Show full text]
  • Qt Extended 4.4 Whitepaper
    This whitepaper describes Qt Extended, a GUI application platform for Linux-based consumer electronic devices. Qt Extended is comprised of the Qt application framework, an embedded windowing system, a library of integrated applications and technologies, and a complete Software Development Kit for creating applications. Qt Extended provides an efficient, customizable, and extensible architecture for managing all applications, content, and connectivity for embedded devices. Contents 1. Introduction 2 2. System Requirements 4 3. Overview of Qt Extended Modules 5 Architecture 4. Application Integration 6 4.1. Inter-Process Communication .............................. 6 4.2. Services ........................................... 6 4.3. Data Sharing and Linking ................................. 6 4.4. The Value Space ...................................... 7 4.5. Plugins ........................................... 7 5. Graphical User Interfaces 8 5.1. Widgets, Layouts and User Input ............................ 9 5.2. Styles and Themes .................................... 10 5.3. Internationalization .................................... 10 5.4. 2D and 3D Graphics .................................... 13 6. Application Life-Cycle Management 14 6.1. Qt Extended Server .................................... 14 6.2. Safe Execution Environment (SXE) ............................ 15 6.3. Package Management ................................... 16 7. Content Management 17 7.1. Media Management .................................... 17 7.2. Multimedia Framework
    [Show full text]
  • Android Platform
    Android Platform 2009.10 NemusTech 이 승 민 네무스텍 (주 ) 분야 : 모바일 /임베디드 전문 : 플랫폼 /솔루션 Quick Tiffany 3D Modeling 사업 : 컨설팅 /디자인 Android, Linux, iPhone panels on linear rail modeling (20 source line) Quick remodeling with single line modification vertical axis Cube Circular rail Agenda • Google Android • Introduction • History • Current Status • Architecture • Developing Android • Building Application • Android Roadmap • Future of Android • Summary Google Android Current Mobile Platform ✦ Software Stack – Kernel ✦ the core of the SW (HW drivers, memory, filesystem, and process management) – Middleware ✦ The set of peripheral software libraries (messaging and communication engines, WAP renders, codecs, etc) – Application Execution Environment ✦ An application manager and set APIs – UI framework ✦ A set of graphic components and an interaction framework – Application Suite ✦ The set of core handset application ( IDLE screen, dialer, menu screen, contacts, calendar, etc) Major Platforms ✦ Microsoft Windows Mobile - Will release WM7 in 2010 ✦ Nokia S60 Platform - Lenovo,LGE,Panasonic,Samsung - Symbian OS 9.x (Java MIDP, C++, Python) ✦ RIM’s BlackBerry - Push E-Mail Service - MS Exchange, Lotus Domino/Notes, Novell GroupWise ✦ Apple’s iPhone - Advanced UI , Robust Mac OS ✦ Palm Pre - WebOS (WebKit Based) Linux Platforms • LiMo Foundation • https://www.limofoundation.org/sf/sfmain/do/home • TrollTech • Qtopia GreenPhone • Acquired by Nokia • OpenMoko : GNU/Linux based software development platform • http://www.openmoko.org , http://www.openmoko.com •
    [Show full text]
  • Openezx and Openmoko, Truly Free Software for Mobile Phones
    OpenEZX and OpenMoko, truly free software for mobile phones Stefan Schmidt stefan@ openmoko.org OpenEZX and OpenMoko, truly free Outline software for mobile phones Introduction Projects Overview OpenEZX Stefan Schmidt OpenMoko [email protected] 2007-07-10 OpenEZX and Outline OpenMoko, truly free software for mobile phones Stefan Schmidt stefan@ openmoko.org Introduction Outline Introduction Projects Overview Projects Overview OpenEZX OpenMoko OpenEZX OpenMoko OpenEZX and Todays Mobile Phone Market OpenMoko, truly free software for mobile phones Stefan Schmidt stefan@ openmoko.org The provider rules about the customer Outline Introduction I Branding Projects Overview Disabling from functions like bluetooth file transfer I OpenEZX I Only signed software packages OpenMoko I Firmware updates over the air (FOTA) I Even un-branded mobile phone are not much better I Often Java SDK only, no access to the system libraries I Only abstracted hardware access OpenEZX and Freedom OpenMoko, truly free software for mobile phones Stefan Schmidt stefan@ openmoko.org Outline Introduction Projects Overview The user has not the full OpenEZX control over his own phone OpenMoko OpenEZX and Projects Overview OpenMoko, truly free software for mobile phones Stefan Schmidt stefan@ openmoko.org Outline Introduction I In the last two years many projects started to change Projects Overview this OpenEZX OpenMoko I This section gives you a short overview I Frameworks first I Linux kernel support for mobile phones afterwards OpenEZX and GPE Phone OpenMoko, truly free
    [Show full text]
  • Sailfish Mobile Os
    OpenSource Smartphone Andrey Rusalin Sergey Chupligin 2. Agenda About OMP What is “open hardware”? Opensource smartphone trend Aurora OS and open smartphone Opensource smartphone. What is next? 3. About us Open Mobile Platform (OMP): Aurora OS, SDK and mobility services ecosystem development R&D centers in Innopolis and Moscow Strategic partner – Rostelecom Aurora OS — Independent Linux-based mobile OS Aurora OS History Aurora OS OMP Maemo OS MeeGo OS Sailfish OS Nokia Nokia + Intel Jolla Moblin OS Mer Project Intel (Opensource) 2010 2012 2018 2019 5. Aurora OS vs Sailfish OS Highlights Focus on B2B and B2G market - Field staff terminals - Corporate office smartphones & tablets Security architecture Integration with enterprise infrastructure services (MDM, EMM) Federated and on-premise mobility services: updates, push, appstore, etc API Aurora OS is developed by Open Mobile Platform team an has own release cycle and product roadmap 6. What is “open hardware”? Opensource hardware itself - available schematic - available documentation for hw components - using open and standart interfaces Opensource software provides hw support - bootloaders - opensource OS including kernel and userspace - opensourece firmware for hw components - flashing tools and etc Silicon Vendor involvement 7. Open hardware devkits Already many years there are well known fully or partly opensource platforms and dev kits: Raspberry Pi BeagleBone VoCore2 Arduino FriendlyARM System 76 8. Open hardware smartphones :) But opensource smartphones more often looks like DIY setup 9. Were there any MP ready projects before? Yep! There were several close to mass production projects... 10. GreenPhone by Trolltech, 2006 320*240 LCD Qtopia Phone Edition 4.1.4 Marvell PXA270 312 Mhz Linux 2.4 (one of the first Linux based device) 64 МБ RAM Open middleware MiniSD Open SDK MiniUSB Closed Bootloader Bluetooth Closed Schematic Documentation was not available Project failed.
    [Show full text]
  • The Openmoko™ Project
    Free your Phone and your Mind will Follow “Openmoko... is everything the iPhone could have been but is not.” -- The Economist (or not?) The Openmoko™ Project Ian Darwin ([email protected]) Slides Copyright ©2008 Ian Darwin May be distributed, reused, etc., under CC-Attribution 3.0 http://creativecommons.org/licenses/by/3.0/ No claim asserted nor license granted over graphics originating with others Revised Oct 25, 2008 About Me •Ian Darwin is a long-time user of, contributor to, and advocate for, open source •Original author of file(1) on Linux, BSD, OS X •OpenBSD committer & user; use OpenMoko, OpenOffice, OpenStreetMap, OpenClipart, ... •O'Reilly Author: Lint, Java Cookbook, Checking Java Programs •Trainer: Learning Tree (Java, Unix, Python) •Unix & Java Consultant •Not paid to represent OpenMoko – just a fan Warning Your current cell phone may suck. Does your cell phone suck? • How much can you change it? – Little changes: Preferences, Ringtones, Backgrounds • What carriers used to make the most noise about! – Medium: add new applications written by you/others? • Can you ssh in, scp files in and out? • Write apps without paying for a license or signing NDA? – Significant: replace (change, not upgrade) the OS – Fundamental: write apps that interact directly with the phone, freely use GPS chip, etc. • Treat your phone like a FreeNIX PC, not a black box Innovation: Internet vs Cell Phones • Both date from early 1970©s • Internet: open specs, open implementations, ªRFC patternº: few barriers to entry; favor simplicity • Cell phones: relatively secretive, closed implementations, expensive specs • Result: way more innovation in the Internet than in cell tech • OpenMoko wants to bring the Net©s level of innovation to the cell phone world OpenMoko Vision and Goals • Every good FOSS project starts with a scratch of some developer©s itch: – Sean Moss-Pultz wanted total phone freedom • FOSS bottom to top stack, Linux kernel • Full access to phone hardware, GPS (location-aware), etc.
    [Show full text]
  • Developing Multiplatform Apps
    Ellert Smári Kristbergsson Developing multiplatform apps Using hybrid solutions Helsinki Metropolia University of Applied Sciences Bachelor of Engineering Information Technology Thesis 2 June 2014 Abstract Author Ellert Smári Kristbergsson Title Developing multiplatform apps Number of Pages 31 pages + 3 appendices Date 2 June 2014 Degree Bachelor of Engineering Degree Programme Information Technology Specialisation option Software Development Instructor Ilkka Kylmäniemi, Lecturer The aim of this thesis is to describe the process of developing multiplatform apps for mobile phones by discussing and comparing the different methods of developing apps for all platforms. The purpose is to ease decision making of smaller companies that are starting to develop their own product for smartphones. The paper analyses tools based on the Cordova framework and the Qt framework. The difference between how the frameworks deliver the code to the machine, Cordova compiles JavaScript into native code for each platform but Qt compiles C++ code to binary code with different toolchains for each architecture. Two projects, in paticular, are discussed, where an app was made with a hybrid solution. In one of the projects, an app was made for a company named Locatify with location- based interface using a framework called PhoneGap based on the Cordova framework and a project management methodology called Scrum. The other project is an app made for a company called Barnaefni for recording videos and sending them to a server. The main results are that most of the different tools that are available for hybrid app development are based on a few tools. This makes it easy for companies with talent coming from web development to choose Cordova-based frameworks but for companies with talent from low-level programming to choose a framework based on the Qt technology.
    [Show full text]
  • Proceedings of the 5 Australian Digital Forensics Conference
    Proceedings of The 5th Australian Digital Forensics Conference 3rd December 2007 Edith Cowan University Mount Lawley Campus Published By School of Computer and Information Science Edith Cowan University Perth, Western Australia Edited by Dr. Craig Valli and Dr. Andrew Woodward School of Computer and Information Science Edith Cowan University Perth, Western Australia Copyright 2007, All Rights Reserved ISBN 0-7298-0646-4 Table of Contents 1. Anti-Forensics and the Digital Investigator.............................................................................................. 1 2. An approach in identifying and tracing back spoofed IP packets to their sources ................................... 8 3. The effectiveness of investigative tools for Secure Digital (SD) Memory Card forensics..................... 22 4. An overview and examination of digital PDA devices under forensics toolkits .................................... 34 5. Profiling Through a Digital Mobile Device............................................................................................ 52 6. Forensic Analysis Avoidance Techniques of Malware .......................................................................... 59 7. ID Theft: A Computer Forensics’ Investigation Framework.................................................................. 67 8. Extracting Inter-arrival Time Based Behaviour from Honeypot Traffic using Cliques ......................... 79 9. Multi-Step Scenario Matching Based on Unification............................................................................
    [Show full text]
  • Linux on Mobile Devices
    Linux on mobile devices Jozef Mlích Department of Computer Graphics and Multimedia Brno University of Technology, Faculty of Information Technology Božetěchova 2, 612 66 Brno, Czech Republic [email protected] http://www.fit.vutbr.cz/~imlich/ Application Development for Mobile DevicesTAM 201820.11.2018 | 1 / 44 Agenda Why? Who? How? What? Boot Filesystem and storage Kernel / drivers / api / interfaces Inter-process communication (DBUS) GUI (libhildon, Qt) Compilation, Cross compilation Remote debugging, Deployment Emulation / Virtualization Profiling Packaging Profit http://www.fit.vutbr.cz/~imlich/ TAM 2018 | 2 / 44 Motivation Lifetime of phone hardware is long ~ 10 years Except of battery Lifetime of software is much sorter – Android 2-3 years of updates – iOS up to 5 years of updates – New APIs , Web standards are changing – Support for new hardware / for old hardware – Security (CVEs) Could be old phone used as core of embedded system? – Main board? Webcam? HVAC? IoT? – Phone – ... http://www.fit.vutbr.cz/~imlich/ TAM 2018 | 3 / 44 Cemetery of mobile phones and it’s operating systems Greenphone Openmoko – SHR, Hackable:1, QtMoko Symbian Nokia N900 – Maemo Nokia N9 – MeeGo Harmattan Firefox OS Tizen Blackberry Playbook, BB10 Ubuntu Phone Windows Phone WebOS PalmOS Bada http://www.fit.vutbr.cz/~imlich/ TAM 2018 | 4 / 44 Some survivors of mobile phone evolution Jolla – SailfishOS - https://jolla.com/ Neo900 - http://neo900.org/ Mer project/Nemo – https://wiki.merproject.org/wiki/Nemo – https://wiki.merproject.org/wiki/Adaptations/libhybris
    [Show full text]