What s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources
|
|
- Trevor Armstrong
- 5 years ago
- Views:
Transcription
1 What s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources Soteris Demetriou, Xiaoyong Zhou, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang, Carl A. Gunter University of Illinois at Urbana-Champaign Indiana University, Bloomington ordered alphabetically
2 Bank
3 Channels of communication Internet Bluetooth SMS Audio NFC Bank
4 Channels of communication Internet Bluetooth These channels often carry sensitive information SMS Audio NFC Bank
5 Channel Use INTERNET 1.695E+06 BLUETOOTH 3.311E+06 Permission NFC AUDIO 8.218E E+07 SMS 6.038E+06 0E E E+06 8E E E E+07 Average #downloads
6 Channel Use INTERNET 1.695E+06 Permission BLUETOOTH NFC AUDIO 3.311E+06 Apps that make use of these channels are popular 8.218E E+07 SMS 6.038E+06 0E E E+06 8E E E E+07 Average #downloads
7 Problem Statement Mis-bonding
8 Approach
9 Approach OS-level Access Control: flexible and uniform Permissions: user DAC SELinux: admin MAC
10 Approach OS-level Access Control: flexible and uniform Permissions: user DAC coarse-grained VS permission bloat SELinux: admin MAC
11 SELinux
12 SELinux Vendor / Admin Policies: User Policies: BYOD Mobile App Management (MAM) Mobile Device Management (MDM) Personal Resource Management DAC MAC
13 SEACAT Security Enhanced Android Channel Access Control
14 SEACAT Overview Policy Manager DAC Policy Manager Service APP Fast Resource-Type Cache BT stack AVC DAC MAC Policy Module
15 SELinux rule allow trusted_app my_file:file read_write Domain Type Class Access Vector
16 Assigning Apps to Domains allow trusted_app my_file:file read_write
17 Policy Manager DAC Policy Manager Service Package Manager AVC DAC MAC Policy Module
18 Policy Manager DAC Policy Manager Service Package Manager AVC DAC MAC Policy Module
19 Assigning External Resources to Types allow trusted_app my_file:file read_write
20 Policy Manager DAC Policy Manager Service Fast Resource-Type Cache Bluetooth AVC DAC MAC Policy Module
21 Policy Manager DAC Policy Manager Service Fast Resource-Type Cache Bluetooth AVC DAC MAC Policy Module
22 SEACAT rule
23 SELinux rule allow trusted_app my_file:file read_write Domain Type Class Access Vector SEACAT rule allow trusted_app bt_dev1:btacc connect
24 Enforcing the policies
25 SEACAT Enforcement Policy Manager DAC Policy Manager Service BT stack Fast Resource-Type Cache AVC DAC MAC Policy Module
26 Evaluation
27 Effectiveness Evaluation KNOWN THREATS Bluetooth Mis-bonding attack Unauthorized adb-based screenshots Unauthorized read of an SMS message Unauthorized access to audio device Unauthorized read of an NFC device s contents demonstrated in related work
28 Performance Evaluation (DAC Labeling) install app BT pair dispatch Tag Audio connect AOSP SEACAT
29 Performance Evaluation (enforcement) SMS filter (10) SMS process msg dispatch Tag dispatchtag (foreground) start Recording writendefmessage AOSP SEACAT
30 Summary
31 Summary Protection of Android external resources MAC for vendors and admins DAC for users Backward compatible Effective and efficient B
32 Summary Protection of Android external resources MAC for vendors and admins DAC for users Backward compatible Effective and efficient B
33 Thank You! VIDEO DEMOS: sites.google.com/ site/seacatchannelcontrol
What s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources
What s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources Soteris Demetriou *, Xiaoyong Zhou *, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang,
More informationResolving the Predicament of Android Custom Permissions
Resolving the Predicament of Android Custom Permissions Güliz Seray Tuncay, Soteris Demetriou, Karan Ganju, Carl A. Gunter University of Illinois at Urbana - Champaign #NDSS18 Install-time Permissions
More informationc 2014 Soteris Demetriou
c 2014 Soteris Demetriou ANDROID AT RISK: CURRENT THREATS STEMMING FROM UNPROTECTED LOCAL AND EXTERNAL RESOURCES BY SOTERIS DEMETRIOU THESIS Submitted in partial fulfillment of the requirements for the
More informationExploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android
S C I E N C E P A S S I O N T E C H N O L O G Y Exploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android Raphael Spreitzer, Simone Griesmayr, Thomas Korak, and Stefan Mangard IAIK,
More informationMiddleware MAC for Android. Stephen Smalley Trusted Systems Research National Security Agency
Middleware MAC for Android Stephen Smalley Trusted Systems Research National Security Agency Motivation Many attacks on Android can occur entirely at the middleware layer. Not directly visible to kernel
More informationThe Case for Security Enhanced (SE) Android. Stephen Smalley Trusted Systems Research National Security Agency
The Case for Security Enhanced (SE) Android Stephen Smalley Trusted Systems Research National Security Agency Background / Motivation Increasing desire to use mobile devices throughout the US government.
More informationMandatory Access Control for the Android Dalvik VM
Mandatory Access Control for the Android Dalvik VM ESOS 13 Aline Bousquet, Jérémy Briffaut, Laurent Clevy, Christian Toinard, Benjamin Venelle June 25, 2013 Esos 13 Mandatory Access Control for the Android
More informationGIANT PRO. User Guide STD_REV1.0
GIANT PRO User Guide STD_REV1.0 Contents 1. Intro 2. Device Settings 3. Error Check 4. Maintenance Report 5. NFC Tag Setting 6. Smart WiFi Link 7. Bluetooth Pairing 8. Smart Coupon 9. e-receipt 3 6 9 10
More informationCh 1: The Mobile Risk Ecosystem. CNIT 128: Hacking Mobile Devices. Updated
Ch 1: The Mobile Risk Ecosystem CNIT 128: Hacking Mobile Devices Updated 1-12-16 The Mobile Ecosystem Popularity of Mobile Devices Insecurity of Mobile Devices The Mobile Risk Model Mobile Network Architecture
More informationApplication Virtualization and Desktop Security
Application Virtualization and Desktop Security Karl MacMillan kmacmillan@tresys.com Tresys Technology 1 Application Virtualization Introduction Encapsulates a single application Bundles application into
More informationFree for All! Assessing User Data Exposure to Advertising Libraries on Android
Free for All! Assessing User Data Exposure to Advertising Libraries on Android Soteris Demetriou, Whitney Merrill, Wei Yang, Aston Zhang, Carl Gunter University of Illinois at Urbana - Champaign Approach
More information2 Lecture Embedded System Security A.-R. Darmstadt, Android Security Extensions
2 Lecture Embedded System Security A.-R. Sadeghi, @TU Darmstadt, 2011-2014 Android Security Extensions App A Perm. P 1 App B Perm. P 2 Perm. P 3 Kirin [2009] Reference Monitor Prevents the installation
More informationFinding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale
Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale Kai Chen,, Peng Wang, Yeonjoon Lee, XiaoFeng Wang, Nan Zhang, Heqing Huang, Wei Zou, Peng Liu Indiana University,
More informationModule 4: Access Control
Module 4: Access Control Dr. Natarajan Meghanathan Associate Professor of Computer Science Jackson State University, Jackson, MS 39232 E-mail: natarajan.meghanathan@jsums.edu Access Control In general,
More informationLaying a Secure Foundation for Mobile Devices. Stephen Smalley Trusted Systems Research National Security Agency
Laying a Secure Foundation for Mobile Devices Stephen Smalley Trusted Systems Research National Security Agency Trusted Systems Research Conduct and sponsor research to provide information assurance for
More informationIntroduction to application framework
Introduction to application framework for AGL Version 1.0 June 2016 Abstract This document presents the application framework created by IoT.bzh for AGL. Document revisions Date Version Designation Author
More informationCQ Beacon Android SDK V2.0.1
Copyright 2014 ConnectQuest, LLC 1 CQ Beacon Android SDK V2.0.1 Software Requirements: Android 4.3 or greater SDK Support Page: http://www.connectquest.com/app- developers/android- api/ The CQ SDK package
More informationLeaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
Leak Cauldron on the Dark Land: Understanding Memor Side-Channel Hazards in SGX 1,4 Wenhao Wang, 2 Guoxing Chen, 1 Xiaorui Pan, 2 Yinqian Zhang, 1 XiaoFeng Wang, 3 Vincent Bindschaedler, 1 Haixu Tang and
More informationAdvanced Systems Security: Ordinary Operating Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationSELinux. Daniel J Walsh SELinux Lead Engineer
SELinux Daniel J Walsh SELinux Lead Engineer 0 Day Exploits Patch Cycle Someone discovers a vulnerability in software Package Maintainer and OS Vendor Notified Fix generated/distributed Fix installed by
More informationComputer Security. 02r. Assignment 1 & Access Control Review. Paul Krzyzanowski David Domingo Ananya Jana. Rutgers University.
Computer Security 02r. Assignment 1 & Access Control Review Paul Krzyzanowski David Domingo Ananya Jana Rutgers University Spring 2019 Question 1 What three Internet-enabled vulnerability categories does
More informationCS 356 Lecture 7 Access Control. Spring 2013
CS 356 Lecture 7 Access Control Spring 2013 Review Chapter 1: Basic Concepts and Terminology Integrity, Confidentiality, Availability, Authentication, and Accountability Types of threats: active vs. passive,
More informationSecuring Android-Powered Mobile Devices Using SELinux
Securing Android-Powered Mobile Devices Using SELinux This paper appears in: Security & Privacy, IEEE Issue Date: May- June 2010 Volume: 8 Issue:3 On page(s): 36-44 Asaf Shabtai, Yuval Fledel, and Yuval
More informationThinking the Open Source way
Thinking the Open Source way Matt Jamison Sr. Gov t Solutions Architect MSgt, USAFR jamo@redhat.com Source code: #include int main (void) { printf("hello, world!\n"); return 0; } Binary code:
More informationRelease Notes Zebra MC33x NN- 00-A Release for Non-GMS
Release Notes Zebra MC33x 01-01-48-NN- 00-A Release for Non-GMS Introduction Description Zebra Value Adds Feature List Device Compatibility Component Contents Installation Requirements Installation Instructions
More information6.858 Quiz 2 Review. Android Security. Haogang Chen Nov 24, 2014
6.858 Quiz 2 Review Android Security Haogang Chen Nov 24, 2014 1 Security layers Layer Role Reference Monitor Mandatory Access Control (MAC) for RPC: enforce access control policy for shared resources
More informationThomas Lippert Principal Product Manager. Sophos Mobile. Spring 2017
Thomas Lippert Principal Product Manager Sophos Mobile Spring 2017 Market Overview Trends Security or data breaches involving mobile devices are on the rise More people use mobile devices for work than
More informationComputer Security. 04r. Pre-exam 1 Concept Review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 04r. Pre-exam 1 Concept Review Paul Krzyzanowski Rutgers University Spring 2018 February 15, 2018 CS 419 2018 Paul Krzyzanowski 1 Key ideas from the past four lectures February 15, 2018
More informationCSE Computer Security
CSE 543 - Computer Security Lecture 25 - Virtual machine security December 6, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ 1 Implementation and Results Experimental Platform Exact specification
More informationWhy Security Fails in Federated Systems
Why Security Fails in Federated Systems Dr. Clifford Neuman, Director USC Center for Computer Systems Security Information Sciences Institute University of Southern California CSSE Research Review University
More informationLecture 3 MOBILE PLATFORM SECURITY
Lecture 3 MOBILE PLATFORM SECURITY You will be learning: What techniques are used in mobile software platform security? What techniques are used in mobile hardware platform security? Is there a common
More informationKratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework
Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework Yuru Shao, Jason Ott, Qi Alfred Chen, Zhiyun Qian, Z. Morley Mao University of Michigan, University of California Riverside
More informationMobile Security 2013 Phenomenal Cosmic Power, Itty Bitty Living Space
Mobile Security 2013 Phenomenal Cosmic Power, Itty Bitty Living Space Joel Scambray Managing Principal, Cigital Software Confidence. Achieved. The Hype Mobile is huge Mobile is insecure What do we do?!?
More informationSecurity and privacy in your embedded systems
Security and privacy in your embedded systems Strong isolation of applications using Smack and Cynara José Bollo security at IoT.bzh jose.bollo@iot.bzh IoT.bzh Specialized on Embedded & IoT Contributing
More informationCSE543 - Computer and Network Security Module: Virtualization
CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 Operating System Quandary Q: What is the primary goal of system
More informationAccess Control/Capabili1es
Access Control/Capabili1es Some slides/ideas adapted from Ninghui Li 1 Why Computers are Vulnerable? Programs are buggy Humans make mistakes Access control is not good enough Discretionary Access Control
More informationFall 2014:: CSE 506:: Section 2 (PhD) Securing Linux. Hyungjoon Koo and Anke Li
Securing Linux Hyungjoon Koo and Anke Li Outline Overview Background: necessity & brief history Core concepts LSM (Linux Security Module) Requirements Design SELinux Key elements Security context: identity
More informationDeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices
DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Xueqiang Wang 1, Kun Sun 2, Yuewu Wang 1, Jiwu Jing 1 1 Institute of Information Engineering, CAS 2 College of William and Mary Mon,
More informationLink-OS SDK for Xamarin README
Link-OS SDK for Xamarin README This readme is specific to the LinkOS Xamarin SDK. This SDK is a Xamarin PCL in the plugin format. Also included in the files is a sample app showing use of specific APIs.
More informationSecurity Enhancements (SE) for Android on Freescale ARM i.mx6 platform
Security Enhancements (SE) for Android on Freescale ARM i.mx6 platform Martin SCHULTE-HOBEIN Supervisor, Field Application Engineer Embedded EMEA msh@digi.com Android Adoption 900 million Android device
More informationSecuring Institutional Data in a Mobile World
University of Wisconsin Madison Securing Institutional Data in a Mobile World July 13, 2017 Securing Institutional Data in a Mobile World / Agenda 01 What is a mobile device? 02 Protecting institutional
More informationART Demo Application for Mobile Phones
ART Demo Application for Mobile Phones User Manual for an ART Demo Mobile Application Amp ed RF Technology, Inc. This Manual details how to use our evaluation Android application for Bluetooth connectivity
More informationAdvanced Systems Security: Cloud Computing Security
Advanced Systems Security: Cloud Computing Security Trent Jaeger Penn State University Systems and Internet Infrastructure Security Laboratory (SIIS) 1 Cloudy Foundations Can customers move their services
More informationKick Start your Embedded Development with Qt
Kick Start your Embedded Development with Qt Increasing Return On Investment & shortening time-to-market Nils Christian Roscher-Nielsen Product Manager, The Qt Company Overview Problems facing Device Creators
More informationRelease Notes Zebra VC80x NN-00-A Release for AOSP. Introduction. Introduction. Description. Zebra Value Adds Feature List
Release Notes Zebra VC80x 01-01-48-NN-00-A Release for AOSP Introduction Description Zebra Value Adds Feature List Device Compatibility Component Contents Installation Requirements Installation Instructions
More informationSecurity Enhanced Linux
Security Enhanced Linux Security Group Meeting 29 November 2002 Steven J. Murdoch http://www.cl.cam.ac.uk/users/sjm217/ Computer Laboratory, University of Cambridge Copyright c Steven. J. Murdoch p.1 Summary
More informationForeScout Extended Module for MobileIron
Version 1.8 Table of Contents About MobileIron Integration... 4 Additional MobileIron Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...
More informationMicrosoft. MS-101 EXAM Microsoft 365 Mobility and Security. m/ Product: Demo File
Page No 1 https://www.dumpsplanet.com m/ Microsoft MS-101 EXAM Microsoft 365 Mobility and Security Product: Demo File For More Information: MS-101-dumps Question: 1 Your company uses Windows Defender Advanced
More informationPeter Henry Andersen Cisco SE Ib Hansen Cisco SE Tech Update 04 Maj Cisco and/or its affiliates. All rights reserved.
Peter Henry Andersen Cisco SE Ib Hansen Cisco SE Tech Update 04 Maj 2016 2013 Cisco and/or its affiliates. All rights reserved. Cisco Meraki Cloud - UPDATE Cisco Meraki MR Wireless LAN Cisco Meraki MX
More informationCSE543 - Computer and Network Security Module: Virtualization
CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 1 Operating System Quandary Q: What is the primary goal of
More informationUpdate on new Microsoft Cloud Technology
Update on new Microsoft Cloud Technology Azure Rights Management Services Thomas Collier Technical Pre-Sales D E V I C E S O F F I C E 3 6 5 C L O U D S E R V I C E S, S A A S A P P S & O N - P R E M I
More informationSecurity Enhanced Linux
Security Enhanced Linux Bengt Nolin beno9295@student.uu.se October 13, 2004 Abstract A very brief introduction to SELinux; what it is, what is does and a little about how it does it. 1 1 Background 1.1
More informationLINUX SECURITY PRIMER: SELINUX AND SMACK FRAMEWORKS KATHY TUFTO, PRODUCT MANAGER
LINUX SECURITY PRIMER: SELINUX AND SMACK FRAMEWORKS KATHY TUFTO, PRODUCT MANAGER E M B E D D E D S Y S T E M S W H I T E P A P E R w w w. m e n t o r. c o m INTRODUCTION With the proliferation of smart
More informationAbout us. How we help?
Go to Top About us Mobile Device Manager Plus is a mobile device management solution developed by ManageEngine. Mobile Device Manager Plus provides admins the power to perform device management from a
More informationAdvanced Systems Security: Principles
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationMobile Hacking & Security. Ir. Arthur Donkers & Ralph Moonen, ITSX
Mobile Hacking & Security Ir. Arthur Donkers & Ralph Moonen, ITSX Introduction Who we are: Ir. Arthur Donkers Ralph Moonen ITSX 2 Agenda Mobile Threats BYOD iphone and Android hacking 3 Threats Various:
More informationAirKey registration. Visit and click the AirKey registration button.
AirKey First steps AirKey registration Visit https://airkey.evva.com and click the AirKey registration button. Complete the fields in the form. Fields highlighted by * are mandatory fields. Please remember
More informationQt for Device Creation
Qt for Device Creation Speeding up ROI & Time-to-Market with Qt Andy Nichols Software Engineer, Qt R&D, Oslo Overview Problems facing Device Creators How Qt for Device Creation addresses those Problems
More informationPractical DIFC Enforcement on Android
Practical DIFC Enforcement on Android Adwait Nadkarni 1, Benjamin Andow 1, William Enck 1, Somesh Jha 2 1 North Carolina State University 2 University of Wisconsin-Madison The new Modern Operating Systems
More informationAutomatic trust based segregation for mobile devices
The Interdisciplinary Center, Herzlia Efi Arazi School of Computer Science Automatic trust based segregation for mobile devices M.Sc. Dissertation Submitted in Partial Fulfillment of the Requirements for
More informationImplementing Your BYOD Mobility Strategy An IT Checklist and Guide
Implementing Your BYOD Mobility Strategy An IT Checklist and Guide 2012 Enterproid IBYOD: 120221 Content 1. Overview... 1 2. The BYOD Checklist... 1 2.1 Application Choice... 1 2.2 Installation and Configuration...
More informationTechnical Evaluation Best Practices Guide
Technical Evaluation Best Practices Guide How to test enterprise mobile security deployment, device monitoring, threat detection, and support TABLE OF CONTENTS STEP 1 Testing app deployment STEP 2 Testing
More informationExclusive Selling Mobility with Security
Exclusive Selling Mobility with Security Click to edit Master title style Selling Security with Mobility CompTIA IT Security Buying Guide Exclusive Executive Certificate in Security Sales Quick Start to
More information2013 InterWorks, Page 1
2013 InterWorks, Page 1 The BYOD Phenomenon 68% of devices used by information workers to access business applications are ones they own themselves, including laptops, smartphones, and tablets. IT organizations
More informationPERSPECTIVE. Enterprise mobile management a need or an option? Payal Patel, Jagdish Vasishtha (Jags)
PERSPECTIVE Enterprise mobile management a need or an option? Payal Patel, Jagdish Vasishtha (Jags) Even as native platforms are growing tighter with security features, the enterprise mobile management
More informationPASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year
PASS4TEST \ http://www.pass4test.com We offer free update service for one year Exam : ACE Title : Accredited Configuration Engineer (ACE) PANOS 8.0 Version Vendor : Palo Alto Networks Version : DEMO Get
More informationFine-Grain NBAR for Selective Applications
By default NBAR operates in the fine-grain mode, offering NBAR's full application recognition capabilities. Used when per-packet reporting is required, fine-grain mode offers a troubleshooting advantage.
More informationReflex 2.0. Frequently Asked Clarifications. Version 1
Reflex 2.0 Frequently Asked Clarifications This document covers various scenarios, where the End user may face issues with Reflex band while connecting with the Reflex app, or may seek clarifications on
More informationVMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch
VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch Multiple AirWatch versions Have documentation feedback? Submit a Documentation Feedback
More informationFinding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces
Collin Mulliner Independent Security Researcher Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces Twitter: @collinrm KiwiCon 2016 Graphical User Interfaces (GUIs) Because
More informationBT LE RN4020 USB Dongle Datasheet
BT LE RN4020 USB Dongle Datasheet Introduction BT LE RN4020 Dongle is a USB Stick type device build around Microchip s RN4020 module which provides a fully command based interface to manage the module.
More informationIntroduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria
Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria Evaluation: assessing whether a product has the security properties claimed for it. Certification: assessing whether a
More information2015 Mobiliya. All Rights Reserved Page 2
Contents About this Guide... 3 Getting Started... 3 About Mobiliya Shoonya... 3 Key Features... 3 Add-on Features... 4 1. Sign In... 5 2. Admin Dashboard... 6 1. Licenses... 6 2. Users... 7 3. Devices...
More informationSELinux. Don Porter CSE 506
SELinux Don Porter CSE 506 MAC vs. DAC By default, Unix/Linux provides Discretionary Access Control The user (subject) has discretion to set security policies (or not) Example: I may chmod o+a the file
More informationMobileIron Quick Installation Guide
For Goose Workforce Management System Copyright 2018 FieldLogix 1 By FieldLogix Version 1.0.2 February 2018 Copyright 2018 FieldLogix Permission is granted to copy, distribute and/or modify this document
More informationModule: Operating System Security. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security
CSE543 - Introduction to Computer and Network Security Module: Operating System Security Professor Trent Jaeger 1 OS Security So, you have built an operating system that enables user-space processes to
More informationOperating Instructions
Compact Audio System Operating Instructions CAS-1 Table of contents What s in the box 4 Set up 6 Connection 8 Playback 12 Unique playback of Walkman and smartphone 25 Part Names 26 Refer to the supplied
More informationA new Distributed Security Model for Linux Clusters
A new Distributed Security Model for Linux Clusters Makan.Pourzandi@Ericsson.Com Open Systems Lab Montréal Canada June, 2004 Rev PA1 07/05/04 1 Outline Context Distributed Security Distributed Access Control
More informationForeScout Extended Module for VMware AirWatch MDM
ForeScout Extended Module for VMware AirWatch MDM Version 1.7.2 Table of Contents About the AirWatch MDM Integration... 4 Additional AirWatch Documentation... 4 About this Module... 4 How it Works... 5
More informationSELinux Protected Paths Revisited
SELinux Protected Paths Revisited Trent Jaeger Department of Computer Science and Engineering Pennsylvania State University March 1, 2006 1 Talk Topics Mechanism for MAC enforcement between 2 machines
More informationFinding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces
Northeastern University Systems Security Lab Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces Black Hat USA 2014 Collin Mulliner crm[at]ccs.neu.edu About Researcher at
More informationDELDroid: Determination & Enforcement of Least Privilege Architecture in AnDroid
DELDroid: Determination & Enforcement of Least Privilege Architecture in AnDroid Mahmoud Hammad Software Engineering Ph.D. Candidate Mahmoud Hammad, Hamid Bagheri, and Sam Malek IEEE International Conference
More informationCopyright Samsung Electronics Co., Ltd. All rights reserved.
Contents Copyright 2014 Samsung Electronics Co., Ltd. All rights reserved. It is subject to Apache License, Version 2.0 (hereinafter referred to as the "License"). You may not use this file except in compliance
More informationThe Mobile Risk Management Company. Overview of Fixmo and Mobile Risk Management (MRM) Solutions
The Mobile Risk Management Company Overview of Fixmo and Mobile Risk Management (MRM) Solutions Company Proprietary Information Copyright Fixmo Inc., 2012 Introduction to Fixmo Founded on a simple idea:
More information2016 BITGLASS, INC. mobile. solution brief
mobile solution brief BYOD Security has been a constant challenge for many enterprises. Stories of failed MDM deployments are rampant, with firms struggling achieve meaningful adoption. According to the
More informationGlobalPlatform Trusted Execution Environment (TEE) for Mobile
GlobalPlatform Trusted Execution Environment (TEE) for Mobile Kevin Gillick Executive Director, GlobalPlatform @GlobalPlatform_ www.linkedin.com/company/globalplatform GlobalPlatform Overview GlobalPlatform
More informationHPE Intelligent Management Center
HPE Intelligent Management Center EAD Security Policy Administrator Guide Abstract This guide contains comprehensive information for network administrators, engineers, and operators working with the TAM
More informationEnterprise Mobility Management: completing the EMM story
Enterprise Mobility Management: completing the EMM story Contents BYOD & EMM 3 Enterprise Mobility Management what is it? 4 Accessing corporate systems, apps 5 and data with EMM Apps in the container 6
More informationForeScout Extended Module for MaaS360
Version 1.8 Table of Contents About MaaS360 Integration... 4 Additional ForeScout MDM Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...
More informationMobile Devices prioritize User Experience
Mobile Security 1 Uniqueness of Mobile Mobile Devices are Shared More Often Mobile Devices are Used in More Locations Mobile Devices prioritize User Experience Mobile Devices have multiple personas Mobile
More informationUser manual for AirWatch enrollment - Android. Enable your mobile device to access Corporate resources.
User manual for AirWatch enrollment - Android Enable your mobile device to access Corporate resources. Introduction to the AirWatch agent enrollment. This manual, describe, how you can install the AirWatch
More informationVMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch
VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch Multiple AirWatch versions Have documentation feedback? Submit a Documentation Feedback
More informationEnforcing Multiple Security Policies for Android System*
2nd International Symposium on Computer, Communication, Control and Automation (3CA 2013) Enforcing Multiple Security Policies for System* Tao Guo guotao@itsec.gov.cn Puhan Zhang zhangph2008@gmail.com
More informationMobile App Security and Malware in Mobile Platform
Mobile App Security and Malware in Mobile Platform Siupan Chan Sales Engineering Manager, Greater China 23 September, 2016 The Mobile Security Epidemic 2 A Radical Shift is Occurring When will your organization
More informationSmartAuth: User-Centered Authorization for the Internet of Things
SmartAuth: User-Centered Authorization for the Internet of Things Yuan Tian, Nan Zhang, Yueh-Hsun Lin, XiaoFeng Wang, Blase Ur, XianZheng Guo and Patrick Tague University, Indiana University Bloomington,
More informationWeek 10 Part A MIS 5214
Week 10 Part A MIS 5214 Agenda Project Authentication Biometrics Access Control Models (DAC Part A) Access Control Techniques Centralized Remote Access Control Technologies Project assignment You and your
More informationCopyright Samsung Electronics Co., Ltd. All rights reserved.
CONTENTS Copyright 2014 Samsung Electronics Co., Ltd. All rights reserved. It is subject to Apache License, Version 2.0 (hereinafter referred to as the "License"). You may not use this file except in compliance
More informationDiscretionary Vs. Mandatory
Discretionary Vs. Mandatory Discretionary access controls (DAC) Privilege propagated from one subject to another Possession of an access right is sufficient to access the object Mandatory access controls
More informationMobility Simplifying, Strengthening, and Streamlining Mobile Security
What s New In Mobility 11.50 Mobility 11.50 Simplifying, Strengthening, and Streamlining Mobile Security Summary Counter evolving threats to your mobile deployment with new dynamic policies Domain Names:
More informationX.org security. Recap, vulnerabilities, attacks and discussions on the graphic stack s security. Martin Peres & Timothée Ravier
X.org security Recap, vulnerabilities, attacks and discussions on the graphic stack s security Martin Peres & Timothée Ravier Ph.D. student at LaBRI, System security engineer September 19 21, 2012 Disclaimer
More information