What s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources
Size: px
Start display at page:

Download "What s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources"

Transcription

1 What s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources Soteris Demetriou, Xiaoyong Zhou, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang, Carl A. Gunter University of Illinois at Urbana-Champaign Indiana University, Bloomington ordered alphabetically

2 Bank

3 Channels of communication Internet Bluetooth SMS Audio NFC Bank

4 Channels of communication Internet Bluetooth These channels often carry sensitive information SMS Audio NFC Bank

5 Channel Use INTERNET 1.695E+06 BLUETOOTH 3.311E+06 Permission NFC AUDIO 8.218E E+07 SMS 6.038E+06 0E E E+06 8E E E E+07 Average #downloads

6 Channel Use INTERNET 1.695E+06 Permission BLUETOOTH NFC AUDIO 3.311E+06 Apps that make use of these channels are popular 8.218E E+07 SMS 6.038E+06 0E E E+06 8E E E E+07 Average #downloads

7 Problem Statement Mis-bonding

8 Approach

9 Approach OS-level Access Control: flexible and uniform Permissions: user DAC SELinux: admin MAC

10 Approach OS-level Access Control: flexible and uniform Permissions: user DAC coarse-grained VS permission bloat SELinux: admin MAC

11 SELinux

12 SELinux Vendor / Admin Policies: User Policies: BYOD Mobile App Management (MAM) Mobile Device Management (MDM) Personal Resource Management DAC MAC

13 SEACAT Security Enhanced Android Channel Access Control

14 SEACAT Overview Policy Manager DAC Policy Manager Service APP Fast Resource-Type Cache BT stack AVC DAC MAC Policy Module

15 SELinux rule allow trusted_app my_file:file read_write Domain Type Class Access Vector

16 Assigning Apps to Domains allow trusted_app my_file:file read_write

17 Policy Manager DAC Policy Manager Service Package Manager AVC DAC MAC Policy Module

18 Policy Manager DAC Policy Manager Service Package Manager AVC DAC MAC Policy Module

19 Assigning External Resources to Types allow trusted_app my_file:file read_write

20 Policy Manager DAC Policy Manager Service Fast Resource-Type Cache Bluetooth AVC DAC MAC Policy Module

21 Policy Manager DAC Policy Manager Service Fast Resource-Type Cache Bluetooth AVC DAC MAC Policy Module

22 SEACAT rule

23 SELinux rule allow trusted_app my_file:file read_write Domain Type Class Access Vector SEACAT rule allow trusted_app bt_dev1:btacc connect

24 Enforcing the policies

25 SEACAT Enforcement Policy Manager DAC Policy Manager Service BT stack Fast Resource-Type Cache AVC DAC MAC Policy Module

26 Evaluation

27 Effectiveness Evaluation KNOWN THREATS Bluetooth Mis-bonding attack Unauthorized adb-based screenshots Unauthorized read of an SMS message Unauthorized access to audio device Unauthorized read of an NFC device s contents demonstrated in related work

28 Performance Evaluation (DAC Labeling) install app BT pair dispatch Tag Audio connect AOSP SEACAT

29 Performance Evaluation (enforcement) SMS filter (10) SMS process msg dispatch Tag dispatchtag (foreground) start Recording writendefmessage AOSP SEACAT

30 Summary

31 Summary Protection of Android external resources MAC for vendors and admins DAC for users Backward compatible Effective and efficient B

32 Summary Protection of Android external resources MAC for vendors and admins DAC for users Backward compatible Effective and efficient B

33 Thank You! VIDEO DEMOS: sites.google.com/ site/seacatchannelcontrol

Similar documents

What s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources

What s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources What s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources Soteris Demetriou *, Xiaoyong Zhou *, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang,

More information

Resolving the Predicament of Android Custom Permissions

Resolving the Predicament of Android Custom Permissions Resolving the Predicament of Android Custom Permissions Güliz Seray Tuncay, Soteris Demetriou, Karan Ganju, Carl A. Gunter University of Illinois at Urbana - Champaign #NDSS18 Install-time Permissions

More information

c 2014 Soteris Demetriou

c 2014 Soteris Demetriou c 2014 Soteris Demetriou ANDROID AT RISK: CURRENT THREATS STEMMING FROM UNPROTECTED LOCAL AND EXTERNAL RESOURCES BY SOTERIS DEMETRIOU THESIS Submitted in partial fulfillment of the requirements for the

More information

Exploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android

Exploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android S C I E N C E P A S S I O N T E C H N O L O G Y Exploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android Raphael Spreitzer, Simone Griesmayr, Thomas Korak, and Stefan Mangard IAIK,

More information

Middleware MAC for Android. Stephen Smalley Trusted Systems Research National Security Agency

Middleware MAC for Android. Stephen Smalley Trusted Systems Research National Security Agency Middleware MAC for Android Stephen Smalley Trusted Systems Research National Security Agency Motivation Many attacks on Android can occur entirely at the middleware layer. Not directly visible to kernel

More information

The Case for Security Enhanced (SE) Android. Stephen Smalley Trusted Systems Research National Security Agency

The Case for Security Enhanced (SE) Android. Stephen Smalley Trusted Systems Research National Security Agency The Case for Security Enhanced (SE) Android Stephen Smalley Trusted Systems Research National Security Agency Background / Motivation Increasing desire to use mobile devices throughout the US government.

More information

Mandatory Access Control for the Android Dalvik VM

Mandatory Access Control for the Android Dalvik VM Mandatory Access Control for the Android Dalvik VM ESOS 13 Aline Bousquet, Jérémy Briffaut, Laurent Clevy, Christian Toinard, Benjamin Venelle June 25, 2013 Esos 13 Mandatory Access Control for the Android

More information

GIANT PRO. User Guide STD_REV1.0

GIANT PRO. User Guide STD_REV1.0 GIANT PRO User Guide STD_REV1.0 Contents 1. Intro 2. Device Settings 3. Error Check 4. Maintenance Report 5. NFC Tag Setting 6. Smart WiFi Link 7. Bluetooth Pairing 8. Smart Coupon 9. e-receipt 3 6 9 10

More information

Ch 1: The Mobile Risk Ecosystem. CNIT 128: Hacking Mobile Devices. Updated

Ch 1: The Mobile Risk Ecosystem. CNIT 128: Hacking Mobile Devices. Updated Ch 1: The Mobile Risk Ecosystem CNIT 128: Hacking Mobile Devices Updated 1-12-16 The Mobile Ecosystem Popularity of Mobile Devices Insecurity of Mobile Devices The Mobile Risk Model Mobile Network Architecture

More information

Application Virtualization and Desktop Security

Application Virtualization and Desktop Security Application Virtualization and Desktop Security Karl MacMillan kmacmillan@tresys.com Tresys Technology 1 Application Virtualization Introduction Encapsulates a single application Bundles application into

More information

Free for All! Assessing User Data Exposure to Advertising Libraries on Android

Free for All! Assessing User Data Exposure to Advertising Libraries on Android Free for All! Assessing User Data Exposure to Advertising Libraries on Android Soteris Demetriou, Whitney Merrill, Wei Yang, Aston Zhang, Carl Gunter University of Illinois at Urbana - Champaign Approach

More information

2 Lecture Embedded System Security A.-R. Darmstadt, Android Security Extensions

2 Lecture Embedded System Security A.-R. Darmstadt, Android Security Extensions 2 Lecture Embedded System Security A.-R. Sadeghi, @TU Darmstadt, 2011-2014 Android Security Extensions App A Perm. P 1 App B Perm. P 2 Perm. P 3 Kirin [2009] Reference Monitor Prevents the installation

More information

Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale

Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale Kai Chen,, Peng Wang, Yeonjoon Lee, XiaoFeng Wang, Nan Zhang, Heqing Huang, Wei Zou, Peng Liu Indiana University,

More information

Module 4: Access Control

Module 4: Access Control Module 4: Access Control Dr. Natarajan Meghanathan Associate Professor of Computer Science Jackson State University, Jackson, MS 39232 E-mail: natarajan.meghanathan@jsums.edu Access Control In general,

More information

Laying a Secure Foundation for Mobile Devices. Stephen Smalley Trusted Systems Research National Security Agency

Laying a Secure Foundation for Mobile Devices. Stephen Smalley Trusted Systems Research National Security Agency Laying a Secure Foundation for Mobile Devices Stephen Smalley Trusted Systems Research National Security Agency Trusted Systems Research Conduct and sponsor research to provide information assurance for

More information

Introduction to application framework

Introduction to application framework Introduction to application framework for AGL Version 1.0 June 2016 Abstract This document presents the application framework created by IoT.bzh for AGL. Document revisions Date Version Designation Author

More information

CQ Beacon Android SDK V2.0.1

CQ Beacon Android SDK V2.0.1 Copyright 2014 ConnectQuest, LLC 1 CQ Beacon Android SDK V2.0.1 Software Requirements: Android 4.3 or greater SDK Support Page: http://www.connectquest.com/app- developers/android- api/ The CQ SDK package

More information

Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX

Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX Leak Cauldron on the Dark Land: Understanding Memor Side-Channel Hazards in SGX 1,4 Wenhao Wang, 2 Guoxing Chen, 1 Xiaorui Pan, 2 Yinqian Zhang, 1 XiaoFeng Wang, 3 Vincent Bindschaedler, 1 Haixu Tang and

More information

Advanced Systems Security: Ordinary Operating Systems

Advanced Systems Security: Ordinary Operating Systems Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:

More information

SELinux. Daniel J Walsh SELinux Lead Engineer

SELinux. Daniel J Walsh SELinux Lead Engineer SELinux Daniel J Walsh SELinux Lead Engineer 0 Day Exploits Patch Cycle Someone discovers a vulnerability in software Package Maintainer and OS Vendor Notified Fix generated/distributed Fix installed by

More information

Computer Security. 02r. Assignment 1 & Access Control Review. Paul Krzyzanowski David Domingo Ananya Jana. Rutgers University.

Computer Security. 02r. Assignment 1 & Access Control Review. Paul Krzyzanowski David Domingo Ananya Jana. Rutgers University. Computer Security 02r. Assignment 1 & Access Control Review Paul Krzyzanowski David Domingo Ananya Jana Rutgers University Spring 2019 Question 1 What three Internet-enabled vulnerability categories does

More information

CS 356 Lecture 7 Access Control. Spring 2013

CS 356 Lecture 7 Access Control. Spring 2013 CS 356 Lecture 7 Access Control Spring 2013 Review Chapter 1: Basic Concepts and Terminology Integrity, Confidentiality, Availability, Authentication, and Accountability Types of threats: active vs. passive,

More information

Securing Android-Powered Mobile Devices Using SELinux

Securing Android-Powered Mobile Devices Using SELinux Securing Android-Powered Mobile Devices Using SELinux This paper appears in: Security & Privacy, IEEE Issue Date: May- June 2010 Volume: 8 Issue:3 On page(s): 36-44 Asaf Shabtai, Yuval Fledel, and Yuval

More information

Thinking the Open Source way

Thinking the Open Source way Thinking the Open Source way Matt Jamison Sr. Gov t Solutions Architect MSgt, USAFR jamo@redhat.com Source code: #include int main (void) { printf("hello, world!\n"); return 0; } Binary code:

More information

Release Notes Zebra MC33x NN- 00-A Release for Non-GMS

Release Notes Zebra MC33x NN- 00-A Release for Non-GMS Release Notes Zebra MC33x 01-01-48-NN- 00-A Release for Non-GMS Introduction Description Zebra Value Adds Feature List Device Compatibility Component Contents Installation Requirements Installation Instructions

More information

6.858 Quiz 2 Review. Android Security. Haogang Chen Nov 24, 2014

6.858 Quiz 2 Review. Android Security. Haogang Chen Nov 24, 2014 6.858 Quiz 2 Review Android Security Haogang Chen Nov 24, 2014 1 Security layers Layer Role Reference Monitor Mandatory Access Control (MAC) for RPC: enforce access control policy for shared resources

More information

Thomas Lippert Principal Product Manager. Sophos Mobile. Spring 2017

Thomas Lippert Principal Product Manager. Sophos Mobile. Spring 2017 Thomas Lippert Principal Product Manager Sophos Mobile Spring 2017 Market Overview Trends Security or data breaches involving mobile devices are on the rise More people use mobile devices for work than

More information

Computer Security. 04r. Pre-exam 1 Concept Review. Paul Krzyzanowski. Rutgers University. Spring 2018

Computer Security. 04r. Pre-exam 1 Concept Review. Paul Krzyzanowski. Rutgers University. Spring 2018 Computer Security 04r. Pre-exam 1 Concept Review Paul Krzyzanowski Rutgers University Spring 2018 February 15, 2018 CS 419 2018 Paul Krzyzanowski 1 Key ideas from the past four lectures February 15, 2018

More information

CSE Computer Security

CSE Computer Security CSE 543 - Computer Security Lecture 25 - Virtual machine security December 6, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ 1 Implementation and Results Experimental Platform Exact specification

More information

Why Security Fails in Federated Systems

Why Security Fails in Federated Systems Why Security Fails in Federated Systems Dr. Clifford Neuman, Director USC Center for Computer Systems Security Information Sciences Institute University of Southern California CSSE Research Review University

More information

Lecture 3 MOBILE PLATFORM SECURITY

Lecture 3 MOBILE PLATFORM SECURITY Lecture 3 MOBILE PLATFORM SECURITY You will be learning: What techniques are used in mobile software platform security? What techniques are used in mobile hardware platform security? Is there a common

More information

Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework

Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework Yuru Shao, Jason Ott, Qi Alfred Chen, Zhiyun Qian, Z. Morley Mao University of Michigan, University of California Riverside

More information

Mobile Security 2013 Phenomenal Cosmic Power, Itty Bitty Living Space

Mobile Security 2013 Phenomenal Cosmic Power, Itty Bitty Living Space Mobile Security 2013 Phenomenal Cosmic Power, Itty Bitty Living Space Joel Scambray Managing Principal, Cigital Software Confidence. Achieved. The Hype Mobile is huge Mobile is insecure What do we do?!?

More information

Security and privacy in your embedded systems

Security and privacy in your embedded systems Security and privacy in your embedded systems Strong isolation of applications using Smack and Cynara José Bollo security at IoT.bzh jose.bollo@iot.bzh IoT.bzh Specialized on Embedded & IoT Contributing

More information

CSE543 - Computer and Network Security Module: Virtualization

CSE543 - Computer and Network Security Module: Virtualization CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 Operating System Quandary Q: What is the primary goal of system

More information

Access Control/Capabili1es

Access Control/Capabili1es Access Control/Capabili1es Some slides/ideas adapted from Ninghui Li 1 Why Computers are Vulnerable? Programs are buggy Humans make mistakes Access control is not good enough Discretionary Access Control

More information

Fall 2014:: CSE 506:: Section 2 (PhD) Securing Linux. Hyungjoon Koo and Anke Li

Fall 2014:: CSE 506:: Section 2 (PhD) Securing Linux. Hyungjoon Koo and Anke Li Securing Linux Hyungjoon Koo and Anke Li Outline Overview Background: necessity & brief history Core concepts LSM (Linux Security Module) Requirements Design SELinux Key elements Security context: identity

More information

DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices

DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Xueqiang Wang 1, Kun Sun 2, Yuewu Wang 1, Jiwu Jing 1 1 Institute of Information Engineering, CAS 2 College of William and Mary Mon,

More information

Link-OS SDK for Xamarin README

Link-OS SDK for Xamarin README Link-OS SDK for Xamarin README This readme is specific to the LinkOS Xamarin SDK. This SDK is a Xamarin PCL in the plugin format. Also included in the files is a sample app showing use of specific APIs.

More information

Security Enhancements (SE) for Android on Freescale ARM i.mx6 platform

Security Enhancements (SE) for Android on Freescale ARM i.mx6 platform Security Enhancements (SE) for Android on Freescale ARM i.mx6 platform Martin SCHULTE-HOBEIN Supervisor, Field Application Engineer Embedded EMEA msh@digi.com Android Adoption 900 million Android device

More information

Securing Institutional Data in a Mobile World

Securing Institutional Data in a Mobile World University of Wisconsin Madison Securing Institutional Data in a Mobile World July 13, 2017 Securing Institutional Data in a Mobile World / Agenda 01 What is a mobile device? 02 Protecting institutional

More information

ART Demo Application for Mobile Phones

ART Demo Application for Mobile Phones ART Demo Application for Mobile Phones User Manual for an ART Demo Mobile Application Amp ed RF Technology, Inc. This Manual details how to use our evaluation Android application for Bluetooth connectivity

More information

Advanced Systems Security: Cloud Computing Security

Advanced Systems Security: Cloud Computing Security Advanced Systems Security: Cloud Computing Security Trent Jaeger Penn State University Systems and Internet Infrastructure Security Laboratory (SIIS) 1 Cloudy Foundations Can customers move their services

More information

Kick Start your Embedded Development with Qt

Kick Start your Embedded Development with Qt Kick Start your Embedded Development with Qt Increasing Return On Investment & shortening time-to-market Nils Christian Roscher-Nielsen Product Manager, The Qt Company Overview Problems facing Device Creators

More information

Release Notes Zebra VC80x NN-00-A Release for AOSP. Introduction. Introduction. Description. Zebra Value Adds Feature List

Release Notes Zebra VC80x NN-00-A Release for AOSP. Introduction. Introduction. Description. Zebra Value Adds Feature List Release Notes Zebra VC80x 01-01-48-NN-00-A Release for AOSP Introduction Description Zebra Value Adds Feature List Device Compatibility Component Contents Installation Requirements Installation Instructions

More information

Security Enhanced Linux

Security Enhanced Linux Security Enhanced Linux Security Group Meeting 29 November 2002 Steven J. Murdoch http://www.cl.cam.ac.uk/users/sjm217/ Computer Laboratory, University of Cambridge Copyright c Steven. J. Murdoch p.1 Summary

More information

ForeScout Extended Module for MobileIron

ForeScout Extended Module for MobileIron Version 1.8 Table of Contents About MobileIron Integration... 4 Additional MobileIron Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...

More information

Microsoft. MS-101 EXAM Microsoft 365 Mobility and Security. m/ Product: Demo File

Microsoft. MS-101 EXAM Microsoft 365 Mobility and Security. m/ Product: Demo File Page No 1 https://www.dumpsplanet.com m/ Microsoft MS-101 EXAM Microsoft 365 Mobility and Security Product: Demo File For More Information: MS-101-dumps Question: 1 Your company uses Windows Defender Advanced

More information

Peter Henry Andersen Cisco SE Ib Hansen Cisco SE Tech Update 04 Maj Cisco and/or its affiliates. All rights reserved.

Peter Henry Andersen Cisco SE Ib Hansen Cisco SE Tech Update 04 Maj Cisco and/or its affiliates. All rights reserved. Peter Henry Andersen Cisco SE Ib Hansen Cisco SE Tech Update 04 Maj 2016 2013 Cisco and/or its affiliates. All rights reserved. Cisco Meraki Cloud - UPDATE Cisco Meraki MR Wireless LAN Cisco Meraki MX

More information

CSE543 - Computer and Network Security Module: Virtualization

CSE543 - Computer and Network Security Module: Virtualization CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 1 Operating System Quandary Q: What is the primary goal of

More information

Update on new Microsoft Cloud Technology

Update on new Microsoft Cloud Technology Update on new Microsoft Cloud Technology Azure Rights Management Services Thomas Collier Technical Pre-Sales D E V I C E S O F F I C E 3 6 5 C L O U D S E R V I C E S, S A A S A P P S & O N - P R E M I

More information

Security Enhanced Linux

Security Enhanced Linux Security Enhanced Linux Bengt Nolin beno9295@student.uu.se October 13, 2004 Abstract A very brief introduction to SELinux; what it is, what is does and a little about how it does it. 1 1 Background 1.1

More information

LINUX SECURITY PRIMER: SELINUX AND SMACK FRAMEWORKS KATHY TUFTO, PRODUCT MANAGER

LINUX SECURITY PRIMER: SELINUX AND SMACK FRAMEWORKS KATHY TUFTO, PRODUCT MANAGER LINUX SECURITY PRIMER: SELINUX AND SMACK FRAMEWORKS KATHY TUFTO, PRODUCT MANAGER E M B E D D E D S Y S T E M S W H I T E P A P E R w w w. m e n t o r. c o m INTRODUCTION With the proliferation of smart

More information

About us. How we help?

About us. How we help? Go to Top About us Mobile Device Manager Plus is a mobile device management solution developed by ManageEngine. Mobile Device Manager Plus provides admins the power to perform device management from a

More information

Advanced Systems Security: Principles

Advanced Systems Security: Principles Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:

More information

Mobile Hacking & Security. Ir. Arthur Donkers & Ralph Moonen, ITSX

Mobile Hacking & Security. Ir. Arthur Donkers & Ralph Moonen, ITSX Mobile Hacking & Security Ir. Arthur Donkers & Ralph Moonen, ITSX Introduction Who we are: Ir. Arthur Donkers Ralph Moonen ITSX 2 Agenda Mobile Threats BYOD iphone and Android hacking 3 Threats Various:

More information

AirKey registration. Visit and click the AirKey registration button.

AirKey registration. Visit and click the AirKey registration button. AirKey First steps AirKey registration Visit https://airkey.evva.com and click the AirKey registration button. Complete the fields in the form. Fields highlighted by * are mandatory fields. Please remember

More information

Qt for Device Creation

Qt for Device Creation Qt for Device Creation Speeding up ROI & Time-to-Market with Qt Andy Nichols Software Engineer, Qt R&D, Oslo Overview Problems facing Device Creators How Qt for Device Creation addresses those Problems

More information

Practical DIFC Enforcement on Android

Practical DIFC Enforcement on Android Practical DIFC Enforcement on Android Adwait Nadkarni 1, Benjamin Andow 1, William Enck 1, Somesh Jha 2 1 North Carolina State University 2 University of Wisconsin-Madison The new Modern Operating Systems

More information

Automatic trust based segregation for mobile devices

Automatic trust based segregation for mobile devices The Interdisciplinary Center, Herzlia Efi Arazi School of Computer Science Automatic trust based segregation for mobile devices M.Sc. Dissertation Submitted in Partial Fulfillment of the Requirements for

More information

Implementing Your BYOD Mobility Strategy An IT Checklist and Guide

Implementing Your BYOD Mobility Strategy An IT Checklist and Guide Implementing Your BYOD Mobility Strategy An IT Checklist and Guide 2012 Enterproid IBYOD: 120221 Content 1. Overview... 1 2. The BYOD Checklist... 1 2.1 Application Choice... 1 2.2 Installation and Configuration...

More information

Technical Evaluation Best Practices Guide

Technical Evaluation Best Practices Guide Technical Evaluation Best Practices Guide How to test enterprise mobile security deployment, device monitoring, threat detection, and support TABLE OF CONTENTS STEP 1 Testing app deployment STEP 2 Testing

More information

Exclusive Selling Mobility with Security

Exclusive Selling Mobility with Security Exclusive Selling Mobility with Security Click to edit Master title style Selling Security with Mobility CompTIA IT Security Buying Guide Exclusive Executive Certificate in Security Sales Quick Start to

More information

2013 InterWorks, Page 1

2013 InterWorks, Page 1 2013 InterWorks, Page 1 The BYOD Phenomenon 68% of devices used by information workers to access business applications are ones they own themselves, including laptops, smartphones, and tablets. IT organizations

More information

PERSPECTIVE. Enterprise mobile management a need or an option? Payal Patel, Jagdish Vasishtha (Jags)

PERSPECTIVE. Enterprise mobile management a need or an option? Payal Patel, Jagdish Vasishtha (Jags) PERSPECTIVE Enterprise mobile management a need or an option? Payal Patel, Jagdish Vasishtha (Jags) Even as native platforms are growing tighter with security features, the enterprise mobile management

More information

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year PASS4TEST \ http://www.pass4test.com We offer free update service for one year Exam : ACE Title : Accredited Configuration Engineer (ACE) PANOS 8.0 Version Vendor : Palo Alto Networks Version : DEMO Get

More information

Fine-Grain NBAR for Selective Applications

Fine-Grain NBAR for Selective Applications By default NBAR operates in the fine-grain mode, offering NBAR's full application recognition capabilities. Used when per-packet reporting is required, fine-grain mode offers a troubleshooting advantage.

More information

Reflex 2.0. Frequently Asked Clarifications. Version 1

Reflex 2.0. Frequently Asked Clarifications. Version 1 Reflex 2.0 Frequently Asked Clarifications This document covers various scenarios, where the End user may face issues with Reflex band while connecting with the Reflex app, or may seek clarifications on

More information

VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch

VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch Multiple AirWatch versions Have documentation feedback? Submit a Documentation Feedback

More information

Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces

Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces Collin Mulliner Independent Security Researcher Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces Twitter: @collinrm KiwiCon 2016 Graphical User Interfaces (GUIs) Because

More information

BT LE RN4020 USB Dongle Datasheet

BT LE RN4020 USB Dongle Datasheet BT LE RN4020 USB Dongle Datasheet Introduction BT LE RN4020 Dongle is a USB Stick type device build around Microchip s RN4020 module which provides a fully command based interface to manage the module.

More information

Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria

Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria Evaluation: assessing whether a product has the security properties claimed for it. Certification: assessing whether a

More information

2015 Mobiliya. All Rights Reserved Page 2

2015 Mobiliya. All Rights Reserved Page 2 Contents About this Guide... 3 Getting Started... 3 About Mobiliya Shoonya... 3 Key Features... 3 Add-on Features... 4 1. Sign In... 5 2. Admin Dashboard... 6 1. Licenses... 6 2. Users... 7 3. Devices...

More information

SELinux. Don Porter CSE 506

SELinux. Don Porter CSE 506 SELinux Don Porter CSE 506 MAC vs. DAC By default, Unix/Linux provides Discretionary Access Control The user (subject) has discretion to set security policies (or not) Example: I may chmod o+a the file

More information

MobileIron Quick Installation Guide

MobileIron Quick Installation Guide For Goose Workforce Management System Copyright 2018 FieldLogix 1 By FieldLogix Version 1.0.2 February 2018 Copyright 2018 FieldLogix Permission is granted to copy, distribute and/or modify this document

More information

Module: Operating System Security. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security

Module: Operating System Security. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security CSE543 - Introduction to Computer and Network Security Module: Operating System Security Professor Trent Jaeger 1 OS Security So, you have built an operating system that enables user-space processes to

More information

Operating Instructions

Operating Instructions Compact Audio System Operating Instructions CAS-1 Table of contents What s in the box 4 Set up 6 Connection 8 Playback 12 Unique playback of Walkman and smartphone 25 Part Names 26 Refer to the supplied

More information

A new Distributed Security Model for Linux Clusters

A new Distributed Security Model for Linux Clusters A new Distributed Security Model for Linux Clusters Makan.Pourzandi@Ericsson.Com Open Systems Lab Montréal Canada June, 2004 Rev PA1 07/05/04 1 Outline Context Distributed Security Distributed Access Control

More information

ForeScout Extended Module for VMware AirWatch MDM

ForeScout Extended Module for VMware AirWatch MDM ForeScout Extended Module for VMware AirWatch MDM Version 1.7.2 Table of Contents About the AirWatch MDM Integration... 4 Additional AirWatch Documentation... 4 About this Module... 4 How it Works... 5

More information

SELinux Protected Paths Revisited

SELinux Protected Paths Revisited SELinux Protected Paths Revisited Trent Jaeger Department of Computer Science and Engineering Pennsylvania State University March 1, 2006 1 Talk Topics Mechanism for MAC enforcement between 2 machines

More information

Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces

Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces Northeastern University Systems Security Lab Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces Black Hat USA 2014 Collin Mulliner crm[at]ccs.neu.edu About Researcher at

More information

DELDroid: Determination & Enforcement of Least Privilege Architecture in AnDroid

DELDroid: Determination & Enforcement of Least Privilege Architecture in AnDroid DELDroid: Determination & Enforcement of Least Privilege Architecture in AnDroid Mahmoud Hammad Software Engineering Ph.D. Candidate Mahmoud Hammad, Hamid Bagheri, and Sam Malek IEEE International Conference

More information

Copyright Samsung Electronics Co., Ltd. All rights reserved.

Copyright Samsung Electronics Co., Ltd. All rights reserved. Contents Copyright 2014 Samsung Electronics Co., Ltd. All rights reserved. It is subject to Apache License, Version 2.0 (hereinafter referred to as the "License"). You may not use this file except in compliance

More information

The Mobile Risk Management Company. Overview of Fixmo and Mobile Risk Management (MRM) Solutions

The Mobile Risk Management Company. Overview of Fixmo and Mobile Risk Management (MRM) Solutions The Mobile Risk Management Company Overview of Fixmo and Mobile Risk Management (MRM) Solutions Company Proprietary Information Copyright Fixmo Inc., 2012 Introduction to Fixmo Founded on a simple idea:

More information

2016 BITGLASS, INC. mobile. solution brief

2016 BITGLASS, INC. mobile. solution brief mobile solution brief BYOD Security has been a constant challenge for many enterprises. Stories of failed MDM deployments are rampant, with firms struggling achieve meaningful adoption. According to the

More information

GlobalPlatform Trusted Execution Environment (TEE) for Mobile

GlobalPlatform Trusted Execution Environment (TEE) for Mobile GlobalPlatform Trusted Execution Environment (TEE) for Mobile Kevin Gillick Executive Director, GlobalPlatform @GlobalPlatform_ www.linkedin.com/company/globalplatform GlobalPlatform Overview GlobalPlatform

More information

HPE Intelligent Management Center

HPE Intelligent Management Center HPE Intelligent Management Center EAD Security Policy Administrator Guide Abstract This guide contains comprehensive information for network administrators, engineers, and operators working with the TAM

More information

Enterprise Mobility Management: completing the EMM story

Enterprise Mobility Management: completing the EMM story Enterprise Mobility Management: completing the EMM story Contents BYOD & EMM 3 Enterprise Mobility Management what is it? 4 Accessing corporate systems, apps 5 and data with EMM Apps in the container 6

More information

ForeScout Extended Module for MaaS360

ForeScout Extended Module for MaaS360 Version 1.8 Table of Contents About MaaS360 Integration... 4 Additional ForeScout MDM Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...

More information

Mobile Devices prioritize User Experience

Mobile Devices prioritize User Experience Mobile Security 1 Uniqueness of Mobile Mobile Devices are Shared More Often Mobile Devices are Used in More Locations Mobile Devices prioritize User Experience Mobile Devices have multiple personas Mobile

More information

User manual for AirWatch enrollment - Android. Enable your mobile device to access Corporate resources.

User manual for AirWatch enrollment - Android. Enable your mobile device to access Corporate resources. User manual for AirWatch enrollment - Android Enable your mobile device to access Corporate resources. Introduction to the AirWatch agent enrollment. This manual, describe, how you can install the AirWatch

More information

VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch

VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch Multiple AirWatch versions Have documentation feedback? Submit a Documentation Feedback

More information

Enforcing Multiple Security Policies for Android System*

Enforcing Multiple Security Policies for Android System* 2nd International Symposium on Computer, Communication, Control and Automation (3CA 2013) Enforcing Multiple Security Policies for System* Tao Guo guotao@itsec.gov.cn Puhan Zhang zhangph2008@gmail.com

More information

Mobile App Security and Malware in Mobile Platform

Mobile App Security and Malware in Mobile Platform Mobile App Security and Malware in Mobile Platform Siupan Chan Sales Engineering Manager, Greater China 23 September, 2016 The Mobile Security Epidemic 2 A Radical Shift is Occurring When will your organization

More information

SmartAuth: User-Centered Authorization for the Internet of Things

SmartAuth: User-Centered Authorization for the Internet of Things SmartAuth: User-Centered Authorization for the Internet of Things Yuan Tian, Nan Zhang, Yueh-Hsun Lin, XiaoFeng Wang, Blase Ur, XianZheng Guo and Patrick Tague University, Indiana University Bloomington,

More information

Week 10 Part A MIS 5214

Week 10 Part A MIS 5214 Week 10 Part A MIS 5214 Agenda Project Authentication Biometrics Access Control Models (DAC Part A) Access Control Techniques Centralized Remote Access Control Technologies Project assignment You and your

More information

Copyright Samsung Electronics Co., Ltd. All rights reserved.

Copyright Samsung Electronics Co., Ltd. All rights reserved. CONTENTS Copyright 2014 Samsung Electronics Co., Ltd. All rights reserved. It is subject to Apache License, Version 2.0 (hereinafter referred to as the "License"). You may not use this file except in compliance

More information

Discretionary Vs. Mandatory

Discretionary Vs. Mandatory Discretionary Vs. Mandatory Discretionary access controls (DAC) Privilege propagated from one subject to another Possession of an access right is sufficient to access the object Mandatory access controls

More information

Mobility Simplifying, Strengthening, and Streamlining Mobile Security

Mobility Simplifying, Strengthening, and Streamlining Mobile Security What s New In Mobility 11.50 Mobility 11.50 Simplifying, Strengthening, and Streamlining Mobile Security Summary Counter evolving threats to your mobile deployment with new dynamic policies Domain Names:

More information

X.org security. Recap, vulnerabilities, attacks and discussions on the graphic stack s security. Martin Peres & Timothée Ravier

X.org security. Recap, vulnerabilities, attacks and discussions on the graphic stack s security. Martin Peres & Timothée Ravier X.org security Recap, vulnerabilities, attacks and discussions on the graphic stack s security Martin Peres & Timothée Ravier Ph.D. student at LaBRI, System security engineer September 19 21, 2012 Disclaimer

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback