Android. Android. Android OS Cache-Crypt. Page Cache Encryption for Protecting Android Devices against Theft
|
|
|
- Rudolf Dwain Carson
- 5 years ago
- Views:
Transcription
1 Vol.53 No (Oct. 2012) Android , Android Android OS Android Cache-Crypt Cache-Crypt OS Cache-Crypt Android OS Cache-Crypt Android Page Cache Encryption for Protecting Android Devices against Theft Fukuda Naoto 1 Kourai Kenichi 1 Received: November 4, 2011, Accepted: December 1, 2011 Abstract: Since Android devices such as smartphones and tablets are at high risk of theft, they prevent information leakage from disks by disk encryption in case of device theft. However, in recent years, cold boot attacks have been reported and information leakage from memory is being a major problem. Since the Android operating system maintains data on disks in memory as the page cache, data on the page cache can be stolen by cold boot attacks even if disks are encrypted. In this paper, we propose a system called Cache- Crypt for preventing information leakage in case of device theft by encrypting the page cache in memory. Cache-Crypt encrypts the page cache, e.g., when the operating system reads the operating system reads files on disk. The operating system decrypts the page cache only when apps access files, and encrypts it again when the acces is done. Cache-Crypt can limit to the range of information leakage only to the page cache being accessed. We have implemented Cache-Crypt in the Android operating system and confirmed that it could prevent information leakage from the page cache. Keywords: Android, anti-theft, cold boot attack, memory encryption 1. Android Android Android 1 Kyushu Institute of Technology OS Android Android Android Android ID Android c 2012 Information Processing Society of Japan 1
2 Vol.53 No (Oct. 2012) PC Android [3] OS Android [13] Android OS Android Cache-Crypt Cache-Crypt Cache-Crypt ARMORED [8] CPU Cache-Crypt Android OS read Cache-Crypt write Cache-Crypt mmap Cache-Crypt Android Nexus 7 Cache-Crypt 2 3 Cache- Crypt 4 5 Cache-Crypt Android Android Android Linux dm-crypt OS PIN OS PIN dm-crypt PIN [3] OS OS Android [13] USB PC OS Android OS OS OS c 2012 Information Processing Society of Japan 2
3 Vol.53 No (Oct. 2012) Android Android OS Android 3. Cache-Crypt Cache-Crypt Cache-Crypt Cache-Crypt OS Cache-Crypt Cache-Crypt Cache-Crypt Cache-Crypt Cache-Crypt Cache-Crypt Cache-Crypt OS Cache-Crypt ARMORED [8] ARMORED CPU 4. Cache-Crypt Android 3.4 dm-crypt 4.1 Cache-Crypt 1 c 2012 Information Processing Society of Japan 3
4 Vol.53 No (Oct. 2012) 1 ENCRYPT DECRYPT MEMORY MAP read VFS ENCRYPT DECRYPT ENCRYPT MEMORY MAP inode 0 ENCRYPT dm-crypt 4.3 write ( 1) VFS ENCRYPT ENCRYPT MEMORY MAP DECRYPT ( 1) ENCRYPT DECRYPT ENCRYPT MEMORY MAP Android ext4 ext4 4.5 mmap c 2012 Information Processing Society of Japan 4
5 Vol.53 No (Oct. 2012) 2 OS Cache-Crypt mmap ENCRYPT MEMORY MAP ENCRYPT 4.6 Cache-Crypt ARMORED [8] 128 CPU CPU ARMORED AES CPU SIMD ARMORED Linux Cache-Crypt 5. 3 Android Android Nexus 7 (2013) Cache-Crypt Android Linux 3.4 Cache-Crypt Android Android ADT Nexus 7 (2013) 3 Nexus 7 boot.img abootimg abootimg boot.img Nexus 7 boot.img fastboot 5.1 Android Lime [12] A Lime strings A A Cache-Crypt A Android 5.2 Cache-Crypt Benchmark 1MB 1MB Cache-Crypt 10 3 Cache-Crypt 10 XOR ARMORED CPU AES c 2012 Information Processing Society of Japan 5
6 Vol.53 No (Oct. 2012) 6. TransCrypt [11] TransCrypt [11] ecryptfs [6] ecryptfs EncFS [7] ZIA [1] ZIA ZIA ZIA Keypad [4] Keypad Keypad Keypad FUSE [10] Cache-Crypt Cryptkeeper [9] Cryptkeeper Cryptkeeper Lacuna [2] Lacuna VM OS QEMU OS Vanish [5] CleanOS [14] CleanOS [14] Android OS SDO Java GC SDO SDO 7. Android Cache-Crypt Cache-Crypt OS ARMORED CPU Cache-Crypt Android OS Cache-Crypt 10 XOR AES Cache-Crypt c 2012 Information Processing Society of Japan 6
7 Vol.53 No (Oct. 2012) Cache-Crypt Cache-Crypt Cache-Crypt [1] M. D. Corner and B. D. Noble. Zero Interaction Authentication. In Proc. of the ACM Annual International Conference on Mobile Computing and Networking, [2] A. M. Dunn, M. Z. Lee, S. Jana, S. Kim, M. Silberstein. Y. Xu, V. Shmatikow, and E. Witchel. Eternal Sunshine of the Spotless Machine: Protecting Privacy with Ephemeral Channels. In Proc. of the 10th USENIX Symposium on Operating Systems Design and Implementation, [3] J. Halderman et al. Lest We Remember: Cold Boot Attacks on Encryption Keys. In Proc. USENIX Security Symposium, [4] R. Geambasu, J. P. John, S. D. Gribble, T. Kohno, and H. M. Levy. Keypad: An auditing file system for theftprone devices. In Proc. of the ACM European Conference on Computer Systems (EuroSys), [5] R. Geambasu, T. Kohno, A. levy, and H. M. Levy. Vanish: Increasing data privacy with self-destructing data. In Proc. of USENIX Security, [6] M. A. Halcrow. ecryptfs: An Enterprise-class Encrypted Filesystem for Linux. In Proc. of the Linux Symposium, pages , [7] Taylor Hornby. EncFS Encrypted Filesystem. https: //defuse.ca/audits/encfs.htm, [8] J. Götzfried and T. Müller. ARMORED CPU-bound Encryption for Android-driven ARM Devices. In Proc. of the 8th ARES Conference (ARES 2013), [9] P. A. H. Peterson. Cryptkeeper: Improving security with encrypted RAM. In Proc. of the IEEE International Conference on Technologies for Homeland Security (HST), [10] N. Provos. Encrypting Virtual Memory. In Proc. of the 9th USENIX Security Symposium, [11] S. Sharma. TransCrypt: Design of a Secure and Transparent Encrypting File System. Master s thesis, Indian Institute of Technology Kanpur, [12] Joe Sylve. LiME - Linux Memory Extractor. https: //code.google.com/p/lime-forensics/, [13] T. Müller and M. Spreitzenbarth and F. C. Freiling. FROST Forensic Recovery of Scrambled Telephones. In Proc. of The 11th International Conference on Applied Cryptography and Network Security (ACNS), [14] Y. Tang, P. Ames, S. Bhamidipati, A. Bijlani, R. Geambasu, and N. Sarda. CleanOS: Limiting Mobile Data Exposure with Idle Eviction. In Proc. of the 10th Symposium on Operating Systems Design and Implementation, c 2012 Information Processing Society of Japan 7
Present but unreachable
Present but unreachable Reducing persistent latent secrets in HotSpot JVM Adam Pridgen 1 Simson L. Garfinkel 2 Dan S. Wallach 1 1 Rice University, Houston, TX, USA 2 George Mason University, Fairfax, VA,
CleanOS: Limiting Mobile Data Exposure with Idle Eviction
Columbia University CleanOS: Limiting Mobile Data Exposure with Idle Eviction 1 CleanOS: Limiting Mobile Data Exposure with Idle Eviction Yang Tang, Phillip Ames, Sravan Bhamidipati, Ashish Bijlani, Roxana
Isolating Operating System Components with Intel SGX
SysTEX 16 Trento, Italy Isolating Operating System Components with Intel SGX Lars Richter, Johannes Götzfried, Tilo Müller Department of Computer Science FAU Erlangen-Nuremberg, Germany December 12, 2016
Gone, But Not Forgotten: The Current State of Private Computing
Gone, But Not Forgotten: The Current State of Private Computing Aseem Rastogi Jun Yuan Rob Johnson University of Maryland, College Park Stony Brook University Web browser private mode Web browser private
Using Sensitive Information on Android Based Smartphone. Romke van Dijk
Using Sensitive Information on Android Based Smartphone Romke van Dijk Android 6: To what extent is sensitive information protected? RQ1 Requirements RQ2 & RQ3 Android s security features RQ4 Sensitive
SDD: A Novel Technique for Enhancing Cloud Security with Self Destructing Data
SDD: A Novel Technique for Enhancing Cloud Security with Self Destructing Data Kishore K, Ramchand V M.Tech Student, Dept. of CSE, The Oxford College Of Engineering, Bangalore, India Associate Professor,
MOBILE DEVICE SECURITY USING TRANSIENT AUTHENTICATION
MOBILE DEVICE SECURITY USING TRANSIENT AUTHENTICATION Paper By: Anthony J. Nicholson, Mark D. Corner, and Brian D. Noble IEEE TRANSACTIONS ON MOBILE COMPUTING Instructor:Dr.Leszek Lilien CS-6910-ACIS Presented
CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks
CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks The material in these slides mainly comes from the paper CloudSky: A Controllable Data Self-Destruction System
Enhance your Cloud Security with AMD EPYC Hardware Memory Encryption
Enhance your Cloud Security with AMD EPYC Hardware Memory Encryption White Paper October, 2018 Introduction Consumers and enterprises are becoming increasingly concerned about the security of their digital
Lenovo Europe, Middle East, and Africa Hardware Announcement ZG , dated January 27, 2009
Hardware Announcement ZG09-0077, dated January 27, 2009 Utimaco SafeGuard Enterprise suite of offerings for ThinkVantage Technologies offers hard drive encryption and additional modules for complete PC
Android Bootloader and Verified Boot
Android Bootloader and Verified Boot Lecture 7 Security of Mobile Devices 2018 SMD Android Bootloader and Verified Boot, Lecture 7 1/38 Bootloader Recovery Verified Boot Bibliography SMD Android Bootloader
SECURITY ARCHITECTURES CARSTEN WEINHOLD
Department of Computer Science Institute of System Architecture, Operating Systems Group SECURITY ARCHITECTURES CARSTEN WEINHOLD MOTIVATION Common observations: Complex software has security bugs Users
Stefan Saroiu Microsoft Research (Redmond)
Protecting Data on Smartphones & Tablets with Trusted Computing Stefan Saroiu Microsoft Research (Redmond) Smartphones have displaced PCs as the primary computing device Smartphones Store Sensitive Data
OPEN FORENSIC DEVICES
OPEN FORENSIC DEVICES Lee Tobin, Pavel Gladyshev DigitalFIRE ABSTRACT Cybercrime has been a growing concern for the past two decades. What used to be the responsibility of specialist national police has
Security features for UBIFS. Richard Weinberger sigma star gmbh
Richard Weinberger sigma star gmbh /me Richard Weinberger Co-founder of sigma star gmbh Linux kernel developer and maintainer Strong focus on Linux kernel, lowlevel components, virtualization, security
OPEN FORENSIC DEVICES
Open Forensic Devices JDFSL V10N4 OPEN FORENSIC DEVICES Lee Tobin, Pavel Gladyshev DigitalFIRE ABSTRACT Cybercrime has been a growing concern for the past two decades. What used to be the responsibility
Design and Implementation of a Random Access File System for NVRAM
This article has been accepted and published on J-STAGE in advance of copyediting. Content is final as presented. IEICE Electronics Express, Vol.* No.*,*-* Design and Implementation of a Random Access
ROBUST AND ANONYMOUS AUTHENTICATION OF DATA STORED IN CLOUDS WITH DECENTRALIZED ACCESS CONTROL
ROBUST AND ANONYMOUS AUTHENTICATION OF DATA STORED IN CLOUDS WITH DECENTRALIZED ACCESS CONTROL S.Vijaya Madhavi 1, G.Rama Subba Reddy 2 1 M.tech Scholar (CSE), 2 Headof Department (CSE), Vignana Bharathi
Android Forensics. Investigation, Analysis, Google Android. and Mobile Security for. Andrew Hoog. John McCash, Technical Editor SYNGRESS
Android Forensics Investigation, Analysis, and Mobile Security for Google Android Andrew Hoog John McCash, Technical Editor AMSTERDAM BOSTON. HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO.
Security and Privacy in Cloud Computing
Security and Privacy in Cloud Computing Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 5 03/08/2010 Securing Clouds Goal: Learn about different techniques for protecting a cloud against
File Encryption. Steven M. Bellovin https://www.cs.columbia.edu/~smb
File Encryption Steven M. Bellovin https://www.cs.columbia.edu/~smb Why Encrypt Files? Theft of files Theft of media Theft of computer Cloud storage? I.e. Someone else s computer 1 Issues with File Encryption
SECURITY ARCHITECTURES CARSTEN WEINHOLD
Department of Computer Science Institute of System Architecture, Operating Systems Group SECURITY ARCHITECTURES CARSTEN WEINHOLD MOTIVATION Common observations: Complex software has security bugs Users
Weak Spots Enterprise Mobility Management. Dr. Johannes Hoffmann
Weak Spots Enterprise Mobility Management Dr. Johannes Hoffmann Personal details TÜV Informationstechnik GmbH TÜV NORD GROUP Dr. Johannes Hoffmann IT Security Business Security & Privacy Main focus: Mobile
Trusted Computing and O/S Security. Aggelos Kiayias Justin Neumann
Trusted Computing and O/S Security Aggelos Kiayias Justin Neumann O/S Security Fundamental concept for O/S Security: separation. hardware kernel system user Each layer may try to verify the outer layer
A Bytecode Interpreter for Secure Program Execution in Untrusted Main Memory
A Bytecode Interpreter for Secure Program Execution in Untrusted Main Memory Maximilian Seitzer, Michael Gruhn, Tilo Müller Friedrich Alexander Universität Erlangen-Nürnberg https://www1.cs.fau.de Introduction
Figure 1: Creating new VM in VirtualBox. Please change the parameters and options, and make them exactly like the following figure.
Run SEEDAndroid on VirtualBox We have already built Android VM for you. You can run this Android VM on VirtualBox by going through the instructions written here. Some steps might vary based on the VirtualBox
MODERN FILESYSTEM PERFORMANCE IN LOCAL MULTI-DISK STORAGE SPACE CONFIGURATION
INFORMATION SYSTEMS IN MANAGEMENT Information Systems in Management (2014) Vol. 3 (4) 273 283 MODERN FILESYSTEM PERFORMANCE IN LOCAL MULTI-DISK STORAGE SPACE CONFIGURATION MATEUSZ SMOLIŃSKI Institute of
PGP NetShare Quick Start Guide Version 10.2
PGP NetShare Quick Start Guide Version 10.2 What is PGP NetShare? The PGP NetShare product is a software tool that provides multiple ways to protect and share your data. Use PGP NetShare to: Let authorized
Disk Encryption Buyers Guide
Briefing Paper Disk Encryption Buyers Guide Why not all solutions are the same and how to choose the one that s right for you.com CommercialSector Introduction We have written this guide to help you understand
SGX Security Background. Masab Ahmad Department of Electrical and Computer Engineering University of Connecticut
SGX Security Background Masab Ahmad masab.ahmad@uconn.edu Department of Electrical and Computer Engineering University of Connecticut 1 Security Background Outline Cryptographic Primitives Cryptographic
Lamassu: Storage-Efficient Host-Side Encryption
Lamassu: Storage-Efficient Host-Side Encryption Peter Shah, Won So Advanced Technology Group 9 July, 2015 1 2015 NetApp, Inc. All rights reserved. Agenda 1) Overview 2) Security 3) Solution Architecture
Recovering cryptographic keys with the cold boot attack
Recovering cryptographic keys with the cold boot attack Nadia Heninger Princeton University February 15, 2010 Joint work with... Lest We Remember: Cold Boot Attacks on Encryption Keys with J. Alex Halderman,
Building a Highly Scalable and Performant SMB Protocol Server
Building a Highly Scalable and Performant SMB Protocol Server Dr. Sunu Engineer CTO, Ryussi Technologies About Ryussi Creator of MoSMB SMB with Mojo. Specializes in Storage and Systems Software Product
Open Mobile Platforms. EE 392I, Lecture-6 May 4 th, 2010
Open Mobile Platforms EE 392I, Lecture-6 May 4 th, 2010 Open Mobile Platforms The Android Initiative T-Mobile s ongoing focus on Android based devices in US and EU markets In Nov 2007, Google announced
Optimizing ecryptfs for better performance and security
Optimizing ecryptfs for better performance and security Li Wang School of Computer National University of Defense Technology liwang@nudt.edu.cn Jinzhu Kong School of Computer National University of Defense
Encrypting stored data
Encrypting stored data Tuomas Aura CSE-C3400 Information security Aalto University, autumn 2014 1. Scenarios 2. File encryption Outline 3. Encrypting file system 4. Full disk encryption 5. Data recovery
Cache Side Channel Attacks on Intel SGX
Cache Side Channel Attacks on Intel SGX Princeton University Technical Report CE-L2017-001 January 2017 Zecheng He Ruby B. Lee {zechengh, rblee}@princeton.edu Department of Electrical Engineering Princeton
Trusted Computing and O/S Security
Computer Security Spring 2008 Trusted Computing and O/S Security Aggelos Kiayias University of Connecticut O/S Security Fundamental concept for O/S Security: separation. hardware kernel system user Each
The concept of a storage-centric network which is safe and secure anywhere jointly developed
November 20, 2003 Nippon Telegraph and Telephone Corporation Hitachi, Ltd. The concept of a storage-centric network which is safe and secure anywhere jointly developed Nippon Telegraph and Telephone Corporation
Pass, No Record: An Android Password Manager
Pass, No Record: An Android Password Manager Alex Konradi, Samuel Yeom December 4, 2015 Abstract Pass, No Record is an Android password manager that allows users to securely retrieve passwords from a server
G/On. G/On is available for Windows, MacOS and Linux (selected distributions).
G/On Soliton G/On is a remote access solution which establishes connections between a remote device and application servers inside an organisations network. A secure gateway is used to separate the remote
CIS 21 Final Study Guide. Final covers ch. 1-20, except for 17. Need to know:
CIS 21 Final Study Guide Final covers ch. 1-20, except for 17. Need to know: I. Amdahl's Law II. Moore s Law III. Processes and Threading A. What is a process? B. What is a thread? C. Modes (kernel mode,
Recovering cryptographic keys with the cold boot attack
Recovering cryptographic keys with the cold boot attack Nadia Heninger Princeton University April 20, 2010 Joint work with... Lest We Remember: Cold Boot Attacks on Encryption Keys with J. Alex Halderman,
CloudFleet Documentation
CloudFleet Documentation Release 0.1 The CloudFleet Team Sep 27, 2017 Contents 1 Table of Contents 3 1.1 Getting Started.............................................. 3 1.2 Getting Started for Hackers.......................................
A Simple Model for Estimating Power Consumption of a Multicore Server System
, pp.153-160 http://dx.doi.org/10.14257/ijmue.2014.9.2.15 A Simple Model for Estimating Power Consumption of a Multicore Server System Minjoong Kim, Yoondeok Ju, Jinseok Chae and Moonju Park School of
Mobile Platform Security Architectures A perspective on their evolution
Mobile Platform Security Architectures A perspective on their evolution N. Asokan CARDIS 2012 Graz, Austria November 29, 2012 1 NA, KKo, JEE, Nokia Resarch Center 2011-2012 Introduction Recent interest
Virtualization Overview NSRC
Virtualization Overview NSRC Terminology Virtualization: dividing available resources into smaller independent units Emulation: using software to simulate hardware which you do not have The two often come
Product Brief. Circles of Trust.
Product Brief Circles of Trust www.cryptomill.com product overview Circles of Trust is an enterprise security software system that eliminates the risks associated with data breaches from a hacker attack
Abstract. 1. Introduction
Supporting Signatures in Mobile Environments Scott Campbell Department of Computer Science and Systems Analysis, Miami University scott@cc-campbell.com Abstract s, like physical s, can verify that a specific
Designing Security & Trust into Connected Devices
Designing Security & Trust into Connected Devices Rob Coombs Security Marketing Director TechCon 11/10/15 Agenda Introduction Security Foundations on Cortex-M Security Foundations on Cortex-A Use cases
DECENTRALIZED ATTRIBUTE-BASED ENCRYPTION AND DATA SHARING SCHEME IN CLOUD STORAGE
DECENTRALIZED ATTRIBUTE-BASED ENCRYPTION AND DATA SHARING SCHEME IN CLOUD STORAGE ABSTRACT We propose a Multi-Authority Attribute-Based Encryption (ABE) system. In our system, any party can become an authority
Global security intelligence. YoUR DAtA UnDeR siege: DeFenD it with encryption. #enterprisesec kaspersky.com/enterprise
Global security intelligence YoUR DAtA UnDeR siege: DeFenD it with encryption #enterprisesec kaspersky.com/enterprise Contents Your Data Under Siege: Defend it with Encryption 3 Steps Taken to Minimise
OBJECT BASED DATA STORAGE SYSTEM FOR CLOUD USING DHT AND TPDSS WITH A SELF-DESTRUCTING DATA
RESEARCH ARTICLE OPEN ACCESS OBJECT BASED DATA STORAGE SYSTEM FOR CLOUD USING DHT AND TPDSS WITH A SELF-DESTRUCTING DATA Ms. Punam U. Lambat, Mr. G. Rajesh Babu, Asst. Prof. Department of Computer Science
Changing face of endpoint security
Changing face of endpoint security S A N T H O S H S R I N I V A S A N C I S S P, C I S M, C R I S C, C E H, C I S A, G S L C, C G E I T D I R E C T O R S H A R E D S E R V I C E S, H C L T E C H N O L
Ethical Hacking and Countermeasures: Secure Network Operating Systems and Infrastructures, Second Edition
Ethical Hacking and Countermeasures: Secure Network Operating Systems and Infrastructures, Second Edition Chapter 7 Hacking Mobile Phones, PDAs, and Handheld Devices Objectives After completing this chapter,
Integrating Password Management with Enterprise Single Sign-On
Integrating Password Management with Enterprise Single Sign-On 2016 Hitachi ID Systems, Inc. All rights reserved. Contents 1 Introduction 1 2 Background: one problem, two solutions 2 2.1 The Problem.............................................
GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications
GLOBALPROTECT Prevent Breaches and Secure the Mobile Workforce GlobalProtect extends the protection of Palo Alto Networks Next-Generation Security Platform to the members of your mobile workforce, no matter
USING A FREE VIRTUAL MACHINE TO SIMILATE A SPECIFIC MODEL OF COMPUTER
USING A FREE VIRTUAL MACHINE TO SIMILATE A SPECIFIC MODEL OF COMPUTER 1 Web location for this presentation: http://aztcs.org Click on Meeting Notes 2 SUMMARY From inside your existing computer, you can
A Study of User Data Integrity During Acquisition of Android Devices
DIGITAL FORENSIC RESEARCH CONFERENCE By Namheun Son, Yunho Lee, Dohyun Kim, Joshua I. James, Sangjin Lee and Kyungho Lee Presented At The Digital Forensic Research Conference DFRWS 2013 USA Monterey, CA
Securing Multiple Mobile Platforms
Securing Multiple Mobile Platforms CPU-based Multi Factor Security 2010 Security Workshop ETSI 2010 Security Workshop Navin Govind Aventyn, Inc. Founder and CEO 1 Mobile Platform Security Gaps Software
Android System Development Training 4-day session
Android System Development Training 4-day session Title Android System Development Training Overview Understanding the Android Internals Understanding the Android Build System Customizing Android for a
No Country for Old Security Compliance in the Cloud. Joel Sloss, CDSA Board of Directors May 2017
No Country for Old Security Compliance in the Cloud Joel Sloss, CDSA Board of Directors May 2017 Emerging Threats Specific/sequential targeting Effective reconnaissance Practiced tool usage Sophisticated
CompTIA Linux+ Guide to Linux Certification Fourth Edition. Chapter 2 Linux Installation and Usage
CompTIA Linux+ Guide to Linux Certification Fourth Edition Chapter 2 Linux Installation and Usage Objectives Prepare for and install Fedora Linux using good practices Outline the structure of the Linux
Protecting your system from the scum of the universe
Protecting your system from the scum of the universe Gilad Ben-Yossef gilad@benyossef.com Twitter: @giladby About me My name is Gilad Ben-Yossef. I work on applied cryptography and security of the upstream
ENTERPRISE MOBILITY MANAGEMENT & REMOTE ACCESS SOLUTIONS
ENTERPRISE MOBILITY MANAGEMENT & REMOTE ACCESS SOLUTIONS Secure Remote Desktop & Application Access Mobile Device Management Mobile Content Management Mobile Email & PIM Secure Mobile Containerization
Running Databases in Containers.
Running Databases in Containers. How to Overcome the Challenges of Data Frank Stienhans CTO Prepared for Evolution of Enterprise IT Subjective Perspective CONTAINERS 1. More Choices CLOUD 2. Faster Delivery
CS370 Operating Systems
CS370 Operating Systems Colorado State University Yashwant K Malaiya Spring 2018 Lecture 22 File Systems Slides based on Text by Silberschatz, Galvin, Gagne Various sources 1 1 Disk Structure Disk can
efolder White Paper: HIPAA Compliance
efolder White Paper: HIPAA Compliance November 2015 Copyright 2015, efolder, Inc. Abstract This paper outlines how companies can use certain efolder services to facilitate HIPAA and HITECH compliance within
OneID An architectural overview
OneID An architectural overview Jim Fenton November 1, 2012 Introduction OneID is an identity management technology that takes a fresh look at the way that users authenticate and manage their identities
Why do customers buy G/On?
Why do customers buy G/On? Page 2 G/On makes mobile security simple! For different people Using different devices in different locations To quickly and securely access corporate applications LAN/WAN Employees
Separating Access Control Policy, Enforcement, and Functionality in Extensible Systems. Robert Grimm University of Washington
Separating Access Control Policy, Enforcement, and Functionality in Extensible Systems Robert Grimm University of Washington Extensions Added to running system Interact through low-latency interfaces Form
ARM European Technical Symposium The security challenges that IoT and Mobile Computing Devices are facing. Pierre Garnier, COO
ARM European Technical Symposium The security challenges that IoT and Mobile Computing Devices are facing Pierre Garnier, COO 1 INVESTORS INSIDE Secure PRESENTATION ARM European Technical SEPTEMBER Symposium
Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD
Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD THIS LECTURE... Today: Technology Lecture discusses basics in context of TPMs
Securing the Frisbee Multicast Disk Loader
Securing the Frisbee Multicast Disk Loader Robert Ricci, Jonathon Duerig University of Utah 1 What is Frisbee? 2 Frisbee is Emulab s tool to install whole disk images from a server to many clients using
Creating Trust in a Highly Mobile World
Creating Trust in a Highly Mobile World Technical White Paper Oct, 2014 MobileCrypt with Hardware Strength Security MobileCrypt s solution leverages an Android based mobile application and a Hardware Security
Linux Memory Analysis with Volatility. Andrew Case Digital Forensics Solutions
Linux Memory Analysis with Volatility Andrew Case Digital Forensics Solutions Purpose of the Talk To highlight the Linux analysis capabilities integrated into the Volatility framework within the last year
How Do I Restore My Blackberry Phone To Factory Settings Windows 7
How Do I Restore My Blackberry Phone To Factory Settings Windows 7 Handheld Option (Hard Reset) BlackBerry 8830 World Edition Smartphone Manage your device in My Verizon BlackBerry Wipe Handheld feature
SEAhawk and Self Encrypting Drives (SED) Whitepaper
Suite 301, 100 Front Street East, Toronto, Ontario, M5A 1E1 SEAhawk and Self Encrypting Drives (SED) Whitepaper This paper discusses the technology behind Self-Encrypting Drives (SEDs) and how Cryptomill
Report on ESET NOD 32 Antivirus
Report on ESET NOD 32 Antivirus CYBER SECURITY & PRIVACY FOUNDATION 1 Software: NOD 32 Antivirus for Windows Lab Setup: Oracle Virtualbox v4.3.6 r91406 Operating System: Machine 1: Windows 7 32-Bit. Processor:
ARM TrustZone for ARMv8-M for software engineers
ARM TrustZone for ARMv8-M for software engineers Ashok Bhat Product Manager, HPC and Server tools ARM Tech Symposia India December 7th 2016 The need for security Communication protection Cryptography,
Data Protection in Practice
ANNUAL CPD BOARD CONFERENCE Data Protection in Practice 6 & 13 DECEMBER 2016 There are only two types of companies: those that have been hacked, and those that will be. Robert Mueller, FBI Director There
CHAPTER 2 LITERATURE REVIEW 2.1 CRYPTOGRAPHIC FILE SYSTEMS DESIGN GOALS
CHAPTER 2 LITERATURE REVIEW This chapter presents an in-depth literature survey of existing cryptographic file systems. The chapter starts with a description of various design goals and design parameters
PDF. Applying File Structure Inspection to Detecting Malicious PDF Files. Received: November 18, 2013, Accepted: July 11, 2014
PDF 1,a) 2,b) 2 2013 11 18, 2014 7 11 MS Rich Text Compound File Binary PDF PDF PDF PDF 164 99.4% PDF Applying File Structure Inspection to Detecting Malicious PDF Files Yuhei Otsubo 1,a) Mamoru Mimura
Firmware Updates for Internet of Things Devices
Firmware Updates for Internet of Things Devices Brendan Moran, Milosch Meriac, Hannes Tschofenig Drafts: draft-moran-suit-architecture draft-moran-suit-manifest 1 WHY DO WE CARE? 2 IoT needs a firmware
Privacy Protection on Data Self- Destruction System for Cloud Storage Networks
ISSN 2395-1621 Privacy Protection on Data Self- Destruction System for Cloud Storage Networks #1 Vaishali Hargude, #2 Jyoti Ohol, #3 Sonal Rahinj, #4 Smita Wangale 1 vaishalihargude95@gmail.com 2 jyotiohol95@gmail.com
II. LITERATURE SURVEY
Secure Transaction By Using Wireless Password with Shuffling Keypad Shweta Jamkavale 1, Ashwini Kute 2, Rupali Pawar 3, Komal Jamkavale 4,Prashant Jawalkar 5 UG students 1,2,3,4, Guide 5, Department Of
Full Disk Encryption. Larry Carson, Associate Director, Information Security Management
Full Disk Encryption Larry Carson, Associate Director, Information Security Management What Security Really Looks Like at UBC News-worthy Security Incidents VGH Loss of 450 medical records via Resident
Loosely Coupled Actor Systems
Loosely Coupled Actor Systems for the Internet of Things Raphael Hiesgen Internet Technologies Group Hamburg University of Applied Sciences Agenda Introduction Where We Are Next Steps Risks and Conclusion
Distributed Systems. Lecture 14: Security. Distributed Systems 1
06-06798 Distributed Systems Lecture 14: Security Distributed Systems 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
Syslog Technologies Innovative Thoughts
ABSTRACT: - Syslog Technologies ANDROID PROCTER APP From the very beginning all over the globe the procedures of education system and the communication between students, staff, lectures, management or
Distributed Systems. Lecture 14: Security. 5 March,
06-06798 Distributed Systems Lecture 14: Security 5 March, 2002 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
Mobile Devices prioritize User Experience
Mobile Security 1 Uniqueness of Mobile Mobile Devices are Shared More Often Mobile Devices are Used in More Locations Mobile Devices prioritize User Experience Mobile Devices have multiple personas Mobile
Defeating the Secrets of OTP Apps
Defeating the Secrets of OTP Apps M.A., M.Sc. Philip Polleit, Friedrich-Alexander-Universität, Erlangen Dr.-Ing., Michael Spreitzenbarth, Friedrich-Alexander-Universität, Erlangen philip@polleit.de 1 //
Storgrid Data Sheet Enterprise File Serving Software re-invented
Enterprise File Serving Software re-invented September, 2016 (v1.8) 2016 STORGRID Byelex Data Solutions BV. This document is created with the utmost care. To prevent unjustified usage of this document
Windows 10 Security & Audit
Windows 10 Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC, CSX-P jtannahi@rogers.com Windows 10 Editions Home Pro Enterprise Education Mobile IoT Editions 1 Windows 10 Builds Windows 10 (initial
TRAVEL ADVICE BOOKLET. Going abroad with your telephone, tablet or laptop computer
TRAVEL ADVICE BOOKLET Going abroad with your telephone, tablet or laptop computer This travel advice booklet was initially produced by the Agence nationale de la sécurité des systèmes d information (ANSSI),
About this manual Safety precautions Getting to know your ASUS Transformer Book Trio Tablet PC station Transforming your devices into an ASUS Transformer Book Trio Undocking the tablet
EVT/WOTE 09 AUGUST 10, Ersin Öksüzoğlu Dan S. Wallach
EVT/WOTE 09 AUGUST 10, 2009 Ersin Öksüzoğlu Dan S. Wallach VoteBox Full featured DRE voting machine Paper in USENIX Security Symposium 2008 2 Pre-rendered user interface simplifies the graphics subsystem
Android Application Sandbox. Thomas Bläsing DAI-Labor TU Berlin
Android Application Sandbox Thomas Bläsing DAI-Labor TU Berlin Agenda Introduction What is Android? Malware on smartphones Common countermeasures on the Android platform Use-Cases Design Conclusion Summary
Linux Software RAID Level 0 Technique for High Performance Computing by using PCI-Express based SSD
Linux Software RAID Level Technique for High Performance Computing by using PCI-Express based SSD Jae Gi Son, Taegyeong Kim, Kuk Jin Jang, *Hyedong Jung Department of Industrial Convergence, Korea Electronics