Security and privacy in your embedded systems
|
|
- Amos Shepherd
- 5 years ago
- Views:
Transcription
1 Security and privacy in your embedded systems Strong isolation of applications using Smack and Cynara José Bollo security at IoT.bzh
2 IoT.bzh Specialized on Embedded & IoT Contributing to AGL Project for Renesas Expertise domains: System architecture Security Application Framework Graphics & Multimedia Middleware Linux Kernel Located in Brittany, France 2
3 Connected cars internet + cloud 3
4 Attacks Some people have interest to attack systems: States / Armies Criminals Family Attacks of the system can also be hazardous: Bugs Misuses + bugs Wear Accidents 4
5 Privacy No one wants to be spied or stolen Some people have interest to spy: Merchandizers Insurances States / Armies Criminals Family 5
6 Example 1 Arthur Driver Provides Lte SIM export profile Connection to internet Boris Passenger Consult its mails 6
7 Example 2 Boris Installs that very cool application Connection to internet Touch screen 7
8 Some aspects of security Keep system integrity System must not be changed System must update itself System must resist to brutal power off System should detect problems, intrusions, report Applications must be isolated and their power must be restricted 8
9 Isolation Isolate users use DAC Isolate applications Tizen: use MAC Android: use DAC Use user aware services Bluez should isolate as needed... 9
10 Restricting process's power Action of processes are restricted (sandboxed) Each sensitive action should be filtered by the security sub-system The security sub-system checks if the process has the permission to perform the sensitive action The security sub-system prohibits the actions that aren't permitted Implementations details may differ from the above description 10
11 Permissions Any process has a set of permissions reflecting the sensitive actions that it can perform (user, application) permissions Variants: does permissions change while process runs? Static: NO Dynamic: YES 11
12 DAC versus MAC With DAC, the permissions can be changed object by object by any possible writer With MAC, the permissions are set by a fixed matrix and changing the MAC tag of objects requires a linux capability Both operate on system objects 12
13 API permissions Some permissions can not be checked/filtered using system objects Examples: Entering full screen Acces to specific BlueTooth profile 13
14 Implementations Virtualisation: specific environments are prepared for execution of processes Tizen: MAC (Smack) + DAC + Cynara Android: MAC (SELinux) + DAC + Binder Allows native applications Enforces use of binder the kernel module AGL: MAC (Smack) + DAC + Cynara + Binder Allows native applications 14
15 Isolation of users Guest's application Kernel side DAC /home/arthur /home/guest 15
16 Isolation of applications APPLICATION GAME APPLICATION MAP Kernel side MAC Public area Shared area 16
17 Restriction of services Application Service Bluetooth Audio source Health monitor system side: not in the kernel 17
18 AGL framework applications widget Framework launch Framework install Application Security DB Secured environment Smack Cynara Binder 18
19 AGL framework Untrusted HTML5 WebView Native Client QT5/QML Client Semi-Trusted App. Level REST/HTML Radio Binder HVAC Binder Other Transport App. Fram. Binder DBUS Cynara Proxy Plateform Trusted Isolation By Layer UI Level Layered Security Architecture Automobile Message Broker Pulse Audio Native App & Proxy Non DBUS Application Framework Privileges Non-Dbus Service Segregation Of Duties 19
20 Who is interacting? A big problem: How handle the interaction, to wich user context to attach it? 20
21 Next? Reporting intrusion: nice-lad Secured Tagging: a proposal I made Kdbus? Binder? 21
22 QUESTIONS... Too late for prevention 22
23 links le/event/sec_enforcement/ -security-lessons-learnt-initial.pdf 23
Introduction to application framework
Introduction to application framework for AGL Version 1.0 June 2016 Abstract This document presents the application framework created by IoT.bzh for AGL. Document revisions Date Version Designation Author
More informationApplication & Security Framework AGL-2.0 Architecture Proposal. Winter/AGL-AMM Tokyo 2016 Fulup Ar Foll Lead Architect
Application & Security Framework AGL-2.0 Architecture Proposal Winter/AGL-AMM Tokyo 2016 Fulup Ar Foll Lead Architect fulup@iot.bzh Who Are We? Fulup Ar Foll Lead Architect Stéphane Desneux Manuel Bachmann
More informationConnected Cars & Security Challenges. Stéphane Desneux CTO at IoT.bzh
Connected Cars & Security Challenges Stéphane Desneux CTO at IoT.bzh Printemps des Entreprises IUT Vannes 15 Mars 2016 Agenda IoT.bzh & AGL Project Connected Cars Security: Issues and Solutions
More informationTizen IVI Architecture New features. Dominig ar Foll, Intel Open Source
Tizen IVI Architecture New features Dominig ar Foll, Intel Open Source Agenda What is Tizen IVI How to join the project Our road map Architecture New Features 2 What is Tizen IVI Tizen IVI Support Intel
More informationTizen IVI Architecture New features
Tizen IVI Architecture New features, Intel Open Source dominig.arfoll@fridu.net Agenda 2 What is Tizen IVI How to join the project Our road map Architecture New Features Tizen IVI Support Intel and ARM
More informationConnecting with Tizen : An Overview & Roadmap. Mohan Rao
Connecting with Tizen : An Overview & Roadmap Mohan Rao Contents What is Tizen? Why Tizen? Device profile Tizen 2.4 Tizen 3.0 What s next? Conclusion 2 What is Tizen? (1/2) Designed for various category
More informationsystemd integration and user management José Bollo
systemd integration and user management José Bollo jose.bollo@iot.bzh Overview of applications Same ECU Security Context S Binder Security Context A Effective API Binder Shadow API local API Transport
More informationMeet Crosswalk New HTML5 Runtime. Sakari Poussa Intel
Meet Crosswalk New HTML5 Runtime Sakari Poussa Intel Outline What is Crosswalk and why do we need it? Architecture how Crosswalk is constructed? Features for Tizen 3.0 How to Contribute Demo 2 What and
More informationLecture 3 MOBILE PLATFORM SECURITY
Lecture 3 MOBILE PLATFORM SECURITY You will be learning: What techniques are used in mobile software platform security? What techniques are used in mobile hardware platform security? Is there a common
More informationFosdem Feb/2018. Frederic Marec Embedded Engineer
Industrialisation of applications build in embedded environment How to build AGL (Automotive Grade Linux) applications with Jenkins pipeline and X(cross) Development System (XDS)? Fosdem Feb/2018 Frederic
More informationSecurity model for embedded systems using Smack *
Security model for embedded systems using Smack * Simple but secure * Simplified Mandatory Access Control Kernel - José Bollo - Context José Bollo Eurogiciel Intel Tizen Smack Linux Smack for embeddeds
More informationTizen-Meta as Security and Connectivity Layers For Yocto Project
Tizen-Meta as Security and Connectivity Layers For Yocto Project () dominig.arfoll@fridu.net October 2014 Tizen-Meta What is Tizen How to build Tizen with Yocto tools Which Connectivity is available with
More informationFirefox OS App Days. Overview and High Level Architecture. Author: José M. Cantera Last update: March 2013 TELEFÓNICA I+D
Firefox OS App Days Overview and High Level Architecture Author: José M. Cantera (@jmcantera) Last update: March 2013 TELEFÓNICA I+D 1 Introduction What is Firefox OS? A new mobile open OS fully based
More informationAMM Feb/2018. Frederic Marec Embedded Engineer
Industrialisation of applications build in embedded environment How to build AGL (Automotive Grade Linux) applications with Jenkins pipeline and X(cross) Development System (XDS)? AMM Feb/2018 Frederic
More informationX(cross) Development System make AGL application development easier. December 2017 Sébastien Douheret
make AGL application development easier Sébastien Douheret sebastien.douheret@iot.bzh IoT.bzh Located in France - Brittany ( Vannes / Lorient / Rennes ) People background: 40% coming from Tizen IVI (Intel+Samsung)
More informationHACKING TIZEN THE OS OF EVERYTHING. AJIN
HACKING TIZEN THE OS OF EVERYTHING AJIN ABRAHAM @ajinabraham WHOMAI Application Security Engineer,Yodlee Blogs at opensecurity.in Spoken at NULLCON, ClubHack, OWASP AppSec, BlackHat, Ground Zero Summit.
More informationOffense & Defense in IoT World. Samuel Lv Keen Security Lab, Tencent
Offense & Defense in IoT World Samuel Lv Keen Security Lab, Tencent Keen Security Lab of Tencent Wide coverage of software and hardware security research Mainstream PC & Mobile Operating Systems Mainstream
More informationSecurity Philosophy. Humans have difficulty understanding risk
Android Security Security Philosophy Humans have difficulty understanding risk Safer to assume that Most developers do not understand security Most users do not understand security Security philosophy
More informationCopyright 2017 Samsung. All Rights Reserved. O-Hoon Kwon, Ph.D. Samsung Electronics
1 Copyright 2017 Samsung. All Rights Reserved. O-Hoon Kwon, Ph.D. Samsung Electronics Intro Tizen Linux kernel based Embedded OS for wide range of devices, where Mobile, Wearable, TV are maintained as
More informationX(cross) Development System make AGL application development easier. July 2017 Sébastien Douheret
make AGL application development easier Sébastien Douheret sebastien.douheret@iot.bzh IoT.bzh Located in France - Brittany ( Vannes / Lorient / Rennes ) People background: 40% coming from Tizen IVI (Intel+Samsung)
More informationLeveraging OpenID To connect Vehicle to the Cloud
Leveraging OpenID To connect Vehicle to the Cloud ALS 2017 Tokyo Fulup Ar Foll Lead Architect fulup@iot.bzh Who Are We? 2 V2C Multiple Requirements Car to Cloud Cloud to Car Telematics Car sharing, Fleet
More informationMiddleware MAC for Android. Stephen Smalley Trusted Systems Research National Security Agency
Middleware MAC for Android Stephen Smalley Trusted Systems Research National Security Agency Motivation Many attacks on Android can occur entirely at the middleware layer. Not directly visible to kernel
More informationWeb and Automotive W3C Workshop. Renault - DREAM Nov 2012 RENAULT PROPERTY
Web and Automotive W3C Workshop SUMMARY 01 Car 02 Technical 03 Web displays are special Challenges technologies and standards can help 2 01 Car displays are special 3 Cars are specifics A TV set is an
More informationLecture 10. Denial of Service Attacks (cont d) Thursday 24/12/2015
Lecture 10 Denial of Service Attacks (cont d) Thursday 24/12/2015 Agenda DoS Attacks (cont d) TCP DoS attacks DNS DoS attacks DoS via route hijacking DoS at higher layers Mobile Platform Security Models
More informationIn the Driver s Seat
In the Driver s Seat Use Cases of Qt in Automotive Dr Tuukka Ahoniemi Product Manager tuukka.ahoniemi@theqtcompany.com Contents Requirements for Automotive Systems Transition of Automotive Software Power
More informationConfinement. Steven M. Bellovin November 1,
Confinement Steven M. Bellovin November 1, 2016 1 Security Architecture We ve been looking at how particular applications are secured We need to secure not just a few particular applications, but many
More informationMinds-on: Android. Session 1
Minds-on: Android Session 1 Paulo Baltarejo Sousa Instituto Superior de Engenharia do Porto 2016 Outline Mobile devices Android OS Android architecture Android Studio Practice 1 / 33 2 / 33 Mobile devices
More information2 Lecture Embedded System Security A.-R. Darmstadt, Android Security Extensions
2 Lecture Embedded System Security A.-R. Sadeghi, @TU Darmstadt, 2011-2014 Android Security Extensions App A Perm. P 1 App B Perm. P 2 Perm. P 3 Kirin [2009] Reference Monitor Prevents the installation
More informationLeveraging webos Technologies for Automotive. Lokesh Kumar Goel / Steve Lemke
Leveraging webos Technologies for Automotive Lokesh Kumar Goel / Steve Lemke Agenda LG Silicon Valley Lab (SVL) Background LG SVL AGL Demo at CES 2018 webos Open Source Edition (OSE) webos Web App Runtime
More informationTizen 3.0 Multi-User Features. Baptiste Durand Software Engineer Eurogiciel
Tizen 3.0 Multi-User Features Baptiste Durand Software Engineer Eurogiciel Agenda 2 Tizen Multi User System and associated requirements What has changed? What are
More informationSP Project 2 Basic SMACK features
SP Project 2 Basic SMACK features 1 Tizen project flow Project 0 Tizen Porting to Odroid-U3 Project 1 Tizen web application development Tizen dev. environment build Tizen application development Tizen
More informationThe Case for Security Enhanced (SE) Android. Stephen Smalley Trusted Systems Research National Security Agency
The Case for Security Enhanced (SE) Android Stephen Smalley Trusted Systems Research National Security Agency Background / Motivation Increasing desire to use mobile devices throughout the US government.
More informationLinux in Automotive From Open Source to Products
Linux in Automotive From Open Source to Products Mark Skarpness Director System Engineering, Intel Tsuguo Nobe Chief Advanced Service Architect and Director, Intel July 1st, 2014 Legal Information INFORMATION
More informationOS Security III: Sandbox and SFI
1 OS Security III: Sandbox and SFI Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab2 VMs on lab machine Extension? 3 Users and processes FACT: although ACLs use users as subject, the OS
More informationScippa: System-Centric IPC Provenance on Android
Scippa: System-Centric IPC Provenance on Android Michael Backes, Sven Bugiel, Sebastian Gerling Saarland Univeristy, Germany 2014 Annual Computer Security Applications Conference Presenter: Qi Wang 1 Android
More informationProtection. Thierry Sans
Protection Thierry Sans Protecting Programs How to lower the risk of a program security flaw resulting from a bug? 1. Build better programs 2. Build better operating systems Build Better Programs Why are
More informationAdvanced Systems Security: Principles
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationWeb & Automotive. Paris, April Dave Raggett
Web & Automotive Paris, April 2012 Dave Raggett 1 Aims To discuss potential for Web Apps in cars Identify what kinds of Web standards are needed Discuss plans for W3C Web & Automotive Workshop
More informationA Survey of Access Control Policies. Amanda Crowell
A Survey of Access Control Policies Amanda Crowell What is Access Control? Policies and mechanisms that determine how data and resources can be accessed on a system. The Players Subjects Objects Semi-objects
More informationSPLIT INTERFACES (SPIN) Jordi Domingo-Pascual Universitat Politècnica de Catalunya BarcelonaTECH (UPC) VFCS17. ISCTE. Lisboa.
SPLIT INTERFACES (SPIN) Jordi Domingo-Pascual Universitat Politècnica de Catalunya BarcelonaTECH (UPC) VFCS17. ISCTE. Lisboa. October 24, 2017 SPLIT INTERFACES (SPIN) The main goal is to decouple the devices
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 ORACLE PRODUCT LOGO 20. oktober 2011 Hotel Europa Sarajevo Platform
More informationLINUX SECURITY PRIMER: SELINUX AND SMACK FRAMEWORKS KATHY TUFTO, PRODUCT MANAGER
LINUX SECURITY PRIMER: SELINUX AND SMACK FRAMEWORKS KATHY TUFTO, PRODUCT MANAGER E M B E D D E D S Y S T E M S W H I T E P A P E R w w w. m e n t o r. c o m INTRODUCTION With the proliferation of smart
More informationT I Z E N Ve r 2. 3 O v e r v i e w Open Source Project
T I Z E N Ve r 2. 3 O v e r v i e w Open Source Project 2015.03.22 I N D E X 1 Introduction to Tizen 2 3 4 How to Develop Tizen Applications Example of Tizen Application About Ajou Tizen Supporters 1 Introduction
More informationQt for Device Creation
Qt for Device Creation Speeding up ROI & Time-to-Market with Qt Andy Nichols Software Engineer, Qt R&D, Oslo Overview Problems facing Device Creators How Qt for Device Creation addresses those Problems
More informationDate Approved: Board of Directors on 7 July 2016
Policy: Bring Your Own Device Person(s) responsible for updating the policy: Chief Executive Officer Date Approved: Board of Directors on 7 July 2016 Date of Review: Status: Every 3 years Non statutory
More informationAn Introduction to Android. Jason Chen Developer Advocate Google I/O 2008
An Introduction to Android Jason Chen Developer Advocate Google I/O 2008 Background What is Android? Latest News 4,000,000,000 Internet and Mobile Phone Users, Worldwide 3,000,000,000 2,000,000,000 1,000,000,000
More informationLinux Kernel Security Update LinuxCon Europe Berlin, 2016
Linux Kernel Security Update LinuxCon Europe Berlin, 2016 James Morris james.l.morris@oracle.com Introduction Who am I? Kernel security subsystem maintainer Started kernel development w/ FreeS/WAN in 1999
More informationOpen Source in Automotive Infotainment
Open Source in Automotive Infotainment Taeyong Kim (ty.kim@windriver.com) Services & Solutions Wind River Systems 2015 Wind River. All Rights Reserved. Why using Open Source in IoT? Internet of Things
More informationQuantDroid: Quantitative Approach towards Mitigating Privilege Escalation on Android
QuantDroid: Quantitative Approach towards Mitigating Privilege Escalation on Android Tobias Markmann 1 Dennis Gessner 2 Dirk Westhoff 3 1 HAW Hamburg, Germany 2 NEC Laboratories Europe, Heidelberg, Germany
More informationWidget security model based on MIDP and Web Application based on a security model with TLS/SSL and XMLDsig
Widget security model based on MIDP and Web Application based on a security model with TLS/SSL and XMLDsig Claes Nilsson Technology Area Group Leader Web Browsing Marcus Liwell Technology Area Group Leader
More informationMobile Middleware Course. Mobile Platforms and Middleware. Sasu Tarkoma
Mobile Middleware Course Mobile Platforms and Middleware Sasu Tarkoma Role of Software and Algorithms Software has an increasingly important role in mobile devices Increase in device capabilities Interaction
More informationTizen Architecture Overview
Tizen Architecture Overview sunil.saxena@intel.com Tizen Vision Tizen Vision Cross-device, cross-architecture, open software platform based on a true, standards-based HTML5 implementation that delights
More informationNew Tizen Bluetooth Framework
New Tizen Bluetooth Framework Agenda Tizen Bluetooth Stack Overview Why we need Bluetooth Framework? Current Bluetooth Framework Desgin New Tizen Bluetooth Framework New Tizen Bluetooth Framework PoC 0.1
More informationAndroid. Lesson 1. Introduction. Android Developer Fundamentals. Android Developer Fundamentals. to Android 1
Android Lesson 1 1 1 1.0 to Android 2 Contents Android is an ecosystem Android platform architecture Android Versions Challenges of Android app development App fundamentals 3 Android Ecosystem 4 What is
More informationSharePoint Online and Azure Integration
SharePoint Online and Azure Integration Justin Jackson Managing Partner Valorem Consulting Group You manage You manage You manage Types of Cloud Services (On- Premises) Infrastructure (as a Service) Platform
More informationLinux Kernel Security Overview
Linux Kernel Security Overview Linux Security Summit Europe 2018 Edinburgh, UK James Morris jmorris@namei.org $ whoami Linux kernel security subsystem maintainer Linux kernel engineer at Microsoft Previously
More informationIGEEKS TECHNOLOGIES. Software Training Division. Academic Live Projects For BE,ME,MCA,BCA and PHD Students
Duration:40hours IGEEKS TECHNOLOGIES Software Training Division Academic Live Projects For BE,ME,MCA,BCA and PHD Students IGeekS Technologies (Make Final Year Project) No: 19, MN Complex, 2nd Cross, Sampige
More informationTEN LAYERS OF CONTAINER SECURITY. Kirsten Newcomer Security Strategist
TEN LAYERS OF CONTAINER SECURITY Kirsten Newcomer Security Strategist WHAT ARE CONTAINERS? Containers change how we develop, deploy and manage applications INFRASTRUCTURE Sandboxed application processes
More informationSecurity Enhancements (SE) for Android on Freescale ARM i.mx6 platform
Security Enhancements (SE) for Android on Freescale ARM i.mx6 platform Martin SCHULTE-HOBEIN Supervisor, Field Application Engineer Embedded EMEA msh@digi.com Android Adoption 900 million Android device
More informationCSE543 - Computer and Network Security Module: Virtualization
CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 Operating System Quandary Q: What is the primary goal of system
More informationSecuring Android-Powered Mobile Devices Using SELinux
Securing Android-Powered Mobile Devices Using SELinux This paper appears in: Security & Privacy, IEEE Issue Date: May- June 2010 Volume: 8 Issue:3 On page(s): 36-44 Asaf Shabtai, Yuval Fledel, and Yuval
More informationM2M / IoT Security. Eurotech`s Everyware IoT Security Elements Overview. Robert Andres
M2M / IoT Security Eurotech`s Everyware IoT Security Elements Overview Robert Andres 23. September 2015 The Eurotech IoT Approach : E2E Overview Application Layer Analytics Mining Enterprise Applications
More informationCSE543 - Computer and Network Security Module: Virtualization
CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 1 Operating System Quandary Q: What is the primary goal of
More informationCreating a Practical Security Architecture Based on sel4
Creating a Practical Security Architecture Based on sel4 Xinming (Simon) Ou University of South Florida (many slides borrowed/adapted from my student Daniel Wang) 1 Questions for sel4 Community Is there
More informationWindows Devices. Device Capabilities. Premium. Entry
Windows Devices $ Premium Entry Device Capabilities Windows 10 IoT $ Premium Windows 10 IoT Enterprise Desktop Shell, Win32 apps, Universal Windows Apps and Drivers 1 GB RAM, 16 GB Storage X86 Windows
More informationCardOS Secure Elements for Smart Home Applications
Infineon Security Partner Network Partner Use Case CardOS Secure Elements for Smart Home Applications Using cryptographic functionality provided by ATOS to secure embedded platforms in Smart Home applications.
More informationSecuring the future of mobility
Kaspersky Transportation System Security AVL Software and Functions Securing the future of mobility www.kaspersky.com #truecybersecurity Securing the future of mobility Connected car benefits The need
More informationAdvanced Systems Security: Future
Advanced Systems Security: Future Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab Penn State University 1 Privilege Separation Has been promoted for some time Software-Fault Isolation
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 12.16 EB7178 DATA SECURITY Table of Contents 2 Data Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationViryaOS RFC: Secure Containers for Embedded and IoT. A proposal for a new Xen Project sub-project
ViryaOS RFC: Secure Containers for Embedded and IoT A proposal for a new Xen Project sub-project Stefano Stabellini @stabellinist The problem Package applications for the target Contain all dependencies
More informationDistributed Systems COMP 212. Lecture 18 Othon Michail
Distributed Systems COMP 212 Lecture 18 Othon Michail Virtualisation & Cloud Computing 2/27 Protection rings It s all about protection rings in modern processors Hardware mechanism to protect data and
More informationKick Start your Embedded Development with Qt
Kick Start your Embedded Development with Qt Increasing Return On Investment & shortening time-to-market Nils Christian Roscher-Nielsen Product Manager, The Qt Company Overview Problems facing Device Creators
More informationMANAGING THE CAR CLOUD CONNECTION.
Daniel Wagner MANAGING THE CAR CLOUD CONNECTION. CONNMAN, SYSTEMD, AND THE INTERNET. BMW Car IT GmbH IVI CONNECTIVITY. GENERAL OVERVIEW. Apps in the car Software and Hardware Setups ConnMan Session API
More information5g Use Cases. Telefonaktiebolaget LM Ericsson 2015 Ericsson July 2015
5g Use Cases Telefonaktiebolaget LM Ericsson 2015 Ericsson July 2015 BROADBAND EXPERIENCE EVERYWHERE, ANYTIME 5g USE CASES SMART VEHICLES, TRANSPORT & INFRASTRUCTURE MEDIA EVERYWHERE CRITICAL CONTROL OF
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More informationMobility Management Concept for Always-Best-Connected Network
University of Jyväskylä Faculty of Information Technology Department of Mathematical Information Technology Mobility Management Concept for Always-Best-Connected Network Jari Kellokoski University of Jyvskylä
More informationSecurity Architecture
Security Architecture We ve been looking at how particular applications are secured We need to secure not just a few particular applications, but many applications, running on separate machines We need
More informationAbout Us. Innovating proven technology for practical security solutions
Rethink Security About Us Innovating proven technology for practical security solutions Virtualization Security Application Security Platform Security Cross Domain Security Desktop Consolidation Case Study
More informationWhat s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources
What s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources Soteris Demetriou, Xiaoyong Zhou, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang, Carl
More informationTizen Overview (Tizen Ver. 2.3)
Tizen Overview (Tizen Ver. 2.3) Spring 2015 Soo Dong Kim, Ph.D. Professor, Department of Computer Science Software Engineering Laboratory Soongsil University Office 02-820-0909 Mobile 010-7392-2220 sdkim777@gmail.com
More informationVisteon Position Paper i. Visteon Position Paper
i Visteon Position Paper ii REVISION HISTORY NUMBER DATE DESCRIPTION NAME iii Contents 1 Perspective on the topic of the Workshop 1 2 Viewpoint 2 3 Concrete examples, suggestions, and preferred workshop
More informationAGL/Phase 2 - Pulse Audio Routing Module
AGL/Phase 2 - Pulse Audio Routing Module Developer Version 1.0 September 2016 Abstract This document is the Developer, as a part of the AGL/Phase2- AppFw-Audio: Audio Routing SoW deliverable. Document
More informationSECURITY DEVROOM PTAGS
SECURITY DEVROOM PTAGS The module PTAGS allows to manage tags attached to processes. The module PTAGS is built on top of the Linux Security Module (LSM) infrastructure as it exists since V4.1 with stacking*
More informationMobilePASS. Security Features SOFTWARE AUTHENTICATION SOLUTIONS. Contents
MobilePASS SOFTWARE AUTHENTICATION SOLUTIONS Security Features Contents Introduction... 2 Technical Features... 2 Security Features... 3 PIN Protection... 3 Seed Protection... 3 Security Mechanisms per
More informationCAN Signaling Agent. A generic model to handle signals. AGL AMM Feb/2017 Fulup Ar Foll Lead Architect
CAN Signaling Agent A generic model to handle signals AGL AMM Feb/2017 Fulup Ar Foll Lead Architect fulup@iot.bzh st 1 technical Contributor Application Development Integration Yocto recipes Releases automation
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationLaying a Secure Foundation for Mobile Devices. Stephen Smalley Trusted Systems Research National Security Agency
Laying a Secure Foundation for Mobile Devices Stephen Smalley Trusted Systems Research National Security Agency Trusted Systems Research Conduct and sponsor research to provide information assurance for
More informationBEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE
BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE OUR ORGANISATION AND SPECIALIST SKILLS Focused on delivery, integration and managed services around Identity and Access Management.
More informationOld, New, Borrowed, Blue: A Perspective on the Evolution of Mobile Platform Security Architectures
Old, New, Borrowed, Blue: A Perspective on the Evolution of Mobile Platform Security Architectures N. Asokan ACM CODASPY 11 Joint work with Kari Kostiainen, Elena Reshetova, Jan-Erik Ekberg Feb 22, 2011
More informationBuilding Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal Devices OpenIT - 07.03.2014 by Javier González Javier González - jgon@itu.dk Philippe Bonnet - phbo@itu.dk Digital Society Distrust Users Personal Information! Information
More informationArm Mbed Edge. Shiv Ramamurthi Arm. Arm Tech Symposia Arm Limited
Arm Mbed Edge Shiv Ramamurthi Arm Arm Tech Symposia 2017 IoT increasing efficiency, yield, and convenience Commercial buildings Better energy & space utilization Precision farming and connected sites Increased
More informationGoogle on BeyondCorp: Empowering employees with security for the cloud era
SESSION ID: EXP-F02 Google on BeyondCorp: Empowering employees with security for the cloud era Jennifer Lin Director, Product Management, Security & Privacy Google Cloud What is BeyondCorp? Enterprise
More informationTurbocharging Connectivity Beyond Cellular
Bitte decken Sie die schraffierte Fläche mit einem Bild ab. Please cover the shaded area with a picture. (24,4 x 11,0 cm) Turbocharging Connectivity Beyond Cellular Scott Beutler, Head of Interior Division
More informationSECURITY ARCHITECTURES CARSTEN WEINHOLD
Department of Computer Science Institute of System Architecture, Operating Systems Group SECURITY ARCHITECTURES CARSTEN WEINHOLD MOTIVATION Common observations: Complex software has security bugs Users
More information6.858 Quiz 2 Review. Android Security. Haogang Chen Nov 24, 2014
6.858 Quiz 2 Review Android Security Haogang Chen Nov 24, 2014 1 Security layers Layer Role Reference Monitor Mandatory Access Control (MAC) for RPC: enforce access control policy for shared resources
More informationCS 528 Mobile and Ubiquitous Computing Lecture 1b: Introduction to Android. Emmanuel Agu
CS 528 Mobile and Ubiquitous Computing Lecture 1b: Introduction to Android Emmanuel Agu What is Android? Android is world s leading mobile operating system Open source (https://source.android.com/setup/)
More informationLecture 2 PLATFORM SECURITY IN ANDROID OS
Lecture 2 PLATFORM SECURITY IN ANDROID OS You will be learning: Android as a software platform Internals and surrounding ecosystem Security techniques in Android: Application signing Application isolation
More informationSmart Antennas and Hypervisor: Enabling Secure Convergence. July 5, 2017
Smart Antennas and : Enabling Secure Convergence July 5, 2017 About OpenSynergy OpenSynergy develops software solutions for embedded automotive systems. OpenSynergy s product portfolio includes key software
More informationHow To Prevent Rolling Spam Factories. Ryan Ware Lead Security Architect
How To Prevent Rolling Spam Factories Ryan Ware Lead Security Architect The Onslaught Is Coming 2 SSG System Software Division Connectivity Evolution Threat Space No IP Connectivity A/V Input CD DVD Analog
More informationAndroid System Architecture. Android Application Fundamentals. Applications in Android. Apps in the Android OS. Program Model 8/31/2015
Android System Architecture Android Application Fundamentals Applications in Android All source code, resources, and data are compiled into a single archive file. The file uses the.apk suffix and is used
More information