Storing Encrypted Plain Text Files Using Google Android

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Storing Encrypted Plain Text Files Using Google Android"

Transcription

1 Storing Encrypted Plain Text Files Using Google Android Abstract Jared Hatfield University of Louisville Google Android is an open source operating system that is available on a wide variety of smart phones from a variety of manufactures. While the core operating system uses encryption for phone calls, web browsing, and , the local storage available on the phone is primarily unencrypted. Encryption can be deployed at the application level to protect data stored on the phone. On a typical device, the data for an application is stored on the onboard micro SD card which can easily be mounted on a computer. The files stored on the card can then be copied to another device for analysis. If an unauthorized party were to gain physical access to a phone, it would be possible to quickly create a copy of the onboard data, potentially without the phone s owner even noticing. A simple notepad application that uses an encryption algorithm and user provided password can be used to read and write plain text securely to a file on the SD card. The security of the information stored using this approach will be analyzed and the method deployed will be documented. 1. Security and the Android Platform Based on the Linux kernel, the Android Open Source operating system is a mobile phone operating system that has rapidly gained popularity following the success of Apple s iphone. With the first public release in late 2008, Android has undergone rapid development and has gained wide spread adoption by major phone manufactures and wireless carriers. Unlike other major mobile operating systems, Android is an open source operating system meaning every bit of the operating system s code is freely and publically available for inspection, modification, and reuse. The main goal, when it comes to security and the Android platform, is outlined on the developers web site, An application's process runs in a security sandbox. The sandbox is designed to prevent applications from disrupting each other, except by explicitly declaring the permissions they need for additional capabilities not provided by the basic sandbox. (Google, 2010) The threat model addressed focuses on preventing malicious applications from the market place or code downloaded from the internet from compromising the phone. For the purposes of describing the threat model addressed, we will assume that Alice has a phone running Android and Oscar is actively attempting to gain access to the content stored on Alice s phone. The specific threat addressed is securing information should Oscar obtain physical access to Alice s Android based phone, even if only for a short period of time. It would be possible to copy files off of the phone s storage using a standard computer, a task which can take only a few moments. While the online accounts that are likely authenticated on the phone could be targeted, they are not the focus of this study. 1

2 2. Storing Information Securely The typical Android based phone includes internal flash memory and a removable microsd card that provides additional storage on top of the built in storage. The information stored on the phone, in general, is unencrypted. Even if a password or unlock pattern is used, it is possible to remove the microsd card from the phone and mount the partition on a computer and gain access to the information stored on the card. However, Android provides a simple mechanism for mounting the microsd card using the phone s interface making the task even easier. Applications developed for the Android platform are written in Java and target the Dalvik virtual machine. This allows the applications to be independent of the underlying system architecture. Every application on the platform is sandboxed to prevent unauthorized cross application leakage. When an application is installed the permissions that the application requires to run are presented to the user and must be authorized before the installation will continue. The microsd card serves as a common storage location that is accessible from any application authorized to access the extended persistent memory. 3. Storage of Encrypted Text Files A simple Android application, OpenNoteSecure has been developed to illustrate a method for storing encrypted text files on the phone s microsd card. Android provides access to many of the standard Java libraries including javax.crypto which includes AES and DES symmetric encryption ciphers. 3.1 Encryption Implementation Figure 1 The method employed for encryption and decryption is a two stage process as outlined in Figure 1. The text field that is provided to the user is editable in a String representation. This plain text string is encrypted using the specified cipher and password before being encoded as a Base64 2

3 string and written to a file. For decryption the process is reversed and the file is read and converted into the raw cipher text from the Base64 encoding and then decrypted using the specified cipher and password before being displayed to the user. The Base64 encoding is not required from a technical standpoint, but allows the encrypted text to be viewed in its encoding form using the same editor that was used to encrypt the text. An example of an encrypted string is shown in Table 1. Plain Text String Password Encrypted AES String Encrypted DES String The encrypted text. mypassword k8xp+cnbq1xglwz9a0x5f2cw6hzxlev5zs7obil6pak= 7VEYR6414dZET24jh8Gx2VoCZqXdmHJe Table Android Application GUI Figure 2 Figure 3 Figure 4 The graphical elements for the interface are simple and provide the necessary functionality to encrypt simple notes. Figure 2 depicts the initial interface that allows for the creation of new files and displays all *.txt files that currently exist in the root directory. When a file is selected the next interface as seen in Figure 3 is displayed. This allows the user to select the encryption algorithm and input the password for the file. For new files, the encryption algorithm and password will be used when the formerly empty file is saved. The last interface, as seen in Figure 4, provides the means to view, edit, and save the text back to the file. 3

4 4. Analysis of Security Software that uses encryption to store information must be carefully constructed so that it minimizes its surface for attack. Since it is necessary to decrypt the file on the device, it is unavoidable to have the decrypted text to be stored in RAM so the plain text can be viewed and manipulated. 4.1 Encryption Ciphers The Android platform s primary language for creating applications is Java. While the language for writing applications follows the Java syntax, the language itself does not strictly follow the standard Java implementation and not all of the standard libraries are available. However, the javax.crypto.cipher library is available and can be used to perform AES and DES encryption. The following code sample shows the constructor and encryption routines that are used to perform the AES encryption. The AESEncryptionProvider class provides a constructor that takes a string passphrase and then provides two methods encryptasbase64 and decryptasbase64 which are part of the IStringEncryptor abstract class that allows for the encryption algorithm to be interchangeable. /** * Constructor for AESEncryptionProvider for a specific passphrase passphrase The phassphrase to protect the data with. EncryptionException public AESEncryptionProvider(String passphrase) throws EncryptionException { // Set up the cipher this.cipher_transformation = "AES/CBC/PKCS5Padding"; this.cipher_algorithm = "AES"; this.messagedigest_algorithm = "MD5"; // Create the password byte array byte[] passwordkey = encodedigest(passphrase); // Set up the algorithm try { cipher = Cipher.getInstance(CIPHER_TRANSFORMATION); catch (NoSuchAlgorithmException e) { Log.e(OpenNoteSecure.TAG, "No such algorithm " + CIPHER_ALGORITHM, e); catch (NoSuchPaddingException e) { Log.e(OpenNoteSecure.TAG, "No such padding PKCS5", e); // Finish setting up the encryption by making the secret key and iv parameters secretkey = new SecretKeySpec(passwordKey, CIPHER_ALGORITHM); ivparameterspec = new IvParameterSpec(rawSecretKey); The AESEncryptionProvider constructor takes a pass phrase and converts it to a secret key that can be used to encrypt or decrypt text using the appropriate methods. The primary responsibility of the constructor is to simply create the key; once the key is created, the encryption provide is able to function. 4

5 /** * Performs the encryption on a string of data data The plain text to encrypt. The encrypted text encoded as a Base64 string. public String encryptasbase64(string data) throws EncryptionException{ byte[] encrypteddata = encrypt(data.getbytes()); return Base64.encodeBytes(encryptedData); The public encryption method used to encrypt a string provides a simple mechanism that returns the encrypted cipher text as a string. To accomplish this the underlying encryption algorithm performs the manipulation on a byte array computed from the original plain text string. To convert this byte array back to a string after it is encrypted, it is encoded as a Base64 string using a freely available encryption library provided by /** * Performs the AES encryption on a byte array. cleardata The unencrypted byte array. The encrypted byte array. EncryptionException private byte[] encrypt(byte[] cleardata) throws EncryptionException { try { cipher.init(cipher.encrypt_mode, secretkey, ivparameterspec); catch (InvalidKeyException e) { Log.e(OpenNoteSecure.TAG, "Invalid key", e); catch (InvalidAlgorithmParameterException e) { Log.e(OpenNoteSecure.TAG, "Invalid algorithm " + CIPHER_ALGORITHM, e); byte[] encrypteddata; try { encrypteddata = cipher.dofinal(cleardata); catch (IllegalBlockSizeException e) { Log.e(OpenNoteSecure.TAG, "Illegal block size", e); catch (BadPaddingException e) { Log.e(OpenNoteSecure.TAG, "Bad padding", e); return encrypteddata; The majority of the code surrounding the encryption and decryption routines is a try/catch block. The crypto routines are capable of throwing various exceptions in the case where the encryption or decryption fails. These routines catch these exceptions and then throw a new exception called EncryptionException. The EncryptionException is a new type of exception that simply indicates that the encryption or decryption routine was not able to be executed successfully. The main reason for throwing this exception is the instance where the wrong algorithms or password is used to attempt to decrypt a file. In this case the file is not decrypted and an error message is 5

6 displayed. The actual execution of the encryption is very simple to invoke and the complexity is masked by the underlying libraries. 4.2 Password and Key Distribution The simplest approach to securing the encrypted files is to not store the password on the device itself. Were the password to be stored on the device it would be possible to decrypt the file if the device would fall into Oscar s hands. The limitation to this approach is that the password must be memorized by Alice. Additionally, the password must be entered using a mobile on screen or physical keyboard which has limitations on the methods of data entry. These limitations may frustrate users. Assuming Alice uses a strong password to encrypt her information the encrypted information will be secure. When the file is being edited it is stored in memory as plain text along with the password that was used to for decryption. The Dalvik virtual machine relies on a garbage collector to free the allocated memory. Additionally, Android allows for multitasking so the application may still be running in the background after the user navigates away from it. This results in a period where the plain text is stored in the phones memory, even if the application is not in the foreground. However, steps can be taken to minimize these risks. 4.3 Limiting Exploitation Window The sensitive information that is stored in memory can be limited to the password and cipher text. The other information including the selected file and algorithm are not as sensitive. To limit these risks, the information needs to be removed from RAM as soon as it is no longer needed. Using the virtual machine s garbage collector, this can be, at least partially, accomplished with little effort. By removing all references to sensitive strings and then invoking the garbage collector the sensitive information in RAM would quickly be lost. However, there is no guarantee that the garbage collector will actually be invoked and that the contents of the RAM would be overwritten with new information. /** * Remove references to sensitive information and suggest the * garbage collector runs before finishing the activity. private void PerformCleanupAndClose(){ // Remove all of the references to the sensitive variables this.content.settext(""); this.password = ""; // Tell the system we want to run the garbage collector System.gc(); // Close this activity this.finish(); 5. Future Work The initial release of OpenNoteSecure is capable of performing symmetric encryption. The ability to perform asymmetric encryption would be very useful for securely encrypting 6

7 information that would be transmitted from user to user. The difficulty in implementing a system for performing asymmetric encryption arises from the vulnerability of the key store. The private keys that would need to be stored on the mobile device would need to be protected, which could be accomplished with a symmetric cipher and a pass phrase. 6. Conclusion The built in mechanisms for securing application data on the Android platform are currently limited, but the ability to secure information on an application by application basis has existing potential. The information stored on a mobile device depends on the security of the passphrase that is used to secure the information. The main issue is the compromise between security and convenience. In practice the convenience of easily accessible information wins over the ability to securely store this information. As a result, the main concern is using strong encryption keys that do not require memorization and manual entry from the user. OpenNoteSecure demonstrates that data security can be achieved, but still depends on memorization of keys by the user. Resources The source code for OpenNoteSecure is released under a General Public License Version 3. OpenNoteSecure is available to download for free from the Android Market. com.jaredhatfield.opennotesecure Works Cited Google. (2010, June 23). Security and Permissions. Retrieved from Android Developers: 7

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise

More information

Analysis of advanced issues in mobile security in android operating system

Analysis of advanced issues in mobile security in android operating system Available online atwww.scholarsresearchlibrary.com Archives of Applied Science Research, 2015, 7 (2):34-38 (http://scholarsresearchlibrary.com/archive.html) ISSN 0975-508X CODEN (USA) AASRC9 Analysis of

More information

Michael Seltzer COMP 116: Security Final Paper. Client Side Encryption in the Web Browser Mentor: Ming Chow

Michael Seltzer COMP 116: Security Final Paper. Client Side Encryption in the Web Browser Mentor: Ming Chow Michael Seltzer COMP 116: Security Final Paper Client Side Encryption in the Web Browser Mentor: Ming Chow 1 Abstract Web service providers generally look to encryption as a means of ensuring data privacy

More information

Research Information Security Guideline

Research Information Security Guideline Research Information Security Guideline Introduction This document provides general information security guidelines when working with research data. The items in this guideline are divided into two different

More information

Comodo Disk Encryption

Comodo Disk Encryption Comodo Disk Encryption Version 2.0 User Guide Version 2.0.122010 Versi Comodo Security Solutions 525 Washington Blvd. Jersey City, NJ 07310 Table of Contents 1.Comodo Disk Encryption Introduction... 3

More information

AES Crypt User Guide

AES Crypt User Guide AES Crypt User Guide Publication Date: 2013-12-26 Original Author: Gary C. Kessler (gck@garykessler.net) Revision History Date Contributor Changes 2012-01-17 Gary C. Kessler First version 2013-03-03 Doug

More information

File System Encryption with Integrated User Management

File System Encryption with Integrated User Management File System Encryption with Integrated User Management Stefan Ludwig Corporate Technology Siemens AG, Munich fsfs@stefan-ludwig.de Prof. Dr. Winfried Kalfa Operating Systems Group Chemnitz University of

More information

1 Step 1: Select... Files to Encrypt 2 Step 2: Confirm... Name of Archive 3 Step 3: Define... Pass Phrase

1 Step 1: Select... Files to Encrypt 2 Step 2: Confirm... Name of Archive 3 Step 3: Define... Pass Phrase Contents I Table of Contents Foreword 0 Part I Introduction 2 1 What is?... 2 Part II Encrypting Files 1,2,3 2 1 Step 1: Select... Files to Encrypt 2 2 Step 2: Confirm... Name of Archive 3 3 Step 3: Define...

More information

Analyzing the Security Schemes of Various Cloud Storage Services

Analyzing the Security Schemes of Various Cloud Storage Services Analyzing the Security Schemes of Various Cloud Storage Services ECE 646 Project Presentation Fall 2014 12/09/2014 Team Members Ankita Pandey Gagandeep Singh Bamrah Pros and Cons of Cloud Storage Services

More information

Introduction to BitLocker FVE

Introduction to BitLocker FVE Introduction to BitLocker FVE (Understanding the Steps Required to enable BitLocker) Exploration of Windows 7 Advanced Forensic Topics Day 3 What is BitLocker? BitLocker Drive Encryption is a full disk

More information

The Danger of Data Exfiltration over Social Media Sites

The Danger of Data Exfiltration over Social Media Sites The Danger of Data Exfiltration over Social Media Sites Dan Gunter, University of Louisville; Solomon Sonya, Western International University Abstract The pervasive utilization of social media sites within

More information

INTEGRATED FILE-LEVEL CRYPTOGRAPHICAL ACCESS CONTROL

INTEGRATED FILE-LEVEL CRYPTOGRAPHICAL ACCESS CONTROL INTEGRATED FILE-LEVEL CRYPTOGRAPHICAL ACCESS CONTROL Abstract Ryan Seifert ryanseifert@earthlink.net T. Andrew Yang Yang@UHCL.edu Division of Computing and Mathematics University of Houston - Clear Lake,

More information

Disk encryption... (not only) in Linux. Milan Brož mbroz@redhat.com

Disk encryption... (not only) in Linux. Milan Brož mbroz@redhat.com Disk encryption... (not only) in Linux Milan Brož mbroz@redhat.com FDE - Full Disk Encryption FDE (Full Disk Encryption) whole disk FVE (Full Volume Encryption) just some volumes (dis)advantages? + for

More information

Software Tool for Implementing RSA Algorithm

Software Tool for Implementing RSA Algorithm Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the most-common used algorithms for public-key

More information

Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2

Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2 BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

Thick Client Application Security

Thick Client Application Security Thick Client Application Security Arindam Mandal (arindam.mandal@paladion.net) (http://www.paladion.net) January 2005 This paper discusses the critical vulnerabilities and corresponding risks in a two

More information

Manual for Android 1.5

Manual for Android 1.5 Manual for Android 1.5 1 Table of Content 1. Scope of Service... 3 1.1 About Boxcryptor Classic... 3 1.2 About this manual... 3 2. Installation... 4 3. Basic functionality... 5 3.1. Setting up Boxcryptor

More information

Lecture 1 Introduction to Android

Lecture 1 Introduction to Android These slides are by Dr. Jaerock Kwon at. The original URL is http://kettering.jrkwon.com/sites/default/files/2011-2/ce-491/lecture/alecture-01.pdf so please use that instead of pointing to this local copy

More information

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms Radhika G #1, K.V.V. Satyanarayana *2, Tejaswi A #3 1,2,3 Dept of CSE, K L University, Vaddeswaram-522502,

More information

International Engineering Journal For Research & Development

International Engineering Journal For Research & Development Evolution Of Operating System And Open Source Android Application Nilesh T.Gole 1, Amit Manikrao 2, Niraj Kanot 3,Mohan Pande 4 1,M.tech(CSE)JNTU, 2 M.tech(CSE)SGBAU, 3 M.tech(CSE),JNTU, Hyderabad 1 sheyanilu@gmail.com,

More information

Example of Standard API

Example of Standard API 16 Example of Standard API System Call Implementation Typically, a number associated with each system call System call interface maintains a table indexed according to these numbers The system call interface

More information

USB Portable Storage Device: Security Problem Definition Summary

USB Portable Storage Device: Security Problem Definition Summary USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides

More information

Firmware security features in HP Compaq business notebooks

Firmware security features in HP Compaq business notebooks HP ProtectTools Firmware security features in HP Compaq business notebooks Embedded security overview... 2 Basics of protection... 2 Protecting against unauthorized access user authentication... 3 Pre-boot

More information

OOo Digital Signatures. Malte Timmermann Technical Architect Sun Microsystems GmbH

OOo Digital Signatures. Malte Timmermann Technical Architect Sun Microsystems GmbH OOo Digital Signatures Malte Timmermann Technical Architect Sun Microsystems GmbH About the Speaker Technical Architect in OpenOffice.org/StarOffice development OOo/StarOffice developer since 1991/94 Main

More information

TELE 301 Network Management. Lecture 16: Remote Terminal Services

TELE 301 Network Management. Lecture 16: Remote Terminal Services TELE 301 Network Management Lecture 16: Remote Terminal Services Haibo Zhang Computer Science, University of Otago TELE301 Lecture 16: Remote Terminal Services 1 Today s Focus Remote Terminal Services

More information

Creating and Using Databases for Android Applications

Creating and Using Databases for Android Applications Creating and Using Databases for Android Applications Sunguk Lee * 1 Research Institute of Industrial Science and Technology Pohang, Korea sunguk@rist.re.kr *Correspondent Author: Sunguk Lee* (sunguk@rist.re.kr)

More information

SeChat: An AES Encrypted Chat

SeChat: An AES Encrypted Chat Name: Luis Miguel Cortés Peña GTID: 901 67 6476 GTG: gtg683t SeChat: An AES Encrypted Chat Abstract With the advancement in computer technology, it is now possible to break DES 56 bit key in a meaningful

More information

Final Year Project Interim Report

Final Year Project Interim Report 2013 Final Year Project Interim Report FYP12016 AirCrypt The Secure File Sharing Platform for Everyone Supervisors: Dr. L.C.K. Hui Dr. H.Y. Chung Students: Fong Chun Sing (2010170994) Leung Sui Lun (2010580058)

More information

Mitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security

Mitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security Mitigating Server Breaches with Secure Computation Yehuda Lindell Bar-Ilan University and Dyadic Security The Problem Network and server breaches have become ubiquitous Financially-motivated and state-sponsored

More information

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html

More information

OPERATING SYSTEM SERVICES

OPERATING SYSTEM SERVICES OPERATING SYSTEM SERVICES USER INTERFACE Command line interface(cli):uses text commands and a method for entering them Batch interface(bi):commands and directives to control those commands are entered

More information

MaaS360 Mobile Enterprise Gateway

MaaS360 Mobile Enterprise Gateway MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2014 Fiberlink, an IBM Company. All rights reserved. Information in this document is subject to change without notice. The software described

More information

Android Architecture. Alexandra Harrison & Jake Saxton

Android Architecture. Alexandra Harrison & Jake Saxton Android Architecture Alexandra Harrison & Jake Saxton Overview History of Android Architecture Five Layers Linux Kernel Android Runtime Libraries Application Framework Applications Summary History 2003

More information

Understanding digital certificates

Understanding digital certificates Understanding digital certificates Mick O Brien and George R S Weir Department of Computer and Information Sciences, University of Strathclyde Glasgow G1 1XH mickobrien137@hotmail.co.uk, george.weir@cis.strath.ac.uk

More information

Secure USB Flash Drive. Biometric & Professional Drives

Secure USB Flash Drive. Biometric & Professional Drives Secure USB Flash Drive Biometric & Professional Drives I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE FLASH DRIVE... 3 DESCRIPTION... 3 IV. MODULES OF SECURE

More information

Introduction to Android

Introduction to Android Introduction to Android Android Smartphone Programming Matthias Keil Institute for Computer Science Faculty of Engineering October 19, 2015 Outline 1 What is Android? 2 Development on Android 3 Applications:

More information

USB Portable Storage Device: Security Problem Definition Summary

USB Portable Storage Device: Security Problem Definition Summary USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides

More information

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles

More information

Chapter 17. Transport-Level Security

Chapter 17. Transport-Level Security Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics

More information

BlackBerry Enterprise Solution Security Release 4.1.2 Technical Overview www.vodafone.com.mt

BlackBerry Enterprise Solution Security Release 4.1.2 Technical Overview www.vodafone.com.mt BlackBerry Enterprise Solution Security Release 4.1.2 Technical Overview www.vodafone.com.mt Life is now BlackBerry Enterprise Solution Security 1 Contents 5 Wireless security 5 BlackBerry Enterprise Solution

More information

Alaa Alhamami, Avan Sabah Hamdi Amman Arab University Amman, Jordan

Alaa Alhamami, Avan Sabah Hamdi Amman Arab University Amman, Jordan World of Computer Science and Information Technology Journal (WCSIT) ISSN: 2221-0741 Vol. 5, No. 5, 87-91, 2015 Mobile Secure Transmission Method Based on Audio Steganography Alaa Alhamami, Avan Sabah

More information

BlackBerry Enterprise Solution

BlackBerry Enterprise Solution BlackBerry Enterprise Solution Security Technical Overview for BlackBerry Enterprise Server Version 4.1 Service Pack 5 and BlackBerry Device Software Version 4.5 2008 Research In Motion Limited. All rights

More information

CRYPTAS it-security GmbH

CRYPTAS it-security GmbH Winmagic SecureDoc Enterprise Server 4.3.1 Common functionality CRYPTAS it-security GmbH Modecenterstrasse 22/B2 A-1030 Wien www.cryptas.com Knowlegde Guide Vienna, December 2007 Winmagic SecureDoc Enterprise

More information

Introduction...3 Terms in this Document...3 Conditions for Secure Operation...3 Requirements...3 Key Generation Requirements...

Introduction...3 Terms in this Document...3 Conditions for Secure Operation...3 Requirements...3 Key Generation Requirements... Hush Encryption Engine White Paper Introduction...3 Terms in this Document...3 Conditions for Secure Operation...3 Requirements...3 Key Generation Requirements...4 Passphrase Requirements...4 Data Requirements...4

More information

Mobile Security Framework; Advances in Mobile Governance in Korea. TaeKyung Kim tkkim@stu.ac.kr

Mobile Security Framework; Advances in Mobile Governance in Korea. TaeKyung Kim tkkim@stu.ac.kr Mobile Security Framework; Advances in Mobile Governance in Korea TaeKyung Kim tkkim@stu.ac.kr I. e-banking in Korea 1. e-banking? BIS (Bank for International Settlements) - e-finance(electronic banking)

More information

Using the Push Notifications Extension Part 1: Certificates and Setup

Using the Push Notifications Extension Part 1: Certificates and Setup // tutorial Using the Push Notifications Extension Part 1: Certificates and Setup Version 1.0 This tutorial is the second part of our tutorials covering setting up and running the Push Notifications Native

More information

CHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS

CHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS 70 CHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS 4.1 INTRODUCTION In this research work, a new enhanced SGC-PKC has been proposed for improving the electronic commerce and

More information

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Secret Key Cryptography (I) 1 Introductory Remarks Roadmap Feistel Cipher DES AES Introduction

More information

Java Card. Smartcards. Demos. . p.1/30

Java Card. Smartcards. Demos. . p.1/30 . p.1/30 Java Card Smartcards Java Card Demos Smart Cards. p.2/30 . p.3/30 Smartcards Credit-card size piece of plastic with embedded chip, for storing & processing data Standard applications bank cards

More information

AirStation One-Touch Secure System (AOSS ) A Description of WLAN Security Challenges and Potential Solutions

AirStation One-Touch Secure System (AOSS ) A Description of WLAN Security Challenges and Potential Solutions AirStation One-Touch Secure System (AOSS ) A Description of WLAN Security Challenges and Potential Solutions Buffalo Technology (USA), Inc. October 2004 1 Summary The Wireless Security Problem With the

More information

Snow Agent System Pilot Deployment version

Snow Agent System Pilot Deployment version Pilot Deployment version Security policy Revision: 1.0 Authors: Per Atle Bakkevoll, Johan Gustav Bellika, Lars, Taridzo Chomutare Page 1 of 8 Date of issue 03.07.2009 Revision history: Issue Details Who

More information

APPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK

APPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK APPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK John T Lounsbury Vice President Professional Services, Asia Pacific INTEGRALIS Session ID: MBS-W01 Session Classification: Advanced

More information

CS3600 SYSTEMS AND NETWORKS

CS3600 SYSTEMS AND NETWORKS CS3600 SYSTEMS AND NETWORKS NORTHEASTERN UNIVERSITY Lecture 2: Operating System Structures Prof. Alan Mislove (amislove@ccs.neu.edu) Operating System Services Operating systems provide an environment for

More information

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0 Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features

More information

S E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s

S E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s S E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s During the period between November 2012 and March 2013, Symantec Consulting Services partnered with Bomgar to assess the security

More information

General Security Best Practices

General Security Best Practices General Security Best Practices 1. One of the strongest physical security measures for a computer or server is a locked door. 2. Whenever you step away from your workstation, get into the habit of locking

More information

best practices for encryption in android

best practices for encryption in android best practices for encryption in android SUBHEADER VALUE PROPOSTION STATEMENT GOES HERE developer.motorola.com/enterprise WHITE PAPER BEST PRACTICES FOR ENCRYPTION IN ANDROID 2 introduction Android has

More information

Usable Crypto: Introducing minilock. Nadim Kobeissi HOPE X, NYC, 2014

Usable Crypto: Introducing minilock. Nadim Kobeissi HOPE X, NYC, 2014 Usable Crypto: Introducing minilock Nadim Kobeissi HOPE X, NYC, 2014 2012 Browsers are an environment that is hostile to cryptography Malleability of the JavaScript runtime. The lack of low-level (system-level)

More information

Projectplace: A Secure Project Collaboration Solution

Projectplace: A Secure Project Collaboration Solution Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the

More information

Parallels Business Automation 4.3

Parallels Business Automation 4.3 Parallels Parallels Business Automation 4.3 Advanced Security Configuration Guide Revision 1.0.04 (c) 1999-2008 ISBN: N/A Parallels 660 SW 39th Street Suite 205 Renton, Washington 98057 USA Phone: +1 (425)

More information

SkyRecon Cryptographic Module (SCM)

SkyRecon Cryptographic Module (SCM) SkyRecon Cryptographic Module (SCM) FIPS 140-2 Documentation: Security Policy Abstract This document specifies the security policy for the SkyRecon Cryptographic Module (SCM) as described in FIPS PUB 140-2.

More information

VMware Horizon Workspace Security Features WHITE PAPER

VMware Horizon Workspace Security Features WHITE PAPER VMware Horizon Workspace WHITE PAPER Table of Contents... Introduction.... 4 Horizon Workspace vapp Security.... 5 Virtual Machine Security Hardening.... 5 Authentication.... 6 Activation.... 6 Horizon

More information

Network Attached Storage. Jinfeng Yang Oct/19/2015

Network Attached Storage. Jinfeng Yang Oct/19/2015 Network Attached Storage Jinfeng Yang Oct/19/2015 Outline Part A 1. What is the Network Attached Storage (NAS)? 2. What are the applications of NAS? 3. The benefits of NAS. 4. NAS s performance (Reliability

More information

Mobile Operating Systems. Week I

Mobile Operating Systems. Week I Mobile Operating Systems Week I Overview Introduction Mobile Operating System Structure Mobile Operating System Platforms Java ME Platform Palm OS Symbian OS Linux OS Windows Mobile OS BlackBerry OS iphone

More information

EMAIL ENCRYPTION Guide June 3, 2013

EMAIL ENCRYPTION Guide June 3, 2013 EMAIL ENCRYPTION Guide June 3, 2013 TABLE OF CONTENTS Steps to Create Encryption Public Key... 3 Installing GPG... 3 Key Generation Process... 4 Update User Settings... 6 Decrypting an encrypted file...

More information

BYOD Guidance: BlackBerry Secure Work Space

BYOD Guidance: BlackBerry Secure Work Space GOV.UK Guidance BYOD Guidance: BlackBerry Secure Work Space Published 17 February 2015 Contents 1. About this guidance 2. Summary of key risks 3. Secure Work Space components 4. Technical assessment 5.

More information

Android Based Mobile Gaming Based on Web Page Content Imagery

Android Based Mobile Gaming Based on Web Page Content Imagery Spring 2011 CSIT691 Independent Project Android Based Mobile Gaming Based on Web Page Content Imagery TU Qiang qiangtu@ust.hk Contents 1. Introduction... 2 2. General ideas... 2 3. Puzzle Game... 4 3.1

More information

Specialized Android APP Development Program with Java (SAADPJ) Duration 2 months

Specialized Android APP Development Program with Java (SAADPJ) Duration 2 months Specialized Android APP Development Program with Java (SAADPJ) Duration 2 months Our program is a practical knowledge oriented program aimed at making innovative and attractive applications for mobile

More information

ANDROID BASED MOBILE APPLICATION DEVELOPMENT and its SECURITY

ANDROID BASED MOBILE APPLICATION DEVELOPMENT and its SECURITY ANDROID BASED MOBILE APPLICATION DEVELOPMENT and its SECURITY Suhas Holla #1, Mahima M Katti #2 # Department of Information Science & Engg, R V College of Engineering Bangalore, India Abstract In the advancing

More information

MaaS360 Mobile Enterprise Gateway

MaaS360 Mobile Enterprise Gateway MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2013 Fiberlink Communications Corporation. All rights reserved. Information in this document is subject to change without notice. The software

More information

Blaze Vault Online Backup. Whitepaper Data Security

Blaze Vault Online Backup. Whitepaper Data Security Blaze Vault Online Backup Version 5.x Jun 2006 Table of Content 1 Introduction... 3 2 Blaze Vault Offsite Backup Server Secure, Robust and Reliable... 4 2.1 Secure 256-bit SSL communication... 4 2.2 Backup

More information

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two

More information

Data Center Real User Monitoring

Data Center Real User Monitoring Data Center Real User Monitoring Migration from CryptoSwift Migration Guide Release 12.0.2 Please direct questions about Data Center Real User Monitoring or comments on this document to: APM Customer Support

More information

Objectives. Chapter 2: Operating-System Structures. Operating System Services (Cont.) Operating System Services. Operating System Services (Cont.

Objectives. Chapter 2: Operating-System Structures. Operating System Services (Cont.) Operating System Services. Operating System Services (Cont. Objectives To describe the services an operating system provides to users, processes, and other systems To discuss the various ways of structuring an operating system Chapter 2: Operating-System Structures

More information

SafeNet MSSQL EKM Provider User Guide

SafeNet MSSQL EKM Provider User Guide SafeNet MSSQL EKM Provider User Guide Version 4.8.5 Documentation Version: 20080705 Copyright Information 2009 SafeNet, Inc. All rights reserved All intellectual property is protected by copyright. All

More information

CHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device

CHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge

More information

Last modified: November 22, 2013 This manual was updated for the TeamDrive Android client version 3.0.216

Last modified: November 22, 2013 This manual was updated for the TeamDrive Android client version 3.0.216 Last modified: November 22, 2013 This manual was updated for the TeamDrive Android client version 3.0.216 2013 TeamDrive Systems GmbH Page 1 Table of Contents 1 Starting TeamDrive for Android for the First

More information

Mobile Labs Plugin for IBM Urban Code Deploy

Mobile Labs Plugin for IBM Urban Code Deploy Mobile Labs Plugin for IBM Urban Code Deploy Thank you for deciding to use the Mobile Labs plugin to IBM Urban Code Deploy. With the plugin, you will be able to automate the processes of installing or

More information

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/ Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP

More information

II. DISCUSSION ON ENCRYPTION PROGRAMS

II. DISCUSSION ON ENCRYPTION PROGRAMS Overview of Dropbox Encryption in Cloud Computing S.Raju 1 K.Santhi 2 S.Latha 3 1Professor and HOD, Department of IT, Mahendra Engineering College, Namakkal, India. 2 &3 Assistant Professor, Department

More information

Sync Security and Privacy Brief

Sync Security and Privacy Brief Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical

More information

SENSE Security overview 2014

SENSE Security overview 2014 SENSE Security overview 2014 Abstract... 3 Overview... 4 Installation... 6 Device Control... 7 Enrolment Process... 8 Authentication... 9 Network Protection... 12 Local Storage... 13 Conclusion... 15 2

More information

Online Backup by Mozy. Restore Common Questions

Online Backup by Mozy. Restore Common Questions Online Backup by Mozy Restore Common Questions Document Revision Date: June 29, 2012 Online Backup by Mozy Common Questions 1 How do I restore my data? There are five ways of restoring your data: 1) Performing

More information

International Journal for Research in Computer Science

International Journal for Research in Computer Science TOPIC: MOBILE COMPUTING AND SECURITY ISSUES. ABSTRACT Owodele Odukale The past decade has seen a growth in the use of mobile computing. Its use can be found in areas such as social media, information exchange,

More information

A Review of Different Comparative Studies on Mobile Operating System

A Review of Different Comparative Studies on Mobile Operating System Research Journal of Applied Sciences, Engineering and Technology 7(12): 2578-2582, 2014 ISSN: 2040-7459; e-issn: 2040-7467 Maxwell Scientific Organization, 2014 Submitted: August 30, 2013 Accepted: September

More information

Chapter 10. Cloud Security Mechanisms

Chapter 10. Cloud Security Mechanisms Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based

More information

Topics. Introduction. Java History CS 146. Introduction to Programming and Algorithms Module 1. Module Objectives

Topics. Introduction. Java History CS 146. Introduction to Programming and Algorithms Module 1. Module Objectives Introduction to Programming and Algorithms Module 1 CS 146 Sam Houston State University Dr. Tim McGuire Module Objectives To understand: the necessity of programming, differences between hardware and software,

More information

GostCrypt User Guide. Laboratoire de Cryptologie et de Virologie Opérationnelles - France

GostCrypt User Guide. Laboratoire de Cryptologie et de Virologie Opérationnelles - France GostCrypt User Guide Laboratoire de Cryptologie et de Virologie Opérationnelles - France Copyright c 2014 Laboratoire de Cryptologie et de Virologie Opératoinnelles - France GOSTCRYPT.ORG Contents 1 Introduction.................................................

More information

FileCloud Security FAQ

FileCloud Security FAQ is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file

More information

Chapter 2: Operating-System Structures

Chapter 2: Operating-System Structures Chapter 2: Operating-System Structures Chapter 2: Operating-System Structures Operating System Services User Operating System Interface System Calls Types of System Calls System Programs Operating System

More information

Salesforce1 Mobile Security Guide

Salesforce1 Mobile Security Guide Salesforce1 Mobile Security Guide Version 1, 1 @salesforcedocs Last updated: December 8, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,

More information

Dashlane Security Whitepaper

Dashlane Security Whitepaper Dashlane Security Whitepaper November 2014 Protection of User Data in Dashlane Protection of User Data in Dashlane relies on 3 separate secrets: The User Master Password Never stored locally nor remotely.

More information

iphone in Business Security Overview

iphone in Business Security Overview iphone in Business Security Overview iphone can securely access corporate services and protect data on the device. It provides strong encryption for data in transmission, proven authentication methods

More information

Deciphering the Safe Harbor on Breach Notification: The Data Encryption Story

Deciphering the Safe Harbor on Breach Notification: The Data Encryption Story Deciphering the Safe Harbor on Breach Notification: The Data Encryption Story Healthcare organizations planning to protect themselves from breach notification should implement data encryption in their

More information

Microsoft.NET Passport, a solution of single sign on

Microsoft.NET Passport, a solution of single sign on Microsoft.NET Passport, a solution of single sign on Zheng Liu Department of Computer Science University of Auckland zliu025@ec.auckland.ac.nz Abstract: As the World Wide Web grows rapidly, accessing web-based

More information

EnergyAxis System: Security for the Smart Grid

EnergyAxis System: Security for the Smart Grid Security for the Smart Grid 2010 by Elster All rights reserved. No part of this document may be reproduced, transmitted, processed or recorded by any means or form, electronic, mechanical, photographic

More information

Enova X-Wall LX Frequently Asked Questions

Enova X-Wall LX Frequently Asked Questions Enova X-Wall LX Frequently Asked Questions Q: What is X-Wall LX? A: X-Wall LX is the third generation of Enova real-time hard drive cryptographic gateway ASIC (Application Specific Integrated Circuit)

More information

Restraining Execution Environments

Restraining Execution Environments Restraining Execution Environments Segurança em Sistemas Informáticos André Gonçalves Contents Overview Java Virtual Machine: Overview The Basic Parts Security Sandbox Mechanisms Sandbox Memory Native

More information

Rights Management Services

Rights Management Services www.css-security.com 425.216.0720 WHITE PAPER Microsoft Windows (RMS) provides authors and owners the ability to control how they use and distribute their digital content when using rights-enabled applications,

More information