M-Shield mobile security technology
|
|
- Suzanna Dennis
- 8 years ago
- Views:
Transcription
1 Technology for Innovators TM M-Shield mobile security technology making wireless secure Overview As 3G networks are successfully deployed worldwide, opportunities are arising to deliver to end-users a multitude of services that satisfy their business, organizational and entertainment needs. Wireless operators have started to increase value-added services such as multimedia services, e-wallet functionality enabling financial transactions, gaming and messaging. Operators will also benefit from the increased pipe bandwidth of 3G by performing over-the-air services, applications provisioning and bug fixes, thus significantly reducing operational and support costs. The increased value and availability of the content and benefits of higher bandwidth dictate increased levels of handset security. As people start using mobile phones to tap into computer networks and to serve as payment devices, the potential damage could become severe as viruses spread from the mobile handset to the enterprise network. W H I T E P A P E R By Jay Srage Marketing Manager for Cellular Systems Jérôme Azema Security CTO for Cellular Systems Current security solutions are software-based and have proven to be vulnerable through hacking, viruses and other malicious attacks. This lack of adequate security affects the trust of content, service and financial providers as well as consumers. Financial service providers, banks and consumers alike will not feel comfortable with over-the-air processing and handset storage of payment credentials unless they are offered a high degree of security. Likewise, few content providers will deploy music, videos or games unless they can trust the terms and conditions of the content purchase and download are not violated. Another factor driving the need for wireless security technologies is an operator s desire to decrease operational and support costs with the ability to deploy over-the-air bug fixes and software patches, as well as flashing and application provisioning at purchase instead of production. Solving the security problem is essential for growth of 3G systems. The increased value and availability of the content and benefits of higher bandwidth are dictating increased security of the handset without violating the constraints of performance and power.
2 2 M-Shield mobile security technology solution Texas Instruments (TI s) M-Shield mobile security technology solution provides the highest level of terminal and content security in the industry as well as setting the benchmark for the level of security needed to allow financial applications. TI s M-Shield technology is a system-level approach that intimately interleaves hardware and software and provides several benefits over current software solutions, including: Much higher performance and security level for protection, detection and reaction against tampering through several hardware-based security mechanisms and hardware-accelerated cryptography A more difficult and expensive process to reverse-engineer and hack A more challenging phone cloning process Power optimization Transparent usage from the end-user M-Shield technology is the key security element of the widely used OMAP platform and recently announced OMAP-Vox family of scalable wireless solutions. The OMAP platform is a family of high-performance, low power consumption applications processors featuring an open, flexible architecture that is driving innovative solutions across the wireless industry. TI s new OMAP-Vox solutions are built on the industry-leading OMAP architecture. By integrating modem and application processing, OMAP-Vox solutions are optimized to efficiently run a dynamic mixture of applications and communications functions on the same hardware. Complete chipsets will also include analog components, power management and RF devices. M-Shield technology features in TI wireless chipsets Hardware Feature Set Secure Control of Platform Debug, Test and Trace Capabilities Secure Flashing/Booting Support Cryptographic Accelerators DES/3DES AES SHA-1 & MD5 PKA FIPS Compliant True Hardware RNG Secure On-Chip Keys Root Public Key Hash (RSA Authentication) Random Key (Binding, Secure Storage) Customer Key (OEM-Specific Use) Secure Environment Hardware Secure DMA Channels ROM Code Feature Set Secure Flashing Secure Booting Secure Environment Software Secure Environment entry and exit mechanism Secure Environment interrup handling Load manager to load and verify protected applications in Secure RAM prior to execution Storage manager to encrypt and store sensitive data belonging to protected applications in NoVo memory Secure run-time services for protected applications, including cryptographic libraries Expanded feature support in future generations, including ARM TrustZone support Secure Chip-Interconnect Expanded feature support in future generations, including ARM TrustZone support
3 3 M-Shield solution s infrastructure TI s M-Shield technology solution s infrastructure includes: Public-Key Infrastructure with secure on-chip keys (E-fuse) On-chip control of secure flashing and secure booting Secure Environment with hardware countermeasures against attacks for safe execution of sensitive authorized applications (called protected applications) and secure storage of their sensitive data Secure chip-interconnect Secure Direct Memory Access (DMA) Hardware cryptographic accelerators and Random Number Generator (RNG) This infrastructure allows M-Shield technology to offer a hardwareenforced Secure Environment. M-Shield technology also offers: Authentication of flashing and booting software 100+ services accessible by protected applications Accelerated cryptography Hardware-based protection against software attacks and cloning Secure access/restriction to all chip peripherals and memories Secure control of debug, test and trace capabilities M-Shield solution s infrastructure provides the highest level of security to reduce the unauthorized use of handsets and fraud while enabling the deployment of value-added secure services. M-Shield hardware implementation in TI wireless chipsets Products OMAP16xx OMAP17xx OMAP33x OMAP75x OMAP85x OMAPV1030 OMAP2420 Future OMAP and OMAP-Vox Devices True RNG DES/3DES, SHA-1/MD5 AES Public-Keys Accelerator (PKA) Secure Control of Platform Debug, Test and Trace Capabilities Secure Flashing/Booting Run-Time Secure Services (Secure ROM) Secure Environment (Secure ROM/RAM/SSM) Secure Chip-Interconnect Secure DMA ARM TrustZone Support
4 4 Secure environment TI s M-Shield technology s Secure Environment provides hardware countermeasures against attacks and is the industry s first hardware-based environment for secure execution and storage. The Secure Environment provides: Security via on-chip public key verification Secure execution of user-defined protected applications Secure storage (authenticated, encrypted data stored externally) Internal/external memory and peripheral access control due to secure chip-interconnect programming Privacy of data transfer on the platform due to Secure DMA programming Secure run-time services, including cryptographic libraries Access from/to the operating system through the Secure Environment driver Debug, test and trace secure control Secure watchdog timer The Secure Environment is built of three main components: the hardware Secure State Machine, the Secure ROM and the Secure RAM. The Secure State Machine applies and guarantees the security policy rules while entering, executing and exiting from the Secure Environment. Secure ROM embeds: Drivers for the hardware cryptography blocks Secure Environment manager to handle the entry, exit and interruption of the Secure Environment Load manager to load and verify the protected applications prior to execution Secure storage manager to handle the storage of data belonging to the protected application Remote procedure call to communicate with the operating system through the Secure Environment driver Secure run-time services, including cryptographic libraries Secure RAM is used for: Authentication and execution of protected applications Safe working space for execution of secure run-time services Key material generation Dynamic keys storage Certificate signature and verification Public-key infrastructure Secure on-chip keys (E-Fuse) are OEM-specific one-time programmable keys accessible only from inside the Secure Environment for authentication and encryption and include: Root public key for authentication Random key for binding and secure storage Customer key for OEM-specific use
5 5 Secure chip-interconnect and Secure DMA Hardware cryptographic accelerators TI s M-Shield technology provides the capability of the Secure Environment to qualify (DMA) transfers as secure to protect the confidentiality of sensitive high-value data, such as Digital Rights Management (DRM)-protected contents, during their processing and transfer throughout the platform. To further ensure protection against attacks, a secure chip-interconnect allows peripherals and memories to be accessible only by the Secure Environment and/or by the Secure DMA channels so that sensitive information confidentiality can be guaranteed in the entire data path, from origin to destination. Examples of peripherals and memories of the device that might be disabled include: MMI peripherals such as keyboard, LCD, fingerprint sensor Smartcard physical interface Crypto processors Serial interfaces involved in multimedia content rendering Internal memories External flashes and SDRAMs TI s M-Shield technology includes a Public-Key Infrastructure that along with the Secure Environment provides complete security. Cryptographic accelerators and a FIPS compliant are key elements of the Public-Key Infrastructure. The M-Shield security solution provides a hardware-based AES accelerator and Public-Key Accelerator (PKA), as well as DES/3DES, SHA-1 and MD5 hardware accelerators. By providing fast client authentication and signing, as well as fast content decryption and integrity checking, M-Shield technology accelerators save critical time and enhance the user experience by offsetting the degradation of software-based solutions. M-Shield secure environment use case User Application File System Secure Storage Secure Environment API Secure Environment Device Driver User Mode Kernel Mode SSM secret data Secure ROM Code Secure RAM Protected Application Root Public Key Random Key RNG SHA-1/MD5 DES/3DES AES PKA Secure Mode Secure DMA Secure Chip-Interconnect Other Security Features M-Shield mobile security technology
6 6 ARM TrustZone technology support TI will extend the scope of M-Shield technology in the future to support ARM s TrustZone technology. The resulting combination provides even higher performance and security levels to applications running in the Secure Environment. M-Shield software solution Conclusion For more information In addition to M-Shield mobile security solution s hardware, TI also offers a flexible software solution that includes device drivers as well as security software libraries and APIs to support third-party middleware software and applications. M-Shield solution s flexible API supports a wide range of cryptography functions and allows the cryptography engine to interface with higher levels of the system, such as operating systems, industrystandard security protocols (SSL, TLS, IPSec) and interfaces such as Public Key Cryptography Standards (PKCS). Third-party applications like DRM agents, VPN clients, anti-virus programs, firewalls and software filters are dictated by the requirements of 3G applications and are available from a wide variety of TI partners. For high-value services deployment to be successful, end-users, content providers and service providers must be confident the handset offers the right level of security. As the value and complexity of the applications and high-value content increases, the security level must also increase. Only a system-level solution can provide the highest level of security. With TI s M-Shield mobile security technology solution, along with an ecosystem of partnerships, 3G secure-sensitive applications will be successfully deployed. Statements contained in this white paper regarding the growth of the 3G handset market, TI market penetration and qualification of TI products and other statements of management's beliefs, goals and expectations may be considered forward-looking statements as that term is defined in the Private Securities Litigation Reform Act of 1995, and are subject to risks and uncertainties that could cause actual results to differ materially from those expressed or implied by these statements. The following factors and the factors discussed in TI's most recent Form 10-K could cause actual results to differ materially from the statements contained in this white paper: actual market demand for 3G products in general and TI semiconductor products specifically, and actual certification test results relating to TI products. TI disclaims any intention or obligation to update any forward-looking statements as a result of developments occurring after the date of this white paper. Technology for Innovators, the black/red banner, M-Shield, OMAP and OMAP-Vox are trademarks of Texas Instruments. All other trademarks are the property of their respective owners Texas Instruments Incorporated Printed in the U.S.A. Printed on recycled paper. SWPY014A
M-Shield Mobile Security Technology: making wireless secure
WHITE PAPER Jerome Azema Distinquished Member of Technical Staff WTBU Chief Technology Office - Security Texas Instruments Gilles Fayad Worldwide Strategic Marketing Manager, Mobile Platform Security and
More informationOMAP platform security features
SWPT008 - July 2003 White Paper OMAP platform security features By Harini Sundaresan Applications Engineer, OMAP Security Texas Instruments, Wireless Terminal Business Unit This white paper introduces
More informationEmbedded Java & Secure Element for high security in IoT systems
Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product
More informationSECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES
SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES Contents Introduction... 3 DRM Threat Model... 3 DRM Flow... 4 DRM Assets... 5 Threat Model... 5 Protection of
More informationCycurHSM An Automotive-qualified Software Stack for Hardware Security Modules
CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules Dr. Frederic Stumpf, ESCRYPT GmbH Embedded Security, Stuttgart, Germany 1 Introduction Electronic Control Units (ECU) are embedded
More informationSide Channel Analysis and Embedded Systems Impact and Countermeasures
Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Agenda Advances in Embedded Systems Security From USB stick to game console Current attacks Cryptographic devices Side
More informationBroadSAFE Enhanced IP Phone Networks
White Paper BroadSAFE Enhanced IP Phone Networks Secure VoIP Using the Broadcom BCM11xx IP Phone Technology September 2005 Executive Summary Voice over Internet Protocol (VoIP) enables telephone calls
More informationUnderstand Electronic-Meter Design to Better Craft Intelligent and Secure Systems
Understand Electronic-Meter Design to Better Craft Intelligent and Secure Systems driving trust Author, INSIDE Secure As more utility companies install smart electric and other types of utility meters
More informationHow mobile operators can monetize 3G investments through an effective applications platform
Technology for Innovators TM How mobile operators can monetize 3G investments through an effective applications platform By Mike Yonker mikey@ti.com Director of Technology Strategy, Wireless Terminals
More informationDeploying iphone and ipad Security Overview
Deploying iphone and ipad Security Overview ios, the operating system at the core of iphone and ipad, is built upon layers of security. This enables iphone and ipad to securely access corporate services
More informationSecure Network Communications FIPS 140 2 Non Proprietary Security Policy
Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles
More informationHigh-Performance, Highly Secure Networking for Industrial and IoT Applications
High-Performance, Highly Secure Networking for Industrial and IoT Applications Table of Contents 2 Introduction 2 Communication Accelerators 3 Enterprise Network Lineage Features 5 Example applications
More informationTrusted Platforms for Homeland Security
Trusted Platforms for Homeland Security By Kevin Schutz, Product Manager Secure Products Summary Ongoing threats from hackers, viruses, and worms continue to make security a top priority for IT and business
More informationipad in Business Security
ipad in Business Security Device protection Strong passcodes Passcode expiration Passcode reuse history Maximum failed attempts Over-the-air passcode enforcement Progressive passcode timeout Data security
More informationiphone in Business Security Overview
iphone in Business Security Overview iphone can securely access corporate services and protect data on the device. It provides strong encryption for data in transmission, proven authentication methods
More informationSecure Data Exchange Solution
Secure Data Exchange Solution I. CONTENTS I. CONTENTS... 1 II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE DOCUMENT EXCHANGE SOLUTIONS... 3 INTRODUCTION... 3 Certificates
More informationHow To Understand And Understand The Security Of A Key Infrastructure
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used
More informationVerfahren zur Absicherung von Apps. Dr. Ullrich Martini IHK, 4-12-2014
Verfahren zur Absicherung von Apps Dr. Ullrich Martini IHK, 4-12-2014 Agenda Introducing G&D Problem Statement Available Security Technologies Smartcard Embedded Secure Element Virtualization Trusted Execution
More informationTexas Instruments OMAP platform optimized for Microsoft Windows Mobile -based devices
Technology for Innovators TM Texas Instruments OMAP platform optimized for Microsoft Windows Mobile -based devices Texas Instruments (TI) OMAP platform delivers a comprehensive family of reference designs,
More informationUnderstanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions
Understanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions February 2005 All rights reserved. Page i Entrust is a registered trademark of Entrust,
More informationUnderstanding Digital Certificates & Secure Sockets Layer A Fundamental Requirement for Internet Transactions
A Fundamental Requirement for Internet Transactions May 2007 Copyright 2007 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.
More informationPrivyLink Cryptographic Key Server *
WHITE PAPER PrivyLink Cryptographic Key * Tamper Resistant Protection of Key Information Assets for Preserving and Delivering End-to-End Trust and Values in e-businesses September 2003 E-commerce technology
More informationHardware Security Modules for Protecting Embedded Systems
Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &
More informationThreat Model for Software Reconfigurable Communications Systems
Threat Model for Software Reconfigurable Communications Systems Presented to the Management Group 6 March 007 Bernard Eydt Booz Allen Hamilton Chair, SDR Security Working Group Overview Overview of the
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationVirtual Private Networks (VPN) Connectivity and Management Policy
Connectivity and Management Policy VPN Policy for Connectivity into the State of Idaho s Wide Area Network (WAN) 02 September 2005, v1.9 (Previous revision: 14 December, v1.8) Applicability: All VPN connections
More informationConfidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator
Confidentio Integrated security processing unit Including key management module, encryption engine and random number generator Secure your digital life Confidentio : An integrated security processing unit
More informationCard Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006
Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates September 2006 Copyright 2006 Entrust. All rights reserved. www.entrust.com Entrust is a registered trademark
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationFreescale Security Backgrounder Page 1
Freescale Security Backgrounder Page 1 Freescale Security Backgrounder Page 2 Table of Contents 1. Secure Internet Traffic: A Market Imperative 2. Overview of Network Security Technologies 3. Differences
More informationEntrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0
Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust
More informationApplying Cryptography as a Service to Mobile Applications
Applying Cryptography as a Service to Mobile Applications SESSION ID: CSV-F02 Peter Robinson Senior Engineering Manager RSA, The Security Division of EMC Introduction This presentation proposes a Cryptography
More informationWireless Security: from the inside out. building security into the OMAP platform. ATechnology and Business Review from Certicom and Texas Instruments
Wireless Security: from the inside out building security into the OMAP platform ATechnology and Business Review from Certicom and Teas Instruments January 2003 Over the net few years, more than 50 percent
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationi.mx Trust Architecture Protects assets of multiple stakeholders Guards against sophisticated attacks Assures software measures TM 2
September 2013 i.mx-based products Rich, mobile, end-user, connected platforms Increasingly valuable assets: end-user data, licensed content, access credentials, intellectual property Increasingly threatened:
More informationCertification Report
Certification Report McAfee Network Security Platform v7.1 (M-series sensors) Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationSECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014
SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014 Table of Contents Introduction AMI Communication Architecture Security Threats Security
More informationAchieving DRM Robustness. securing the device from the silicon up to the application
Achieving DRM Robustness securing the device from the silicon up to the application A Certicom White Paper November 2005 Introduction Digital Rights Management (DRM) is a critical business enabler for
More informationIntroducing etoken. What is etoken?
Introducing etoken Nirit Bear September 2002 What is etoken? Small & portable reader-less Smartcard Standard USB connectivity Logical and physical protection Tamper evident (vs. tamper proof) Water resistant
More informationComplying with PCI Data Security
Complying with PCI Data Security Solution BRIEF Retailers, financial institutions, data processors, and any other vendors that manage credit card holder data today must adhere to strict policies for ensuring
More informationConfiguring Security Features of Session Recording
Configuring Security Features of Session Recording Summary This article provides information about the security features of Citrix Session Recording and outlines the process of configuring Session Recording
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationVoIP Security. Seminar: Cryptography and Security. 07.06.2006 Michael Muncan
VoIP Security Seminar: Cryptography and Security Michael Muncan Overview Introduction Secure SIP/RTP Zfone Skype Conclusion 1 Introduction (1) Internet changed to a mass media in the middle of the 1990s
More informationSolution Recipe: Improve Networked PC Security with Intel vpro Technology
Solution Recipe: Improve Networked PC Security with Intel vpro Technology Preface Intel has developed a series of unique Solution Recipes designed for channel members interested in providing complete solutions
More informationSecure USB Flash Drive. Biometric & Professional Drives
Secure USB Flash Drive Biometric & Professional Drives I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE FLASH DRIVE... 3 DESCRIPTION... 3 IV. MODULES OF SECURE
More informationSecurity in ST : From Company to Products
Security in ST : From Company to Products July 2015 Thierry FENSCH Innovation, Collaboration and Efficiency Director Grenoble Site A global semiconductor leader 2014 revenues of $7.40B Who we are 2 Approximately
More informationBYOD Guidance: BlackBerry Secure Work Space
GOV.UK Guidance BYOD Guidance: BlackBerry Secure Work Space Published 17 February 2015 Contents 1. About this guidance 2. Summary of key risks 3. Secure Work Space components 4. Technical assessment 5.
More informationSoC: Security-on-chip!
SoC: Security-on-chip! MPSoC (July 2005) NEC Laboratories America Princeton, NJ Ubiquitous Security Concerns Home Gateway Servers WLAN Terminal Access Point Corporate Network Desktop Firewall ATM machine
More informationAchieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER
with Convenience and Personal Privacy version 0.2 Aug.18, 2007 WHITE PAPER CONTENT Introduction... 3 Identity verification and multi-factor authentication..... 4 Market adoption... 4 Making biometrics
More informationSecurity Technology for Smartphones
Security Technology for Smartphones Yasuhiko Abe Hitoshi Ikeda Masafumi Emura Service functions are implemented on smartphones by storing on them personal information, network-operator information, corporate
More informationCertification Report
Certification Report EAL 4+ Evaluation of ncipher nshield Family of Hardware Security Modules Firmware Version 2.33.60 Issued by: Communications Security Establishment Canada Certification Body Canadian
More informationWhite Paper: An Overview of the Samsung KNOX TM 2.0 Platform
: An Overview of the Samsung KNOX TM 2.0 Platform March 2014 Enterprise Mobility Solutions Samsung Electronics Co., Ltd. Contents Acronyms Introducing the Samsung KNOX 2.0 Platform What's New in the KNOX
More informationFIPS 140-2 Security Policy 3Com Embedded Firewall PCI Cards
FIPS 140-2 Security Policy 3Com Embedded Firewall PCI Cards 3Com Corporation 5403 Betsy Ross Drive Santa Clara, CA 95054 USA February 24, 2006 Revision Version 0.4 Page 1 of 15 1. Introduction The following
More informationWindows Phone 8 Security Overview
Windows Phone 8 Security Overview This white paper is part of a series of technical papers designed to help IT professionals evaluate Windows Phone 8 and understand how it can play a role in their organizations.
More informationSENSE Security overview 2014
SENSE Security overview 2014 Abstract... 3 Overview... 4 Installation... 6 Device Control... 7 Enrolment Process... 8 Authentication... 9 Network Protection... 12 Local Storage... 13 Conclusion... 15 2
More informationios Security Decoded Dave Test Classroom and Lab Computing Penn State ITS Feedback - http://j.mp/psumac33
ios Security Decoded Dave Test Classroom and Lab Computing Penn State ITS Feedback - http://j.mp/psumac33 Why care about ios Security? 800M 800 million ios devices activated 130 million in last year 98%
More informationIntel Network Builders: Lanner and Intel Building the Best Network Security Platforms
Solution Brief Intel Xeon Processors Lanner Intel Network Builders: Lanner and Intel Building the Best Network Security Platforms Internet usage continues to rapidly expand and evolve, and with it network
More informationA Perspective on the Evolution of Mobile Platform Security Architectures
A Perspective on the Evolution of Mobile Platform Security Architectures Kari Kostiainen Nokia Research Center, Helsinki TIW, June 2011 Joint work with N. Asokan, Jan-Erik Ekberg and Elena Reshetova 1
More informationCerticom Security for Government Suppliers developing client-side products to meet the US Government FIPS 140-2 security requirement
certicom application notes Certicom Security for Government Suppliers developing client-side products to meet the US Government FIPS 140-2 security requirement THE PROBLEM How can vendors take advantage
More informationAppliedMicro Trusted Management Module
AppliedMicro Trusted Management Module Majid Bemanian, Sr. Director of Marketing, Applied Micro Processor Business Unit July 12, 2011 Celebrating 20 th Anniversary of Power Architecture 1 AppliedMicro
More informationEnterprise Security Management CheckPoint SecuRemote VPN v4.0 for pcanywhere
Enterprise Security Management CheckPoint SecuRemote VPN v4.0 for pcanywhere White Paper 7KH#&KDOOHQJH Virtual Private Networks (VPNs) provides a powerful means of protecting the privacy and integrity
More informationCisco Trust Anchor Technologies
Data Sheet Cisco Trust Anchor Technologies Overview Cisco Trust Anchor Technologies provide the foundation for trustworthy systems across Cisco. The Cisco Trust Anchor and a Secure Boot check of signed
More informationChapter 7 Information System Security and Control
Chapter 7 Information System Security and Control Essay Questions: 1. Hackers and their companion viruses are an increasing problem, especially on the Internet. What can a digital company do to protect
More informationFIPS 140-2 Non- Proprietary Security Policy. McAfee SIEM Cryptographic Module, Version 1.0
FIPS 40-2 Non- Proprietary Security Policy McAfee SIEM Cryptographic Module, Version.0 Document Version.4 December 2, 203 Document Version.4 McAfee Page of 6 Prepared For: Prepared By: McAfee, Inc. 282
More informationFIPS 140-2 Security Policy LogRhythm 6.0.4 or 6.3.4 Windows System Monitor Agent
FIPS 140-2 Security Policy LogRhythm 6.0.4 or 6.3.4 Windows System Monitor Agent LogRhythm, Inc. 4780 Pearl East Circle Boulder, CO 80301 May 1, 2015 Document Version 2.0 Module Versions 6.0.4 or 6.3.4
More informationCut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN
Cut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN By Paul Stevens, Advantech Network security has become a concern not only for large businesses,
More informationSecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the
More informationMAXIMUM DATA SECURITY with ideals TM Virtual Data Room
MAXIMUM DATA SECURITY with ideals TM Virtual Data Room WWW.IDEALSCORP.COM ISO 27001 Certified Account Settings and Controls Administrators control users settings and can easily configure privileges for
More informationUsing BroadSAFE TM Technology 07/18/05
Using BroadSAFE TM Technology 07/18/05 Layers of a Security System Security System Data Encryption Key Negotiation Authentication Identity Root Key Once root is compromised, all subsequent layers of security
More informationEnhancing Organizational Security Through the Use of Virtual Smart Cards
Enhancing Organizational Security Through the Use of Virtual Smart Cards Today s organizations, both large and small, are faced with the challenging task of securing a seemingly borderless domain of company
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationLAB FORWARD. WITH PROService RMS TECHNOLOGY, ARCHITECTURE AND SECURITY INFORMATION FOR IT PROFESSIONALS
LAB FORWARD WITH PROService RMS TECHNOLOGY, ARCHITECTURE AND SECURITY INFORMATION FOR IT PROFESSIONALS Medical diagnostics are a vital part of the modern healthcare system, and instrument uptime is critical
More informationOMAP3430 multimedia applications processor
Technology for Innovators TM OMAP3430 multimedia applications processor Revolutionizing entertainment and productivity in wireless handheld communications Key features New OMAP 3 architecture combines
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationDRAFT Standard Statement Encryption
DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held
More informationMXMedia CipherStream. Preliminary Assessment. Copyright 2012 Farncombe 1.0. Author: T +44 1256 844161 F +44 1256 844162 www.farncombe.
MXMedia CipherStream Preliminary Assessment 1.0 Author: T +44 1256 844161 F +44 1256 844162 www.farncombe.com Copyright 2012 Farncombe Belvedere Basing View Basingstoke RG21 4HG This document and the information
More informationKeyStone Architecture Security Accelerator (SA) User Guide
KeyStone Architecture Security Accelerator (SA) User Guide Literature Number: SPRUGY6B January 2013 Release History www.ti.com Release Date Description/Comments SPRUGY6B January 2013 Added addition engine
More informationSmart Nest Thermostat A Smart Spy in Your Home
Smart Nest Thermostat A Smart Spy in Your Home Grant Hernandez, Orlando Arias, Daniel Buentello, and Yier Jin Security in Silicon Laboratory, University of Central Florida Outline IoT Era: Security and
More informationSecurity Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More informationUNCLASSIFIED Version 1.0 May 2012
Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice
More informationThat Point of Sale is a PoS
SESSION ID: HTA-W02 That Point of Sale is a PoS Charles Henderson Vice President Managed Security Testing Trustwave @angus_tx David Byrne Senior Security Associate Bishop Fox Agenda POS Architecture Breach
More informationCiphire Mail. Abstract
Ciphire Mail Technical Introduction Abstract Ciphire Mail is cryptographic software providing email encryption and digital signatures. The Ciphire Mail client resides on the user's computer between the
More informationSkyRecon Cryptographic Module (SCM)
SkyRecon Cryptographic Module (SCM) FIPS 140-2 Documentation: Security Policy Abstract This document specifies the security policy for the SkyRecon Cryptographic Module (SCM) as described in FIPS PUB 140-2.
More informationDIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES
DIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES Saiprasad Dhumal * Prof. K.K. Joshi Prof Sowmiya Raksha VJTI, Mumbai. VJTI, Mumbai VJTI, Mumbai. Abstract piracy of digital content is a one of the
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationSTM32 F-2 series High-performance Cortex-M3 MCUs
STM32 F-2 series High-performance Cortex-M3 MCUs STMicroelectronics 32-bit microcontrollers, 120 MHz/150 DMIPS with ART Accelerator TM and advanced peripherals www.st.com/mcu STM32 F-2 series The STM32
More informationTI Linux and Open Source Initiative Backgrounder
TI Linux and Open Source Initiative Backgrounder Texas Instruments Incorporated (TI) has supported the use of embedded real-time operating systems in digital signal processing (DSP) for many years with
More informationAssessing the Security of Hardware-Based vs. Software-Based Encryption on USB Flash Drives
Assessing the Security of Hardware-Based vs. Software-Based Encryption on USB Flash Drives Main Line / Date / Etc. June May 2008 2nd Line 80-11-01583 xx-xx-xxxx Revision 1.0 Tagline Here Table of Contents
More informationRELEASE NOTES. Table of Contents. Scope of the Document. [Latest Official] ADYTON Release 2.12.9 - corrections. ADYTON Release 2.12.
Table of Contents Scope of the Document... 1 [Latest Official] ADYTON Release 2.12.9... 1 ADYTON Release 2.12.4... 1 ADYTON Release 2.9.3... 3 ADYTON Release 2.7.7... 3 ADYTON Release 2.6.2... 4 ADYTON
More informationSecurity Policy for FIPS 140 2 Validation
BitLocker Windows OS Loader Security Policy for FIPS 140 2 Validation BitLocker Windows OS Loader (winload) in Microsoft Windows 8.1 Enterprise Windows Server 2012 R2 Windows Storage Server 2012 R2 Surface
More informationSamsung Mobile Security
Samsung Mobile Security offering enhanced core capabilities for enterprise mobility Samsung Enterprise Mobility Enterprise-ready Mobility management for your business Samsung Mobile Security offers enterprise
More informationComprehensive Security for Internet-of-Things Devices With ARM TrustZone
Comprehensive Security for Internet-of-Things Devices With ARM TrustZone Howard Williams mentor.com/embedded Internet-of-Things Trends The world is more connected IoT devices are smarter and more complex
More informationSync Security and Privacy Brief
Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical
More informationSECURITY IN THE INTERNET OF THINGS
The Intelligence in the Internet of Things SECURITY IN THE INTERNET OF THINGS Lessons from the Past for the Connected Future By AJ Shipley, Senior Director, Security Solutions, Wind River INNOVATORS START
More informationSMPTE Standards Transition Issues for NIST/FIPS Requirements v1.1
SMPTE Standards Transition Issues for NIST/FIPS Requirements v1.1 Contents 2010.8.23 DRM inside, Taehyun Kim ETRI, Kisoon Yoon 1 Introduction NIST (National Institute of Standards and Technology) published
More informationManaged Portable Security Devices
Managed Portable Security Devices www.mxisecurity.com MXI Security leads the way in providing superior managed portable security solutions designed to meet the highest security and privacy standards of
More informationDesignWare IP for IoT SoC Designs
DesignWare IP for IoT SoC Designs The Internet of Things (IoT) is connecting billions of intelligent things at our fingertips. The ability to sense countless amounts of information that communicates to
More informationApplication Note. Atmel CryptoAuthentication Product Uses. Atmel ATSHA204. Abstract. Overview
Application Note Atmel CryptoAuthentication Product Uses Atmel Abstract Companies are continuously searching for ways to protect property using various security implementations; however, the cost of security
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More information