Kerberos + Android. A Tale of Opportunity. Slide 1 / 39. Copyright 2012 yassl



Similar documents
Exchange ActiveSync (EAS)

Hadoop Elephant in Active Directory Forest. Marek Gawiński, Arkadiusz Osiński Allegro Group

BogDan Vatra and Andy Gryc. Qt on Android: Is it right for you?

Kerberos on z/os. Active Directory On Windows Server William Mosley z/os NAS Development. December Interaction with.

MOBILE SMARTPHONES AS SECURE SIGNATURE-CREATION DEVICES

B&SC Office 365

Guide to SASL, GSSAPI & Kerberos v.6.0

Kerberos and Active Directory symmetric cryptography in practice COSC412

Administering Jive Mobile Apps

The following process allows you to configure exacqvision permissions and privileges for accounts that exist on an Active Directory server:

Theorie Practical part Outlook. Kerberos. Secure and efficient authentication and key distribution. Johannes Lötzsch and Meike Zehlike

Lecture 3 Mobile App Development (Android, ios, BlackBerry, Windows Mobile) <lecturer, date>

Mobile App Infrastructure for Cross-Platform Deployment (N11-38)

APPLE & ANDROID. User Guide BNC ONLINE BANKING

CSC E Mail. Mobile Device Configuration Settings and Setup Instructions

Mobile Solutions in ArcGIS. Justin Fan

Configuring an Client to Connect to CASS Mail Servers

Writing standalone Qt & Python applications for Android

SmartWatch Eco/Eco Compact

Building native mobile apps for Digital Factory

Establishing two-factor authentication with Cyberoam UTM appliances and HOTPin authentication server from Celestix Networks

Connecting Web and Kerberos Single Sign On

Establishing two-factor authentication with Barracuda NG Firewall and HOTPin authentication server from Celestix Networks

Building Mobile Applications Creating ios applications with jquery Mobile, PhoneGap, and Drupal 7

Practical Essbase Web Services

PRIVACY AWARE ACCESS CONTROL FOR CLOUD-BASED DATA PLATFORMS

IBM Endpoint Manager for Mobile Devices

Follow these steps to setup your Exchange ActiveSync account to your ios device:

RHEL Clients to AD Integrating RHEL clients to Active Directory

Guidelines to setup mobile devices to a UOITnet account Google Apps for Education. Information Technology Services

Two-Factor Authentication (2FA) Registration Instructions Symantec VIP Access

Study of SAP ERP Connection System Driven in Smartphone

SSSD and OpenSSH Integration

IIT MOBILEPRINT. Mobileprint Workflow

This is our best... YOUR best... Online Banking yet!

Enter Here -> Directory Submitter Software For One > Visit Here <

Google Apps for Education at UTK

Smart and Innovative Web Solutions. Just One Click Away

Commack UFSD Remote Access for Microsoft Windows Vista, 7 and 8 Apple Macs, ipads, iphones And Android devices

Single sign-on websites with Apache httpd: Integrating with Active Directory for authentication and authorization

Dasharatham Bitla (Dash)

Centrify Server Suite For MapR 4.1 Hadoop With Multiple Clusters in Active Directory

Mobile development with Apache OFBiz. Ean Schuessler, Brainfood

Kerberos and Windows SSO Guide Jahia EE v6.1

BlackBerry Enterprise Service 10 version 10.2 preinstallation and preupgrade checklist

GUI/Custom GUI, SIP Stack, Telephony, DB, Sockets, Bluetooth, QT.

Getting Started with VMware Horizon View (Remote Desktop Access)

Charles Firth Managing Macs in a Windows World

DiskBoss. File & Disk Manager. Version 2.0. Dec Flexense Ltd. info@flexense.com. File Integrity Monitor

AllJoyn Android Environment Setup Guide

KonyOne Server Prerequisites _ MS SQL Server

Using OpenSSH in a Single Sign-On Corporate Environment with z/os, Windows and Linux

The Decaffeinated Robot

How to access UCSD Restricted Library Journals off campus, including from Rady Children's hospital.

A Beginners Guide To Responsive, Mobile & Native Websites 2013 Enhance.ie.All Rights Reserved.

Connections Mobile 4.0 Update Open Mic October 23, 2012

How To Use The Gss-Api And Sspi For A Security Reason On A Microsoft Microsoft Server (Or A Microsplatte)

Configure SLC to Smartphone/ Tablet

Rockets Smartphone Configuration. Spring 2012 Edition

Mobile Device Support Model

A "Day in the Life" Exceptional Work Experience Joe Baxter IBM Collaboration Solutions. Twitter: joebaxter

Booth Gmail Configuration

Native mobile apps: The wrong choice for business?

Mobile Security. Policies, Standards, Frameworks, Guidelines

Microsoft Outlook Phone Set Up

Evaluating Cross-Platform Development Approaches (WORA Tools ) for Mobile Applications

Q. I use a MAC How do I change my password so I can send and receive my ?

Mobile Application Development

Setting Up groov Mobile Apps. Introduction. Setting Up groov Mobile Apps. Using the ios Mobile App

Symantec Mobile Management Suite

Configuring Single Sign-on for SAP HANA

Title: Appium Automation for Mac OS X. Created By: Prithivirajan M. Abstract. Introduction

Mobile Device Access Simple Application Guide

SeeTec ExpansionPackage

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Establishing two-factor authentication with Check Point and HOTPin authentication server from Celestix Networks

Testing Mobile Application using Device Cloud

Athena Mobile Device Management from Symantec

UNIVERSITY - APPLE MACINTOSH

Using Agile to Develop Mobile Apps

Novell Filr. Mobile Client

Statement of Direction

Spring Security 3. rpafktl Pen source. intruders with this easy to follow practical guide. Secure your web applications against malicious

Integrating Mac OS X 10.6 with Active Directory. 1 April 2010

Tablets in Data Acquisition

Mobile applications security Android OS (case study) Maciej Olewiński. Cryptographic Seminar r.

Setting up Single Sign-On (SSO) with SAP HANA and SAP BusinessObjects XI 4.0

Challenges in Android Application Development: A Case Study

Lee Barnes, CTO Utopia Solutions. Utopia Solutions

You will need your District Google Mail username (e.g. and password to complete the activation process.

Transcription:

Kerberos + Android A Tale of Opportunity Slide 1 / 39

Platform Decisions The Statistics Slide 2 / 39

Why Go Mobile? 80% of the world's population now has a mobile phone. ( 5 Billion Phones ) Slide 3 / 39

Why Go Mobile? 21.6% Of those 80%, 1.08 Billion are smartphones. Slide 4 / 39

Why Go Mobile? In the US: 60% 40% the ratio is even higher, with smartphones making up 40% of all mobile phones. Slide 5 / 39

OK, well why Android? Slide 6 / 39

Android? Reason 1: US Market Dominance iphone 28% U.S. Smartphones (40%) == Android 40% Blackberry 19% Windows Mobile, 7% Windows Phone 7, 1% Other, 5% Slide 7 / 39

Android? Reason 2: Consumer Popularity 100 million activated Android devices (now 400,000 / day) 200,000 apps in Android Market (4.5 billion activations to date) 310 devices available to consumers (112 countries) Slide 8 / 39

Android? Reason 3: Developer Popularity 450,000 developers building for the platform! Slide 9 / 39

Android. Meaning? Opportunity for increased Kerberos visibility Useful for Android and Kerberos developers Fun to see where the community takes it Slide 10 / 39

Our Plan What we wanted to do. Slide 11 / 39

Goals We wanted to fill a missing gap. 1. Port Kerberos libraries to Android 2. Port some C-based Kerberos client apps to Android kinit klist kvno kdestroy Slide 12 / 39

Goals We wanted to spark community involvement. 3. Build a sample Android NDK App (with a simple GUI) 4. Give changes back to community Slide 13 / 39

Action! What we did. Slide 14 / 39

1. Crypto Implementation Slide 15 / 39

Crypto Added new CyaSSL crypto implementation Kerberos crypto options: CyaSSL, OpenSSL, NSS, built-in Slide 16 / 39

Crypto Added new CyaSSL crypto implementation CyaSSL is very portable Slide 17 / 39

2. Porting Slide 18 / 39

Android Port Kerberos Libraries + CyaSSL Android. Cross-compiled libraries for Android Created shell script for easy reproduction by developers Slide 19 / 39

3. Android Application Slide 20 / 39

Android App Simple sample NDK project Home Screen Single screen Uses JNI Wrapper around native client apps Slide 21 / 39

Android App Simple sample NDK project kinit Gets a ticket using specified principal Slide 22 / 39

Android App Simple sample NDK project klist Lists our tickets Slide 23 / 39

Android App Simple sample NDK project kvno Gets a service ticket for the entered principal Slide 24 / 39

Android App Simple sample NDK project klist after kvno Verify that we got a ticket Slide 25 / 39

Android App Simple sample NDK project kdestroy Clear our ticket cache Slide 26 / 39

Android App Notes Uses a keytab instead of passwords Storage locations have been chosen for convenience Can be easily modified to what the developer needs Currently at /data/local/kerberos Slide 27 / 39

Android App License Type Application code will remain under the MIT license Slide 28 / 39

4. GSS-API Wrapper Slide 29 / 39

GSS-API Java Wrapper Provide Java bindings for developers to use Uses framework Wrapper around native Kerberos GSS-API library (Contains functionality found in gssapi.h) Slide 30 / 39

GSS-API Java Wrapper 2 example clients: Android client functionality Stand-alone Java app for desktop use Slide 31 / 39

GSS-API Integrated into sample app. Example Client Est. context with example server Send wrapped message, verify returned sig. block (gss_wrap, gss_verify_mic) Repeat #2, but with gss_seal, gss_verify Misc. API tests and exit. Slide 32 / 39

GSS-API Integrated into sample app. Example Server Est. context with client Receive and unwrap a message from the client Generate & send signature block for received message Slide 33 / 39

The Future What's happening next? Slide 34 / 39

The Future Look to the Community. Availability Code will be linked from both MIT and yassl websites Slide 35 / 39

The Future Look to the Community. PR Activity / Visibility Blog posts Forum posts Press releases GitHub Mailing lists etc... Slide 36 / 39

The Future Other ideas or thoughts? Slide 37 / 39

References Statistics http://ansonalex.com/infographics/smartphone-usage-statistics-2012-infographic/ http://www.go-gulf.com/blog/smartphone http://blog.nielsen.com/nielsenwire/online_mobile/40-percent-of-u-s-mobile-users-own-smartphones-40- percent-are-android/ Google I/O 2011: http://www.google.com/events/io/2011 Project Locations Kerberos: http://web.mit.edu/kerberos/ CyaSSL: http://www.yassl.com/ Android NDK App: https://github.com/cconlon/kerberos-android-ndk GSS-API Java Wrapper: https://github.com/cconlon/kerberos-java-gssapi Slide 38 / 39

Thanks! www.yassl.com Slide 39 / 39

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information