Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.

Slides:



Advertisements
Similar presentations
Mobile Devices in the DoD
Advertisements

Mobile Access: BYOD Trends SCOTT DUMORE - DIRECTOR, TECHNOLOGY, CHANNELS & ALLIANCES AUTONOMY, HP SOFTWARE.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards
Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.
310km Lab4 Presentation. Comparison between mobile OS Palm OS Blackberry Os Windows Mobile Symbian i OS Android.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Mozilla Thunderbird. What is Thunderbird? client client Usenet newsgroup reader Usenet newsgroup reader RSS client RSS client Comparable.
Lab4 Part2 Lau Ting Nga Virginia Tsang Pui Yu Wong Sin Man.
eToken PKI Client Overview
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Business Data Communications, Fourth Edition Chapter 10: Network Security.
Secure Element Access from a Web browser W3C Workshop on Authentication, Hardware Tokens and Beyond 11 September Oberthur Technologies – Identity.
S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.
IOS 8 for MDM/EMM Greg Elliott Shiv Chandra Kumar.
Guide to Operating System Security Chapter 10 Security.
Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Office 365 Message Encryption – Encrypt messages to any SMTP address Personal account statement from a financial institutions Information Rights Management.
Identity and Access IDGo Secure (ISE) for Android Didier Bonnet November 2014.
Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Masud Hasan Secue VS Hushmail Project 2.
UICC UICC is a smart card used in mobile terminals in GSM and UMTS networks It provides the authentication with the networks secure storage crypto algorithms.
Zentrum für sichere Informationstechnologie - Austria Bojan Suzic Open Identity Summit 2013 September 10th, Kloster Banz Secure Hardware-Based Public Cloud.
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
By: Bill Stevenson Jose Plancarte Erik Magsino. Overview Messaging and collaboration server Send and Receive electronic mail and other forms of interactive.
Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards
Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
Module 4 Planning and Deploying Client Access Services in Microsoft® Exchange Server 2010 Presentation: 120 minutes Lab: 90 minutes After completing.
Module 9: Fundamentals of Securing Network Communication.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Module 6: Managing Client Access. Overview Implementing Client Access Servers Implementing Client Access Features Implementing Outlook Web Access Introduction.
Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.
1 Figure 9-6: Security Technology  Clients and Mail Servers (Figure 9-7) Mail server software: Sendmail on UNIX, Microsoft Exchange,
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
09:45-10:30 – Windows Mobile Update 10:30-11:30 – System Center Mobile Device Manager :30-11:45 - Break 11:45-12:30 -Deploying SCMDM and Customer.
Technical Awareness on Analysis of Headers.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Post Office Protocol.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.
Innovation is Our Passion Online Banking Past, Present and Future.
ZIMBRA ROADMAP. Contains proprietary and confidential information owned by Synacor, Inc. © / 2015 Synacor, Inc. Deliver an advanced, feature rich collaboration.
1 1 Social Security Platform James Wu We Simplify Security.
Redmond Protocols Plugfest 2016 Andrew Davidoff Exchange 2016 Protocol Overview Senior Software Engineer.
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
SafeNet MobilePKI for BlackBerry® SSO solution, backed by strong MobilePKI-based security Name, Title.
Mobile Security for QlikView
Mobile Security for QlikView
A Winning Combination !! and Good afternoon…
Security Pretty Good Privacy (PGP)
Gmail Settings
SafeNet MobilePKI for BlackBerry® SSO solution, backed by strong MobilePKI-based security Name, Title.
کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)
Encryption in Office 365 Shobhit Sahay Technical Product Manager
Public Key Infrastructure from the Most Trusted Name in e-Security
Presentation transcript:

Identity and Access IDGo Secure (ISE) for Android Didier Bonnet April 2015

s are a Priority for Enterprises 2 Forrester, December 2011 Mobile Enterprise, December 2014

Main Requirements Addressed 3 BYOD Same mobile device for professional and private usages Mobility Access to s anywhere, anytime Security Mobile devices are more exposed than PCs Standard Compatibility with existing servers and Outlook

Mobile OS Market Share Evolution in Q3 2014Q

Adoption of the OS by the Enterprises Footer, 20xx-xx-xx 5 Mobile Enterprise, December 2014

6 Secure Elements Now and Future MicroSD UICC TEE eSE Badge via contact reader As of today: 10 Million Gemalto smartcard active users 20 Million 3 rd party smartcard active users Next 2 years: Prototypes in progress Badge via NFC Semi- detached credentials Embedded credentials Smart card on a stick Badge via Bluetooth reader Detached credentials In years: Next generation of handsets BYOD/ mobile desktop will increase needs for Secure Elements Secure Element adoption over the time

IDGo 800 Middleware and SDK 7 NFC driver USB OTG (*) driver PKI Crypto Layer API Test tools OTP API 3 rd party client applications Middleware SDK IDPrime Secure Elements TEE (*) PC-SC like API (*) OTG: On-The-Go = USB Master TEE: Trusted Execution Environment BlueTooth driver Other Secure Elements Other APIs

Supported Readers and Tokens on Android 8 USB On-The-Go port (= USB Master ) or BlueTooth USB Female – Micro USB adaptor or cable BHXT and Feitian readers USB tokens & IDBridge K3000 PC-Link readers Micro USB cable

IDGo Secure Native applications: Native clients are not designed with security in mind:  s and attached documents are in clear text  Encrypted or signed s cannot be read  User credentials can be easily discovered IDGo Secure features:  Encryption of s and User credentials  Digital signature  Strong authentication of the user 12

Value Proposition For enterprises and governments who want to secure their s, IDGo Secure is a state-of-the-art application for Android that signs, encrypts and decrypts the professional s based on Extended ActiveSync (EAS) and S/MIME protocols. Thanks to the IDGo 800 middleware, it addresses all the Gemalto hardware Secure Elements and benefits from their unequaled security level. 10 For BYOD environments, IDGo Secure also manages the private s following the standard public POP3, SMTP and IMAP4 protocols.

ISE Security Features S/MIME signature and encryption Encryption algorithms: 3DES, AES256, RSA Signature algorithms: MD5, SHA1, SHA256, SHA512, RSA 11 Gemalto middleware and Secure Elements IDGo 800 for Android and associated readers: USB, NFC, BLE, µSD IDPrime MD,.NET and PIV PKI applets SSL / TLS communication with the server

More Features and Benefits Microsoft Exchange ActiveSync (EAS) protocol Synchronization of Contacts and Calendar Push or periodical synchronization, SSL / TLS communication Compliant with Outlook, Thunderbird and other standard apps S/MIME signature and encryption Crypto algorithms: 3DES, AES256, RSA, MD5, SHA1, SHA256, SHA512 PKI certificates management Local validation with the CA, revocation by CRL Certificates retrieved from validated s, (multi) LDAP and EAS server POP3, IMAP4 and SMTP protocols for BYOD usage Multi accounts, mailboxes and folders, combined mailbox HTML or plain text format, Group and Search s, Remote Wipe, Root detection 12

What is Exchange ActiveSync? EASEAS is a communication protocol that synchronizes s, calendars, contacts and tasks between servers and mobile client applications It also provides some Mobile Device Management (MDM) features and security policy controls It is based on XML and HTTP(S) protocols More details… EAS is licensed by Microsoft is the main provider of EAS compliant servers EAS is supported by Windows Phone, Android, iOS, BB, Gmail, Google Apps, Office 365, Lotus Notes 13

What is S/MIME? Secure / Multipurpose Internet Mail Extensions Standard protocol based on X509 PKI certificates Described by several specifications: RFC 3851, 5751, 5652 Present version is S/MIME v3.2 Insures compatibility between the various applications and servers Main applications Outlook, Mozilla Thunderbird, MacOS Mail, Gmail, OWA Main server: Microsoft Exchange Active Sync (EAS) 14 S/MIME specifies the Digital Signature and encryption / decryption

S/MIME Signature more details more details 15 Note: The signed s can be sent in clear or opaque (base64 encoded) format. Opaque format prevents the risk of wrong signature verification due to some automatic conversion of the text, but requires a S/MIME compliant app.

S/MIME Encryption and Decryption more details more details 16

Basic Operations 17 edition Input mailbox

Wide Settings Capabilities 18

More details on our webpagewebpage 19

Thank you!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.