Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Your Mobile Device: Emerging Trends

Published bySophia Lynch Modified over 9 years ago

Similar presentations

Presentation on theme: "Securing Your Mobile Device: Emerging Trends"— Presentation transcript:

1 Securing Your Mobile Device: Emerging Trends
4/17/2017 Securing Your Mobile Device: Emerging Trends Rob Coombs - Security Marketing Director

2 Agenda Introduction Four Compartment Security Model
Security Features of Modern Devices & CESG’s 12 Recommendations Emerging Trends Trusted Apps FIDO – Moving beyond passwords Summary

3 About ARM…. The World’s leading processor design company
Software development tools Power Mgmt Bluetooth Cellular Modem WiFi SIM GPS Flash Controller Touchscreen Sensor Hub Camera Apps Processor 50 Billion ARM chips (>10B /year) ~ $1.2B Revenue/year ~3000 Employees >95% Smartphone & Tablet market share Physical IP – Design of the building blocks of the chip Processor and Graphics IP – Design of the brain of the chip So what is it we really do… Well we don’t make the end devices you know and love… <Click> We don’t even make the semiconductor chips that go inside them… We actually design some of the pieces of what goes inside those chips. We provide Intellectual Property in the form of the design of the processor or the graphics that power the chip. We also provide SW tools and support as well as other blocks within the chip. And we don’t just do it for the main applications processor that runs your Android OS or apps, but we have a broad range of processors that can go into all of the other chips that make up your phone or other devices…

4 The Threat Environment
Increasing risks Social engineering – trojans, phishing, APT Malware Physical loss or theft leading to risk to data – calendar, phonebook and Improperly secured devices – no PIN lock User intervention – jail breaking, unlocking Mobile has become the enterprise security boundary Need to design in the right system-wide security (not just more security)

5 PC Era Response to Threats: Pockets Full of Hardware
April 17, 2017 PC Era Response to Threats: Pockets Full of Hardware TLS DNSSEC SSO Call/text back Challenge/response CVC To combat these issues, especially when deploying sensitive services over the internet, the PC security industry has tried its best to add layers of security on top of the operating and applications environment. We have increasing use of trust concentration in technologies like SSO, and also of secure protocols like TLS and DNSSEC. But these only go to the edges of applications., they don’t protect against targeted Trojans, Man-in-the-browser etc. So for real security applications like e-commerce and banking we are forced to add security through the use of extra hardware. We have out-of-band and multi-factor mechanisms like CVCs and phone-backs, we have one-time PIN devices and authorization tokens such as Mchip CAP readers. [Animate] And don’t forget each application or authority needs its own token tied to its own root of trust. This all gets very unwieldy and confusing for the user.

6 Applying Lessons to Modern Mobile Security
Hypervisor (with hardware support) separating large pieces of code Small, certifiable Trusted Execution Environment inside Application processor isolated using ARM TrustZone® technology protecting against software attacks Secure Element for tamper proof security Hypervisor

7 TrustZone Based Trusted Execution Environment
Mobile devices with integrated HW security Hardware root of trust A basis for system integrity Integrity through Trusted Boot Secure peripheral access Screen, keypad , fingerprint sensor etc. Secure application execution Technology called TrustZone® Trust established outwards With normal world apps With internet/cloud apps

8 Castle Analogy Layers of defense Reducing attack surface
User Apps & Malware Layers of defense Reducing attack surface Increasing isolation Principle of least privilege Most precious assets protected by multiple layers of security User Apps OS Hypervisor OS

9 Castle Analogy But… Modern OS/Framework is ~10GB + GBs of Apps
Crown Jewels But… Modern OS/Framework is ~10GB + GBs of Apps So maybe we should think of a walled city & castle Attacks happen Everyone knows what the assets are and which room they are in Where to put high value assets such as keys? Thief entered here & Stole keys! Implementation details matter!

10 Castle Analogy with TrustZone Based TEE
TrustZone based TEE creates a second (much smaller security boundary) castle with only one door, carefully designed entry/exit & APIs Keys only used in Secure World, Protected Crypto, Encrypted storage Secure execution Secure peripherals Offers: Integrity (part of Trusted boot) Confidentiality TrustZone TEE Castle is invisible to normal world 1-2MB 10-20 GB

11 Castle Analogy with TrustZone Based TEE
Secure World Isolated Trusted Apps Trusted OS e.g. Trustonic t-base300 Normal World 1-2MB GlobalPlatform Client API SMC calls at SEL3 e.g. ARM Trusted Firmware 10-20 GB

12 Security Profiles SmartCards / HSMs Cost/Effort To Attack
TrustZone based TEE Invasive HW Attacks Well resourced and funded Unlimited time, money & equipment. Value to attacker Non-invasive HW Attacks Side channels (DEMA, DPA) Physical access to device – JTAG, Bus Probing, IO Pins, etc. Software Attacks Malware & Viruses Social engineering Cost/Effort to Secure

13 4 Compartment Model – Hierarchy of Trust
Secure Domain Tamper Proof, Physically Isolated, EAL Certified SecurCore™ SEE Secure Element Smartcard SIM & TPM Trusted Domain TrustZone® TEE Secure Firmware Device Management Key Management Trusted Applications executing from a Trusted Execution Environment Protected Domain Hypervisor HYP Protected Video Path BYOD System Management Virtual Machines and bus masters isolated by a Hypervisor Rich Domain User Apps Rich OS Android or other OS Privileged Supervisor Mode

14 Use Cases for Hierarchy of Trust Domains
Client Asset Protection Content Protection Mobile Payment Enterprise Government Automotive Server Certification Secure UICC for smartphones Secure Storage (CA) Credit Card Payment Wallet NFC mPOS (TEE + SE) Strong Authentication of user credentials (eID) GlobalPlatform EMVCO Trusted MDM SIM Lock Trusted Storage Trusted Boot Trusted Apps Trusted Storage (Keys) DRM, CA Trusted video playback path Cloud Payment Strong Authentication - Trusted UI Wallet MDM BYOD Trusted UI Integrity Trusted VPN Trusted FOTA MDM Trusted UI Key Store Trusted Services (eTS) Infotainment Integrity Trusted boot Integrity Protected Apps isolation SW DRM Isolation BYOD Dual Persona Isolate Infotainment and CAN VMs KVM, XEN… Rich SW Crypto Web Remote Payment (SSL) SW BYOD SW FOTA FIPS 140.2

15 Web Payment Example: MasterPass

16 BYOD Trusted App Example: Good Technology
Trusted Apps run in a Trusted Execution Environment TrustZone provides isolation from software attack Ecosystem of Trusted App developers creating security-hardened apps and services Good Technology Trusted Apps: Password protection using secure touchscreen Secure storage of crypto key Result: Increased protection for business users Open Apps Good Secure Apps Good Technology Trusted Apps TZ Driver Secure OS Android ARM® Cortex™ Processor

17 Click and View – Downloadable DRM: Trustonic

18 Modern Practice 3 New whitepapers from Apple, Samsung and Microsoft give good insight into modern mobile security practice Recommended reading for CIOs

19 CESG General Security Recommendations
Assured Data at Rest Assured Data in Transit Authentication Secure Boot Platform Integrity Application white listing Malicious Code Detection Security Policy Enforcement External Interface Protection Device Update Policy Event Collection Incident Reponse

20 Encrypted Data at Rest and Data in Transit
Assured Data at Rest: Data at rest should be suitably encrypted Typical ARM SoC has a crypto hardware engine to encrypt/decrypt files Hardware Unique Key available only to Trusted OS, fused into silicon can be used to derive other keys Key material can be kept on Secure World side or encrypted “wrapped” and stored as metadata System Integrity as determined by Trusted Boot can be verified before the data is decrypted Assured Data in Transit: IPSec VPN of “assured foundation grade” & configured appropriately TrustZone based TEE can add strong 2 factor authentication for remote working

21 Authentication and Secure Boot
Authentication : based on User to Device, User to Service, Device to Service are used Trusted peripherals are handled only by the secure world. Protocols such as FIDO will simplify the silo nature of todays authentication market Secure Boot: should not be modifiable by unauthorized entity & attempts should be detected Device boots into Secure World and runs only cryptographically verified boot loaders Device starts Trusted OS before main OS is started Measurements of boot process can be made to test for tampering

22 Platform Integrity & Application White Listing
Platform Integrity: device protects key data despite compromise of an app/component Sand boxing of Apps is routine (Separation of User and Kernel space) Additional containers are placed around enterprise apps (possible use of HYP mode) TEE assumes normal world is compromised Apps within a container can be managed by Enterprise MDM Only signed apps can run

23 Malicious Code Handling & Security Policy Enforcement
Malicious Code Handling: device can detect, isolate and defeat malicious code Run time checking of OS can be done by TrustZone based TEE Hierarchy of Trust limits exposure of assets TrustZone based TEE assumes normal world is compromised Security Policies can be enforced by the enterprise & cannot be overridden by user MDM runs as a privileged trusted app in the TEE and cannot be deleted by user MDM Containers

24 External Interface Protection & Device Update Policy
External Interface Protection: device can constrain ports and services exposed to untrusted networks Inputs can be configured to be trusted or untrusted Device Update Policy: Security updates can be issued by the enterprise & remotely validated Secure World can be updated OTA e.g. management trusted app May build on existing OEM capabilities e.g. configuration management, MDM policy management

25 Event Collection & Incident Response
Event Collection for enterprise analysis: Device reports security events for audit/monitoring purposes Tests and reports can be made from TrustZone based TEE and made available to MDM Incident Response Device Functionality needs to support Enterprise plan of action for a security incident Remote wipe is a good candidate for a Trusted App (typically removing file encryption keys)

26 Agenda Introduction Four Compartment Security Model
Security Features of Modern Devices & CESG’s 12 Recommendations Emerging Trends Trusted Apps FIDO – Moving beyond passwords Summary

27 Trusted App Concept - Trustonic Example
Trusted Apps installed by OEM or OTA (After market provisioning) Access provided on demand as service providers need to use TEE enabled features

28 Connecting Trusted Device Supply with Service Provision

29 Trustonic Expands the Knox Framework

30 FIDO is about simpler and stronger authentication.
People use the same simple passwords (Analysis of 6m accounts showed that 10k common passwords would give access to 98.8% of the accounts) 1k passwords give access to 90% of the accounts see 10k passwords give access to 98.8% see People reuse them In 2007: People had 25 accounts and used 6.5 passwords (see Large Scale Study on Web Password habits) 73% of the users shared their online banking password with at least one non-financial site Websites don’t protect them properly (LivingSocial – 50m, Evernote – 50m, Yahoo! Japan – 22m, Linkedin – 6.5m, Gawker – 1.3m, RockYou – 32m) Adobe breach Target breach Yahoo! Japan – 22m in May 2013 see LivingSocial – 50m in April 2013, see Evernote – 50m in March 2013, see LinkedIn - 6.5M in June 2012, see Over 90% of the 6.5M hashed passwords stolen from LinkedIn were cracked within 6 days:  eHarmony - 1.5M in June 2012, see Gawker - 1.3M in December 2010, see RockYou - 32M in December 2009, see People forget them (More than 43% of users report that online transactions fail “Very Frequently” or “Frequently” due to authentication problems, Ponemon Study), Ever entered a 10 character password on a smartphone (with letters, digits and special characters)? FIDO UAF supports arbitrary user verification methods (modalities). Fast IDentity Online – a new industry alliance formed to develop technical standards that enable Internet Services to use Simpler Stronger Auth solutions (a) Developing unencumbered Specifications that define interoperable mechanisms that supplant reliance on passwords (b) Operating programs to help ensure industry adoption (c) Submitting mature Specifications for formal standardization © 2014 FIDO Alliance

31 FIDO User Experiences PASSWORDLESS EXPERIENCE (UAF standards)
Show a biometric Transaction Detail Done SECOND FACTOR EXPERIENCE (U2F standards) OK, let‘s get into the details of UAF. There are 4 main functions supported by UAF. Login & Password Insert Dongle, Press button Done

32 FIDO Functionality Discovery of authenticators on the client
Registration Authentication Transaction Confirmation OK, let‘s get into the details of UAF. There are 4 main functions supported by UAF.

33 How does FIDO UAF* work? FIDO Authenticators FIDO SERVER
Verification [How does FIDO work?] Map arbitrary User Authentication Methods to a small set of standard cryptographic authentication algorithms, e.g. asymmetric key challenge-response. Note: all user authentication methods rely to some degree on at least one trusted component at the client side. With passwords and OTP the client environment has to make sure passwords/OTPs are not intercepted. PKI solution require a secure smart card. Biometric solutions rely on (at least) a trusted sensor. If a session is to be authenticated, the user agent needs to be trusted as well. In FIDO the mapping of the user authentication method to the standardized cryptographic authentication is done by the “FIDO Authenticator”. *Universal Authentication Framework

34 FIDO - Universal Authentication Framework
User Side Relying Party Web Application Plugin SDK UAF Protocol FIDO Client FIDO UAF Server Authenticator Abstraction Attestation Manager Ideal for TrustZone based TEE Registration, Authentication & Transaction Confirmation Crypto Policy Rules Authenticators Authenticators Authenticators Private Keys Authentication Keys Attestation Key Authentication Keys Attestation Key Public Keys

35 First FIDO Deployment already live…
Customers can use their finger to pay with PayPal from their new Samsung Galaxy S5 because the FIDO Ready™ software on the device securely communicates between the fingerprint sensor on their device and PayPal’s service in the cloud. The only information the device shares with PayPal is a unique cryptographic “public key” that allows PayPal to verify the identity of the customer without having to store any biometric information on PayPal’s servers.

36 Summary Mobile Security is built on hardware root of trust
Requires hardware, software and services to work together Not all security is equal – consider ARM’s Hierarchy of Trust model CESG recommendations and OEM security whitepapers useful for orientation FIDO can help us move beyond passwords

37 References Samsung Knox™ 2.0 Whitepaper iOS Security CESG End User Devices Security Guidance: General Recommendations ARM Security Model

Download ppt "Securing Your Mobile Device: Emerging Trends"

Similar presentations

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.
Security for Mobile Devices

Security for Mobile Devices
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
Not Built On Sand. IT Has Scaled $$$ Technological capabilities: (1971  2013) Clock speed x4700 #transistors x608k Structure size /450 Price: (1980 

Not Built On Sand. IT Has Scaled $$$ Technological capabilities: (1971  2013) Clock speed x4700 #transistors x608k Structure size /450 Price: (1980 
1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)
Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.

Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.
Avaya – Proprietary. Use pursuant to the terms of your signed agreement or Company policy. idEngines® Avaya Identity Engines And Mobile Device Management.

Avaya – Proprietary. Use pursuant to the terms of your signed agreement or Company policy. idEngines® Avaya Identity Engines And Mobile Device Management.
iOS & other Android devices KNOX EMM (Client) Cloud Service Active Directory integration (Optional) Mobile Device & App Management MDM IAM Samsung Device.

iOS & other Android devices KNOX EMM (Client) Cloud Service Active Directory integration (Optional) Mobile Device & App Management MDM IAM Samsung Device.
Sophos Mobile Control. Tablets on the rise 2 Trends 3 75% of 157 polled companies encourage employee owned smart phones and tablets to access corporate.

Sophos Mobile Control. Tablets on the rise 2 Trends 3 75% of 157 polled companies encourage employee owned smart phones and tablets to access corporate.
Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Hardware-Rooted Security in Mobile Devices Andrew Regenscheid Lead, Hardware-Rooted Security Computer Security Division.

Hardware-Rooted Security in Mobile Devices Andrew Regenscheid Lead, Hardware-Rooted Security Computer Security Division.
Dongyan Wang GlobalPlatform Technical Program Manager

Dongyan Wang GlobalPlatform Technical Program Manager
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
Sony White House Anthem Lockheed Aramco Bushehr nuclear reactor NSA Hacked Facebook Hacked Apple,Google,Microsoft,

Sony White House Anthem Lockheed Aramco Bushehr nuclear reactor NSA Hacked Facebook Hacked Apple,Google,Microsoft,
Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.

Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.
Management lifecycle summary Mobile Device Management with Windows Intune or 3 rd Party tools Simplified and flexible device enrollment, using.

Management lifecycle summary Mobile Device Management with Windows Intune or 3 rd Party tools Simplified and flexible device enrollment, using.
Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.

Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.

Similar presentations

Ads by Google