1 / 7

Security issues for mobile devices

Security issues for mobile devices. Cvetko Andreeski. Content. Facts about mobile devices and traffic Mobile networks and communication Mobile platforms security Mobile application security Steps to increase security of mobile devices. Facts about mobile devices and traffic.

joylyn
Download Presentation

Security issues for mobile devices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security issues for mobile devices CvetkoAndreeski

  2. Content • Facts about mobile devices and traffic • Mobile networks and communication • Mobile platforms security • Mobile application security • Steps to increase security of mobile devices

  3. Facts about mobile devices and traffic • Increasing number of mobile devices for individual and professional work • Broadband mobile networks 2G, 3G, 4G (max speed 1Gb/s) • Portability and adaptability • Duration of unplugged work • In 2012, the number of mobile-connected tablets increased to 36 million • There were 161 million laptops on the mobile network in 2012 • In 2016 we should expect purchase of 283 million tablet computers which should be more than purchased laptop computers in that year Source: Cisco VNI Mobile Forecast 2013

  4. Mobile communication • Most of the mobile devices use 3G standard for communication • Only 0.9% of connections are 4G in 2012, but they make 14% of the traffic • Even the 3G standard implements KASUMI cipher there were several possibilities to corrupt the communication • The latest example is the so called related key attack. By this attack, one can recover the full A5/3 key • Basics of communication through 4G architecture is the Y-comm framework. This framework implements security in the architecture from the initial stages of the design process. • This architecture should deliver dedicated bandwidth for the users, by switching between the networks of different providers, known as vertical handover

  5. Mobile platforms security Comparison of security features on different mobile platforms Third party applications can fill the gap of some security features. Source: Ernst & Young, January 2012 Source: comScore, May 2013

  6. Mobile application security • Web based application • Android – Java, Android SDK, many reversing tools for Android applications, • Android applications are not reviewed before they are send for downloading • Android – certification and keys can be taken from one location /etc/security/cacerts.bks • Android – available tools for data decryption • IOS – every application is reviewed before it is presented on Apple store • IOS – enforces application sendboxing • IOS – jailbraking • IOS – possibility for reversing applications, tools for setting the hook • IOS – lot of resources (raw data from database) in cache files

  7. Steps to increase security of mobile devices • Know the risks and assets on mobile devices and communication • Follow the policy for security of mobile devices • Test the platform and applications • Avoid or limit the transfer of sensitive data over the network • Use of secure protocols for logging and sending sensitive data • Sandboxing for untrusted (or all) applications • Test the end to end communication and services

More Related