Device Management und Sicherheit

Transcrição

Android Security
Device Management and Security
by
Stephan Linzner & Benjamin Reimold
Freitag, 4. Februar 2011
Introducing
Stephan Linzner
Benjamin Reimold
• Consultant, Software Engineer
• Mobile Developer
• Founder of Stuttgart GTUG
Contact:
(DH Stuttgart)
• Mobile Developer
• Member of Stuttgart GTUG
Contact:
@onlythoughtwork
XING, Facebook
[email protected]
Introduction
• Bachelor-Thesis 2011
Attack Vectors
Security Model
@elektrojunge
XING
[email protected]
Best Practices
3rd Party Solutions
Conclusion
Agenda
•Once upon a time...
•Attack vectors
•Security model
•Best practices
•3rd party solutions
•…and they lived happily ever after – a conclusion.
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
BACKGROUND INFORMATION
consumerized IT
•Inversion of technology adaption
•Usage of private mobile devices to access corporate
infrastructure
•Consumer market devices used as business devices
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Once upon a time…
•Until 2007
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Once upon a time…
•Until 2007
•Blackberry OS, Windows Mobile OS & Symbian OS
•In 2007
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Once upon a time…
•Until 2007
•In 2007
•iPhone
•Today
•Various mobile platforms for businesses
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Once upon a time…
•Until 2007
•In 2007
•iPhone
•Today
•Various mobile platforms for businesses
•Future!?
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Once upon a time…
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Why android matters
•300,000 activated devices per day (Google 12/2010)
•Strong growth in the last year and still growing
• Likely one of the future dominant mobile platforms
(Gartner, Nielsen, Comscore)
•Lots of different devices with different form factors and
in different price segments (smartphones, tablets,
ruggedized devices)
•Open source (Apache 2.0) & free
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Usage scenarios
•Mobile interface to enterprise communication backends
•PIM (Lotus Notes, MS Outlook)
•CRM (Salesforce, Google Apps)
•VPN
•Remote desktop on mobile devices (Parallels mobile
for iPhone/Android)
•Custom B2B solutions
•Sales force applications
•Mobile assistance systems
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
ATTACK VECTORS
General threats
•Private/Corperate data stored on the device
•Log Files stored on the device
•Continuous data collection (ie. geolocation tracking)
•Synchronization
•Contacts
•Calendar
•Data theft
•3rd party Code
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Attack vectors
•Technical vectors
•„Standard“ malicious software (viruses, trojans)
•Unpatched mobile browsers
•Usage of open wi-fi
•Rooting the device (jailbreak)
•Bluetooth, radio vulnerabilities
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Attack vectors
•Social vectors
•Loosing the device
•Apps (access to corporate/private data,
location)
•„(Your) kids!“
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Attack vectors
•Android specific vectors
•Log-cat output
•Attack on application messaging framework
•Sniffing, Fuzzing, Exploiting of
•Intents, Content providers
•Steal certificate and roll out malicious
„update“ (in theory)
•NDK code can bypass Android security
model!?
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
ANDROID‘S SECURITY CONCEPT
Coarse-grained security model
•Process isolation enforced by underlying linux kernel •UID
•Group ID
•Sandboxing
•Ressources can only be accessed by the owner
application
•Each application running in it‘s own VM
•Explicitly sharing of resources to relax strict process
boundaries
•(Broadcast-) Intents, Services, Content Providers, AIDL
interfaces to exchange data
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Fine-grained security model
•Permissions
•"A permission is a mechanism that enforces restrictions
on the specific operations that a particular process can
perform"
•End-user model
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
System permissions
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Declaring permissions
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Enforce permissions
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Enforce permissions
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Enforce permissions
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Criticism of the security model
•Sandboxing & permissions are nice, but
•Permissions not granular enough
•No permission transparency
•Partial permissions not possible
•Granted permissions can‘t be changed (unless
re-installation of the app)
•No approval process in android market
•Possibility to install apps without android market
•App certification
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
S
E
C
I
T
C
A
R
P
T
S
E
B
Managing android phones with Google Apps
•Restrict synchronization (with Google account)
•Password policies (strength, length, require password)
•Automatically lock the device
•Number of invalid passwords allowed before wipe
•Perform remote wipe
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Microsoft Exchange?
•Very basic
•Full support with BES
•All (Windows Mobile) or fewer than iOS
(Windows Phone 7)
•Fewer than iOS
•14 policies
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
The device management API
•Introduced with Android 2.2 (Froyo)
•Enforce password policies
•quality (alphabetic, numeric, alpha-numeric)
•length
•reset passwort
•maximum failed passwords until wipe
•Lock screen (maximum time to lock device)
•Lock screen password
•Wipe phone
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
New policies in Android 3.0 (Honeycomb)
•New policies
DeviceAdminInfo.USES_ENCRYPTED_STORAGE
DeviceAdminInfo.USES_POLICY_FORCE_LOCK
DeviceAdminInfo.USES_POLICY_SETS_GLOBAL_PROXY
•Encrypted storage system
getStorageEncryptionStatus()
setStorageEncryption(ComponentName admin,
boolean encrypt)
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
New policies in Android 3.0 (Honeycomb)
•Proxy support
setGlobalProxy(ComponentName admin, Proxy
proxySpec, List<String> exclusionList)
•Immediately lock
lockNow()
•The password policies were also beefed up, e.g.
setPasswordExpirationTimeout()
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Techniques
•Use a custom ROM
•Use alternative browsers from other vendors (Opera,
Firefox, Dolphin) as standard browser will be patched
with OS updates only
•Store your data in the cloud with HTTPS
•Prevent all logging output
•Educate your employees!
•Define policies for usage (application/permission
whitelist agreements, usage agreements)
•Don‘t allow installation from unknown sources (nonandroid market sources)
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Use encryption
•No encrypted preferences by default
•No encrypted application data on SD card
•Encrypt ALL Data
•Databases
•Preferences
•SD card
•Obfuscate
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
3rd party solutions
•Companies start to provide security solutions
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
…and they lived happily ever after - a conclusion.
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
…and they lived happily ever after - a conclusion.
•Android will be one of the major mobile platforms in the future
•"Don´t take kindness for weakness"- Android‘s openness might
be its biggest drawback but as well as its biggest strength
•Custom builds are very powerful, you can tailor the platform to
your very own business needs
•Android already has security features but they do not come out
of the box, you have to use them in your implementation!
•Android 3.0 (Honeycomb) is a big improvement
•Administration and policy management has to be improved
•Google Apps and 3rd party products to secure the devices are
already available
Introduction
Attack Vectors
Security Model
Best Practices
3rd Party Solutions
Conclusion
Q&A
?
?
Introduction
?
? ?
Any Questions?
?
Attack Vectors
?
?
Security Model
Solutions
?
Best Practices
?
?
Other Solutions
?
?
Conclusion
THX!

Device Management und Sicherheit

Transcrição

Documentos relacionados

From Irrational Numbers to Perfect Matchings

Machine Reading

Given the current growth of mobile devices and new concepts of

Review of Interpretation of Multi-Messenger Data

GRMN 202 Intermediate German II

program

1 STATE OF NEW JERSEY COUNTY OF BERGEN BOROUGH OF

System Solution

Palringo android symbol