SECURITY CHALLENGES FOR INTERNET TECHNOLOGIES ON MOBILE DEVICES Key - PowerPoint PPT Presentation

Feb 20, 2023 •373 likes •454 views

Anil Dhawan, Program Manager Rich Internet Applications Windows Mobile [anild@microsoft.com] Geir Olsen, Program Manager Security for Windows Mobile [geiro@microsoft.com] Microsoft Corp SECURITY CHALLENGES FOR INTERNET TECHNOLOGIES ON

Anil Dhawan, Program Manager Rich Internet Applications – Windows Mobile [anild@microsoft.com] Geir Olsen, Program Manager – Security for Windows Mobile [geiro@microsoft.com] Microsoft Corp SECURITY CHALLENGES FOR INTERNET TECHNOLOGIES ON MOBILE DEVICES
Key Questions 1. How are Web page scripts and Widgets different from “native” applications ? – Deployment model – Programming model – Security model
Key Questions 2. What are the criteria for assessing trust?
Key Questions 3. What are the key elements of risk management and mitigation? 4. How should code identity be securely issued, managed and verified? 5. How should intent of code be disclosed and discovered? – Declarative vs. run-time models
Key Questions 6. What does it mean to act on intent, reputation and reliability information? – Prompt based models – Least privilege environments 7. How should device capabilities be defined and discovered? – Verifiable Disclosure
Opportunities for Standards 1. Code Identity 2. Declarative Self-Disclosure of Security Capability Needs 3. Disclosure and Discovery of device capabilities 4. Risk assessment criteria 5. Risk level definitions and symbols 6. Risk Mitigation Approaches & Quality Standards

Download Presentation

Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Mobile Technologies context and task challenges input technologies challenges in interaction

Mobile Technologies context and task challenges input technologies challenges in interaction design output technologies 1 LMU Mnchen Medieninformatik Andreas Butz ! Mensch-Maschine-Interaktion II WS2013/14

1.04k views • 58 slides

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017 Dan S. Wallach , Rice University tl;dr The computers inside the computer Every chip has one or more CPUs inside; they have exploitable bugs

1.23k views • 87 slides

Motivation Big and growing mobile Internet 2 7 B mobile phone users (cf 850 MM PCs) 2.7 B

Private Queries in Location Based Services New technologies can pinpoint your location at any time and place. They promise safety and convenience but i f d i b threaten privacy and security IEEE Spectrum, July 2003 Motivation

1.02k views • 24 slides

Importance of Open Discussion on Adversarial Analyses for Mobile Security Technologies --- A

ITU-T Workshop on Security, Seoul Importance of Open Discussion on Adversarial Analyses for Mobile Security Technologies --- A Case Study for User Identification --- 14 May 2002 Tsutomu Matsumoto Graduate School of Environment and Information

619 views • 33 slides

Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS

Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 18 Page 1 CS 236 Online Outline Routing security DNS security Lecture 18 Page 2

556 views • 31 slides

Seminar: Innovative Internet Technologies and Mobile Communications (IITM) Topic Presentation

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Seminar: Innovative Internet Technologies and Mobile Communications (IITM) Topic Presentation Prof. Dr.-Ing. Georg Carle, Dr.-Ing. Stephan

595 views • 34 slides

Internet of Things Security A Survey by Avi Webberman Outline What is the Internet of Things

Internet of Things Security A Survey by Avi Webberman Outline What is the Internet of Things (IoT)? Why is IoT Security so Important? Dyn DDOS Attack What are the security challenges of an IoT network? A Proposed Taxonomy

176 views • 14 slides

IOT SECURITY ONGOING CHALLENGES Selvana Naiken Gopalla Information Security Consultant

IOT SECURITY ONGOING CHALLENGES Selvana Naiken Gopalla Information Security Consultant CERT-MU | National Computer Board OUTLINE The Internet of Insecure Things New Devices, New Security Challenges IOT Specific Security Issues

301 views • 27 slides

INTERNET FOR A MOBILE INTERNET FOR A MOBILE GENERATION GENERATION www.itu.int/mobileinternet

ITU Internet Report 2002 INTERNET FOR A MOBILE INTERNET FOR A MOBILE GENERATION GENERATION www.itu.int/mobileinternet ITU Internet Report 2002: Internet for a Mobile Generation Mobile and Internet: Identical twins born two years apart?

442 views • 17 slides

Mobile Apps Often Need to Talk to a Remote server Internet Internet Saving resources (e.g.,

Introduction Overview Detailed Design Evaluation Discussion Related Work Summary References Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services Chaoshun Zuo , Wubing Wang

347 views • 34 slides

Swiss cheese security or the real challenges faced by internet facing companies About me

Swiss cheese security or the real challenges faced by internet facing companies About me Almost 20 years in information security / hacking OWASP Project leader Latest research interests: Large scale RSA crypto survey

691 views • 49 slides

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Mobile Security Issues Introduction So many cool mobile apps Access to web, personal information, social media, etc

1.05k views • 55 slides

Using Cloud Native Technologies to Solve Complex Application Security Challenges in Kubernetes

Using Cloud Native Technologies to Solve Complex Application Security Challenges in Kubernetes Deployments Cequence Security: A Cloud Native Approach to Application Security Venture-backed start-up bringing much-needed innovation to

304 views • 17 slides

Your Thing is pwnd Security Challenges for the Internet of Things Paul Fremantle @pzfreo PhD

Your Thing is pwnd Security Challenges for the Internet of Things Paul Fremantle @pzfreo PhD researcher Portsmouth University (paul.fremantle@port.ac.uk) Co-Founder, WSO2 Firstly, does it even matter? My three rules for IoT security 1.

1.01k views • 57 slides

technologies, applications, perspectives Stefano Chessa Few elements, many apps Mobile

Internet of Things technologies, applications, perspectives Stefano Chessa Few elements, many apps Mobile crowdsensing & human sociality Mobile edge computing supporting crowdsensing applications Opportunistic communications

701 views • 7 slides

The Internet Security Alliance The Internet Security Alliance is a collaborative effort with

The Internet Security Alliance The Internet Security Alliance is a collaborative effort with Carnegie Mellon University. It is a cross-sector, internationally- based trade association devoted to cyber security. ISA has individual corporate

349 views • 30 slides

Application access to directories opening Pandoras box Victoriano Giralt Central Computing

The problem The cure The solution Application access to directories opening Pandoras box Victoriano Giralt Central Computing Facility University of Mlaga A November 5th, 2008 Victoriano Giralt Application access to

1.11k views • 78 slides

Design and Architectural Principles Internet Security [1] VU Engin Kirda

Design and Architectural Principles Internet Security [1] VU Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at News from the Lab Challenge 4 will be announced today (16:00) after the lecture E-Mail

384 views • 34 slides

Authorization We will use the terms authorization and access control interchangeably

Authorization We will use the terms authorization and access control interchangeably Authorization answers the question who is allowed to do what ? A first step in the development of an access control system is the

651 views • 53 slides

New York Metro Joint Computer Security Conference William Hugh Murray whmurray@sprynet.com 705

New York Metro Joint Computer Security Conference William Hugh Murray whmurray@sprynet.com 705 Weed StreetNew Canaan, CT 06840 1-203-966-4769 1-203-326-1266 Mobile/SMS http://whmurray.blogspot.com/ CVEs Breaches IOCs

204 views • 5 slides

Advanced Security Automation Made Simple Mark Nunnikhoven Vice President, Cloud Research at

Advanced Security Automation Made Simple Mark Nunnikhoven Vice President, Cloud Research at Trend Micro @marknca The goal of cybersecurity Make sure that systems work as intended The goal of cybersecurity Make sure that systems work as

824 views • 45 slides

Landlock LSM: toward unprivileged sandboxing Micka el Sala un ANSSI September 14, 2017 1 /

Landlock LSM: toward unprivileged sandboxing Micka el Sala un ANSSI September 14, 2017 1 / 21 Secure user-space software How to harden an application? secure development follow the least privilege principle compartmentalize

789 views • 61 slides

Risk Management Who I Am B.S. Business Administration MIS Master of Business

Risk Management Who I Am B.S. Business Administration MIS Master of Business Administration (MBA) Information Assurance Consulting SFS Scholar School of Nursing Graduate Assistant Security Development

446 views • 27 slides

Chapter 11 Software Security Secure programs Security implies some degree of trust that the

Chapter 11 Software Security Secure programs Security implies some degree of trust that the program enforces expected C onfidentiality I ntegrity A vailability How can we look at software component and assess its

837 views • 49 slides