5/24/10 Confidential Security of Mobile Terminal
-
Upload
dominque23 -
Category
Technology
-
view
266 -
download
2
Transcript of 5/24/10 Confidential Security of Mobile Terminal
![Page 1: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/1.jpg)
23/04/12Confidential
Security of Mobile Terminal & Cell Phone
McAfee Japan Yoshihiro Kato
Cell Phone Environment & Virus in Japan
![Page 2: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/2.jpg)
23/04/12 Page 2
AGENDA
Cell Phone in Japan Now Transition of Internet Population in Japan
Virus Possibility in Cell Phone
Cell Phone Function & Service in Japan Approach to Cell Phone Security
Engineering Issues Required Functions Cell Phone Structure & Service Overview Cell Phone Security in Future
![Page 3: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/3.jpg)
23/04/12 Page 3
Cell Phone in Japan NowCell Phone Subscriptions in
Japan (as of 30/Sep/04)
Total 83,834 (unit: 1,000)
Data Source: Telecommunications Carriers Association (TCA)
WW Cell Phone Shipment FCST (2004)
Total 479,400 (unit: 1,000)
Data Source: Japan Electronics and Information Technology Industries Association (JEITA)
・ Gartner FCST: 620M (Sep.2004)
3G Terminal: 24938
![Page 4: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/4.jpg)
23/04/12 Page 4
通信種別
PDC
cdmaOne
W-CDMA
CDMA2000
Cell Phone in Japan Now
71%
Total Number 83,467,800
(as of 31/Aug/04)19%
3%
7%
Data Source: Telecommunications Carriers Association (TCA)
Categorized by Messaging Method
![Page 5: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/5.jpg)
23/04/12 Page 5
Cell Phone in Japan Now
契約者数
NTTDoCoMo
KDDI
Vodafone
Other
Total 83,467,800
( as of 31/Aug/04 )
19%
4%
22%
56%
Contractors by Carrier
Data Source: Telecommunications Carriers Association (TCA)
![Page 6: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/6.jpg)
23/04/12 Page 6
Transition of Internet Population in Japan
Transition of Internet Access
0
1000
2000
3000
4000
5000
6000
7000
2000 2001 2002 2003
万人
DSL Service
FTTH Service
CATV
Mobile Phone
Dial-UP
Data Source: Telecommunications Carriers Association (TCA)
![Page 7: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/7.jpg)
23/04/12 Page 7
Web Access Service● Using Compact HTML
Mail Service● Mailing inside the carrier (e.g. Sk y mail)● Internet Mail
Contents Service● Various Contents Service: Game, MusicDownload
Communication Service● TV Telephone
Media Access Service● TV, Radio
Transition of Internet Population in Japan
![Page 8: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/8.jpg)
23/04/12 Page 8
Transition of Internet Population in Japan (2)
--- Example: NTTDoCoMo Services ---
Cell Phone as Purse (FeliCa)
Bar-code Reading
● Shopping, Air-ticket, Cinema, Concert
● URL, Telephone No.
![Page 9: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/9.jpg)
23/04/12 Page 9
Approach to Cell Phone Security
February 2001● Start Studying the Possibility based on the Original Idea
Collaborate with Fujitsu BROAD SOLUTION & CONSULTING Inc
● Information Exchange with UK Engineering Team Difference from Smart Phone
April 2001
● Start Approaching to the Carriers
Since May 2001
● Joint Announcement with NTTDoCoMo
October 2003
![Page 10: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/10.jpg)
23/04/12 Page 10
Virus Possibility in Cell Phone
Java Implement
API false movement
Expand App space and Data space
Additional communication device
SPAM mail
● Application Download function
● Memory-stick, miniSD
Other Communication method ● Bluetooth
● Image Data , Sound data
![Page 11: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/11.jpg)
23/04/12 Page 11
Engineering Issues
Operating System
Developing Compact Engine
● Most makers adopts their original OS and they are closed.
● Symbian (NOKIA, MOTOROLA, Sony Ericsson: Europe & North America
Supposing the Functions to ImplementSupposing the Necessary System for Operation
● Linux (NEC …)
![Page 12: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/12.jpg)
23/04/12 Page 12
Other Issues
Cooperation between Cell Phone Maker & Carrier
Secure Engineers● Micro i TRON Engineer
![Page 13: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/13.jpg)
23/04/12 Page 13
Required Functions
Interrupt of All I/O
Renewal Function of Defined Information
On-demand Operation
● Necessity of operation environment at lower layer
![Page 14: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/14.jpg)
23/04/12 Page 14
Cell Phone Structure & Service Overview
Operating System Micro I TRON
Flash ROM
Driver (Sound Flash-Mem)
API Java VM
App
Data Area
App
App
Code Area
Internet
Com
mun
icat
ion
Storage
![Page 15: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/15.jpg)
23/04/12 Page 15
Cell Phone Structure & Service Overview
Inter-net
Unjust Mail,Java etc.
Unjust Access
ASP System
CarrierPhone Network
Data centerData center
McAfee AVERTMcAfee AVERT
DAT
phonephoneMakerMaker CarrierCarrier
Customer D/B
Technical Information
![Page 16: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/16.jpg)
23/04/12 Page 16
Cell Phone Security in Future
Offer Various Services ● Ticket Reservation, GPS
Multi Functional Mobile Terminal (PC?)
Expand to Other Devices such as Automobile
Connect to IP v6 Network
(P2P Data Communication)
● Multi-CPU, Large-Memory
![Page 17: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/17.jpg)
23/04/12 Page 17
Cell Phone Security in Future
Contents Access Control● Block Harmful Sites
Identify Every Individual (User)● Identify by Fingerprint or Code
Prevent Unjust code invasion / operation
![Page 18: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/18.jpg)
23/04/12 Page 18
Mobile Virus – Concept Virus
WinCE/Duts (Jul/04) Symbian/Cabir (Jun/04)
First Mobile Virus in the world Attach the body to the message
via Bluetooth Infected by opening the attached file Infect to the specific series of NOKIA only
First WinCE virus in the world Copy itself to the opened file Infected by opening the infected file Infect to the recent CE PDA
![Page 19: 5/24/10 Confidential Security of Mobile Terminal](https://reader036.fdocuments.net/reader036/viewer/2022062405/55642411d8b42a6e298b5068/html5/thumbnails/19.jpg)
23/04/12 Page 19
Thank you!