The Future Mobile Security
-
Upload
qualcomm-developer-network -
Category
Technology
-
view
207 -
download
4
description
Transcript of The Future Mobile Security
1 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
The future of mobile security
Asaf Ashkenazi Director, Product Management Qualcomm Technologies, Inc.
3 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
Qualcomm® Security Solutions
Qualcomm Security Solutions and Qualcomm SecureMSM are products of Qualcomm Technologies, Inc.
Qualcomm Technologies offers a multidimensional security solution that is designed to help:
• Protect mobile device users and the security and integrity of their mobile devices
• Make device security easier
• Enable access to content with strict copyright protection
Qualcomm®
SecureMSM™ Technology
Authentication Enterprise
Theft Deterrence
Content Protection
4 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
SecureMSM
5 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
Secure
MSM
SecureMSM - Security designed to go deep Secure boot
• A secure system foundation consists of the hardware platform and the code that executes on that platform. Unauthorized modification of that code can lead to a breach of the security system. In order to deter unauthorized modification or replacement of the system stored code, SecureMSM incorporates secure boot.
• Qualcomm Technologies’ secure boot is an on-chip tamper resistant ROM based boot-up process that verifies the authenticity and integrity of critical code and data stored in flash memory.
• Qualcomm Technologies’ secure boot process gains control of the system immediately after reset by executing a known code resident in on-chip ROM. This code is the system’s root of trust that authenticates the code used by the device.
<code>
6 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
SecureMSM - Security designed to go deep Trusted execution environment
• Protect the device’s most valuable assets from malware.
• Qualcomm® Secure Execution Environment, using ARM’s TrustZone technology, is a controlled and separated environment that allows trusted execution of code.
• This code is executed outside of the device operating system. QTI’s Secure Execution Environment is designed to reduce the damage of viruses, Trojans and rootkits.
• Hardware access control to block malware access to critical devices such as touchscreen, camera and fingerprint reader.
Secure MSM
BANKING APP
LOGIN
PASSWORD
*********
Qualcomm Secure Execution Environment is a product of Qualcomm Technologies, Inc.
7 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
SecureMSM - Security designed to go deep Cryptographic accelerators
• Hardware data encryption, to enhance the performance and security of cryptographic operations.
• High-speed cryptographic accelerators, capable of handling multi-data channels while maintaining context separations.
• Connects to 256-bit secure hardware key that cannot be accessed by software running on the device and can only be used by the cryptographic accelerator.
• An essential part of the device’s security, performance and power efficiency.
ζ#
Secure
MSM
Hello World
CPU
8 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
Authentication
9 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
Your device – your identity
PASS.
BYOD
?
10 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
• Fingerprint − Sensor on device that captures user’s fingerprint designed to provide
added level of security
• Voiceprint − Integrated audio solutions with hardware recognize individual voice
patterns
• Iris − Computer vision technology sophisticated enough to identify unique
attributes of users eyes
• Secure PIN & Anti-Phishing − Secure UI-based PIN authentication
Authentication solutions
A
C
E
B
D
F
11 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
• Secure location
− Supplemental information to authentication from the hardware to help prevent tampering
• Secure time
− Tying time periods to device infrastructure that help authenticate users more securely
Secure location and context
12 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
Your Device – Your Identity
User Experience
Multi Authenticators
Attestation
Privacy
13 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
Theft prevention
14 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
The FCC: “Epidemic of robberies involving smartphones”
1Source: the Office of the New York State Attorney General, SECURE OUR SMARTPHONES INITIATIVE 2Source: London Metropolitan Police 3Source: FCC, http://www.fcc.gov/document/announcement-new-initiatives-combat-smartphone-and-data-theft
More than 40% of all robberies in New York City involve smartphones and other cell phones3
In 2013, nearly half (49%) of London robberies involved a mobile device2
Other major cities have similar statistics, with robberies involving cell phones comprising 30-40% of all robberies3
Robberies are, by definition, violent crimes, and there are many instances of robberies targeting cell phones resulting in serious injury or even death3
In 2013, thieves stole an estimated 3.1 million mobile devices in the United States1
15 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
Kill Switch components
Device
Device Lock
Control
Kill switch Backend
Database
Lock/unlock
16 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
Concern #1: Fraudulent kill command
Device
Device Lock
Control
Kill switch Backend
Database
Locked
17 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
Concern #2: Factory reset / re-flash attack
Locked Unlocked Factory
Reset Phone Stolen phone
Phone Unlock Tool
18 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
Qualcomm Technologies, Inc. kill switch client* Built on top of SecureMSM
Kill switch Guardian
Device Kill
Function
Authentication Engine
Lock
Unlock
Kill switch Backend
Database
Inside the device
19 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
For more information on Qualcomm, visit us at: www.qualcomm.com & www.qualcomm.com/blog
©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Qualcomm and SecureMSM are trademarks of Qualcomm Incorporated, registered in the United States and other countries. Uplinq is a trademark of Qualcomm Incorporated. All Qualcomm Incorporated trademarks are used with permission. Other products and brand names may be trademarks or registered trademarks of their respective owners. References in this presentation to “Qualcomm” may mean Qualcomm Incorporated, Qualcomm Technologies, Inc., and/or other subsidiaries or business units within the Qualcomm corporate structure, as applicable. Qualcomm Incorporated includes Qualcomm’s licensing business, QTL, and the vast majority of its patent portfolio. Qualcomm Technologies, Inc., a wholly-owned subsidiary of Qualcomm Incorporated, operates, along with its subsidiaries, substantially all of Qualcomm’s engineering, research and development functions, and substantially all of its product and services businesses, including its semiconductor business, QCT.
Thank you FOLLOW US ON: