Your SlideShare is downloading. ×
0
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

I mas appsecusa-nov13-v2

254

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
254
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • http://en.wikipedia.org/wiki/Return-oriented_programminghttp://en.wikipedia.org/wiki/Return-to-libc_attackhttp://www.infosecwriters.com/text_resources/pdf/return-to-libc.pdf
  • Maintain and enhance existing open source MDM serverAdditional commands for managed applicationsScripts for autogenerating certificates and needed plist filesUpdating server to handle multiple enrolled devicesUnderstand and test low level command structureJSON formatted commands directly communicated to serverDirect communication with server after initial Apple push requestStill need to test iOS 7 MDM improvements (Application specific configuration dictionaries)Find limitations of MDMMessages sent to a device in standby or off are not receivedMust continually send until receiving an acknowledgmentNo application specific management, besides uninstall, until iOS 7Ability to secure individual applicationsManaged application removal, deletes entire sandbox for appMonitoring application that provides additional security to iMAS enabled apps
  • Transcript

    • 1. FY13 -14 MITRE Research Research Team: Gregg Ganley(PI) and Gavin Black Approved for Public Release: Case #13-2148
    • 2.    –  © 2013 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 3. © 2013 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 4.  – – – –  – – – – – –  © 2013 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 5.   – –    – – –  – – – © 2013 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 6.   
    • 7. 4 Digit Passcode Native iOS Application App Signing App Store System components: RAM and Debugger Jailbreak / Root Access User Auth App Access Keychain Flash Data Storage SSH / Debugger iOS Core Services iOS Internet iPhone / iPad Hardware Vulnerable Areas Approved for Public Release: Case #13-2148
    • 8. iMAS Secure Application Container iMAS Native iOS Application Secure MDM Control AppPassword Passcode Check Security-Check Encrypted Core Data Jailbreak / debugger attach AppIntegrity Check AppSignature Encrypted RAM Memory Check Check Disk Secure Foundation OpenSSL FIPS Dynamic App Bundling ECM Encrypted Code Modules           Off Device Trust Check    iOS iPhone / iPad Hardware App Store Malware SSH / Debugger   iOS Core Services Enterprise App Store    Tolerable Security Risk Open Source github.com/project-imas Approved for Public Release: Case #13-2148
    • 9. Developer Access Apple Only Apple Only © 2013 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 10. DoD CIO Report FY11  50% (12) iMAS Applicable © 2013 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 11. 60% (6) iMAS Apply Approved for Public Release: Case #13-2148
    • 12. Security Controls Open Source iOS w/iMAS Art of the Possible (2014+) iMAS iOS w/iMAS with or without COTS iMAS (Sep 2014) Sept 2013 level iMAS (Sep 2013) iOS w/COTS App MDM Containers iOS iOS v4/5 iOS v6 iMAS iMAS controls raise security levels, bringing it closer to the Art of the Possible State of the Art (Sep 2013) Consumer Unclassified (Internet) iMAS (Sep 2014) State of the Art (Sep 2013) Enterprise Enterprise+ Sensitive (NIPRNET/MITRE) Mobile App Classification Level Approved for Public Release: Case #13-2148 Classified (SIPRNET/JWICS)
    • 13. Approved for Public Release: Case #13-2148
    • 14. Run-time: Device Access: 4 Digit Passcode RAM and Debugger Passcode Check Jailbreak / Root Access App Access: Security-Check Jailbreak / debugger attach None Memory Security AppPassword Encrypted RAM Disk Data At Rest: AppStore / Malware: App Tampering Forced-inlining AppIntegrity Check Encrypted Code Modules (ECM) Data in Transit: Keychain CoreData Encrypted Core Data Lightning Connector iMAS Secure Foundation OpenSSL / FIPS MDM Remote Control Vulnerable Areas Future Research Approved for Public Release: Case #13-2148
    • 15.  – –  – – –  – – Approved for Public Release: Case #13-2148
    • 16.  – –  – –  – Approved for Public Release: Case #13-2148
    • 17.  – – –   –  Approved for Public Release: Case #13-2148
    • 18.   – –  always_inline – – void debug_check()__attribute__((always_inline));  – –  (-finline-limit) always_inline Approved for Public Release: Case #13-2148
    • 19.  Passcode Check AppPassword         Security-Check Encrypted Core Data Jailbreak / debugger attach Secure Foundation OpenSSL OpenSSL FIPS Forced-inlining Memory Security MDM Remote Control iMAS   AppIntegrity Check Encrypted Code Secure MDM Modules (ECM) Remote Control  Encrypted RAM Disk Dynamic App Bundling Off-device Trust Check © 2013 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 20. Approved for Public Release: Case #13-2148
    • 21.        Approved for Public Release: Case #13-2148
    • 22. Approved for Public Release: Case #13-2148
    • 23. Approved for Public Release: Case #13-2148
    • 24. Approved for Public Release: Case #13-2148
    • 25. • iMAS Possibilities: Apple Push Notification Servers Find limitations Of MDM specification • • Single sign on app Remote App lock • • Remote App password reset Remote Jailbreak reporting Understand and test low level command structure iOS Device iMAS App 3. JSON formatted commands and acknowledgements Open Source MDM Server 0. Device Enrollment (Root Certificate, Enroll.mobileconfig) Ability to secure individual apps Provide scripts and guidance for initial setup Approved for Public Release: Case #13-2148 Maintain and enhance open source MDM server
    • 26. Approved for Public Release: Case #13-2148
    • 27.     – – Approved for Public Release: Case #13-2148
    • 28.     –      AppPassword – – Secure Foundation OpenSSL / FIPS  Security-Check  Memory Security Jailbreak / debugger attach Approved for Public Release: Case #13-2148 
    • 29. Approved for Public Release: Case #13-2148
    • 30. Approved for Public Release: Case #13-2148
    • 31.  – –  – –      –
    • 32.   
    • 33. … … © 2013 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 34. Approved for Public Release: Case #13-2148
    • 35.   –     – – – – – Approved for Public Release: Case #13-2148
    • 36.    – Approved for Public Release: Case #13-2148
    • 37. iMAS - iOS Mobile Application Security Github: https://project-imas.github.com POC: MITRE, Bedford MA Gregg Ganley 781-271-2739 gganley@mitre.org Please ! Gavin Black • Share iMAS with SW Devs 781-271-4771 • Visit and Discover gblack@mitre.org • Download and Experiment • Feedback and push requests © 201312/17/2013 6:50 PM The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 38. Approved for Public Release: Case #13-2148
    • 39.   –  – – –  – –  
    • 40. FY12 MITRE Internal Research - MIP mobile Patient Health Reader © 2013 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 41.  – – –  –   – – © 2013 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 42.     –  – ■ • • © 2013 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-2148
    • 43. Gregg Ganley Gavin Black         Approved for Public Release: Case #13-2148
    • 44. iMAS Secure Application Container iMAS Native iOS Application App Signing Config Profile Extended App level Passcode App Store Jailbreak Detect / Disable RAM / Debugger lib / techniques Encrypted App Files and keychain Internet SSH / Debugger     iOS Core Services iOS iPhone / iPad Hardware Open Source Community   Approved for Public Release: Case #13-2148 Tolerable Security Risk
    • 45.   ECM DynamicLib Builder iOS App ECM Plaintext DynamicLib ciphertext DynamicLib .dylib • Protected Functionality • Secured with ECM App Key  • At Install User enters ECM App Key • Encrypted w/User app password ECM Decoder iMAS Security In Use: Critical Functionality Encrypted iOS App iOS App ECM DynamicLib ECM ECM Decoder DynamicLib ECM Decoder iMAS Security Invulnerable to Decompiling iMAS Security User Enters app password ECM DynamicLib ECM Decoder iMAS Security At Rest: iOS App Critical Functionality Unlocked Approved for Public Release: Case #13-2148

    ×