Smartphone Applications - Common Criteria is going Mobile
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Smartphone Applications - Common Criteria is going Mobile

on

  • 1,301 views

Smartphones are a growing, fast moving field of IT. Although smartphones and their applications are omnipresent and potentially violating security, its development cycle is not yet tackled by ...

Smartphones are a growing, fast moving field of IT. Although smartphones and their applications are omnipresent and potentially violating security, its development cycle is not yet tackled by application evaluation thoroughly.
International Common Criteria Conference, Paris, France. September 18-20, 2012.

Statistics

Views

Total Views
1,301
Views on SlideShare
1,252
Embed Views
49

Actions

Likes
0
Downloads
11
Comments
0

3 Embeds 49

http://www.nymity.info 46
http://nymity.info 2
http://translate.googleusercontent.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Smartphone Applications - Common Criteria is going Mobile Presentation Transcript

  • 1. Dr. Jens OberenderSRC Security Research & Consulting GmbHSmartphone applications –Common Criteria is going MobileICCC2012 Paris
  • 2. How to CC-evaluate smartphone apps?Agenda Specify Security Target TOE scope Application specific SFRs Assurance for Smartphone apps Insight Summary Common Criteria is going Mobile 2012 © SRC Security Research & Consulting GmbH Page 2
  • 3. Specify TOE scopeTOE security functions TOE Environment Data import Access control & isolation Key management Policy enforcement Encrypted storage Mobile device management Common Criteria is going Mobile 2012 © SRC Security Research & Consulting GmbH Page 3
  • 4. Security Functional RequirementsGeneric Smartphone AppSFR Smartphone AppFDP_RIP.2 Residual Information Protection Wipe residual data on app hibernationFDP_SDI.2 Stored Data Integrity Ensure authentic configurationFPT_TST TSF Self Test Detection of jail break and background appsFPT_ITC Inter-TSF trusted channel Mutual assured identificationFTA_SSL.3 TSF-initiated termination Inactivity wipes user authenticationFTP_TRP Trusted Path Key negotiation for secure transport Audit/log performed by mobile device management Common Criteria is going Mobile 2012 © SRC Security Research & Consulting GmbH Page 4
  • 5. Security Assurance RequirementsSmartphone App Fields of InterestSAR Notes for Smartphone AppAGD_PRE Authentic app market download Allow for determined set of component interfacesAGD_OPE Certificate chain validationALC Secure rollout and destruction Crypto provider API versioningADV_TDS Control flow, data flow for actions and forms Signed app ≠ authenticity & trust Remote wipe by mobile device management Security Awareness through Smartphone-CERT Common Criteria is going Mobile 2012 © SRC Security Research & Consulting GmbH Page 5
  • 6. Security ArchitectureEvaluation of ADV_ARCSAR Notes for Smartphone AppADV_ARC Secure startup platform settings Self-protection between hibernate and startup Non-bypassability configuration authenticity Set app permissions sparsely Regulate information flow with permissions Enforce interaction policy during runtime, e.g. caller version and configuration on IPC Common Criteria is going Mobile 2012 © SRC Security Research & Consulting GmbH Page 6
  • 7. Vulnerability AnalysisTest and PenetrateSAR Notes for Smartphone AppATE_IND Validation of interface data Issues with hibernationAVA Address Space Layout Randomization Platform key chain mechanism Entropy in key derivation Strong base passwords necessary Appropriate data protection classes Relevance of Mass Infections (cf. chipcard domain) Required skills for exploitation phase Specific efforts & costs of performing attacks Common Criteria is going Mobile 2012 © SRC Security Research & Consulting GmbH Page 7
  • 8. Insight SummaryCommon Criteria is going Mobile Common Criteria approach well-suited for evaluation Identified app-specific requirements Demand for Smartphone-CERT Operation policies supplement platform measures App mass infections prevented by market countermeasures Achievable! CC-Evaluation TOE scope limited High-value targets: strict separation (eg. HASK-PP from 2008) Enterprise policy oriented (Mobile Device PP draft) Common Criteria is going Mobile 2012 © SRC Security Research & Consulting GmbH Page 8
  • 9. References 1/2http://www.enisa.europa.eu/activities/application-security/smartphone-security-1https://www.owasp.org/index.php/OWASP_Mobile_Security_Projecthttp://www.malgenomeproject.org/K. Wain Yee Au, et. al. A Look at SmartPhone Permission Models, SPSM, 2011.A. Alkassar, et. al. Sicherheitskern€ für Smartphones: Ansätze und Lösungen, DuD,2012.D. Barerra. Secure Software Installation on Smartphones, S&P, 2011.M. Becher: Security of Smartphones at the Dawn of their Ubiquitousness. PhDThesis (in German), University of Mannheim, 2009.B. Dodson, et. al. Secure, Consumer-Friendly Web Authentication and Paymentswith a Phone. MobiCASE, 2010.W. Enck. Defending Users Against Smartphone Apps: Techniques and FutureDirections, ICISS, 2011.W. Enck. Understanding Android Security, S&P, 2009.M. Grace, et. al. Systematic Detection of Capability Leaks in Stock AndroidSmartphones, NDSS 2012, 2012. Common Criteria is going Mobile 2012 © SRC Security Research & Consulting GmbH Page 9
  • 10. References 2/2S. Hallsteinsen, I. Jorstad, and D. Van Thanh. Using the mobile phone as a securitytoken for unified authentication. ICSNC, 2007.D. Kleidermacher. Bringing Security to Android-based Devices. Information Quaterly,issue 32.C. R. Mulliner: Security of Smart Phones, Master Thesis, UCL, 2006.M. Ongtang, et. al. Semantically Rich Application-Centric Security in Android,ACSAC, 2009.S. Schrittwieser, et. al. Guess Who’s Texting You? Evaluating the Security ofSmartphone Messaging Applications, NDSS, 2011.A. Shabtai, et. al. Google Android: A State-of-the-Art Review of SecurityMechanisms, CoRR Dagstuhl, 2009.A. Porter Felt, et. al. Android Permissions Demystified, CCS, 2011.A. Porter Felt, et. al. The Effectiveness of Application Permissions, USENIX, 2011.D. Wallach: Smartphone Security: Trends and Predictions. SecAppDev 2011Y. Zhou, X. Jiang. Dissecting Android Malware: Characterization and Evolution, P&S,2012 Common Criteria is going Mobile 2012 © SRC Security Research & Consulting GmbH Page 10
  • 11. Thank You! Dr. Jens Oberender SRC - Security Research & Consulting GmbH Graurheindorfer Str. 149a 53117 Bonn Germany phone +49-228-2806-182 | -0 fax: +49-228-2806-199 E-mail: jens.oberender@src-gmbh.de WWW: www.src-gmbh.de www.src-gmbh.de/download.html Common Criteria is going Mobile 2012 © SRC Security Research & Consulting GmbH Page 11