DSF for Android
                           DEVICE SECURITY FRAMEWORK
The DSF for Android modular components include:

                          Mocana FIPS Certified Crypto Libraries         ...
DSF for Android Features and Benefits
                          We know that developers working on mobile platforms like A...
About Mocana
                               Mocana provides management solutions and embedded security tools for consumer
Upcoming SlideShare
Loading in …5



Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. DSF for Android DEVICE SECURITY FRAMEWORK ™ Mocana’s comprehensive, open standards-based security suite for developers building on the Android Mobile Platform Mocana’s Device Security Framework Android developers must balance security for Android is the latest release of our functionality, application performance and Features & Benefits comprehensive developers security battery life effectively without introducing Brings security solution (aka “NanoPhone”) for Google’s new security holes into the platform. features to Android revolutionary open mobile platform. Mocana’s DSF for Android is the first that enterprises and and only open standards-based software consumers demand Providing essential data security features package enabling developers to quickly will be paramount to Android’s success. and easily build the security features that Open-standards, RFC compliant To move to new Android-based netbooks enterprises and savvy consumers demand. and phones, enterprises and consumers It was designed in a modular framework Greatly speeds are looking for six fundamental security development allowing developers to pick and use only security features: what they need at the time, while allowing Very high performance • A secure browser them the flexibility to add more functionality Micro memory • Virtual Private Network clients to secure later. Using DSF for Android, developers can footprint data communications between the device quickly add much-needed firewall, VPN, and FIPS-validated and corporate network encryption features to Android handsets cryptographic without compromising the performance, • FIPS validated crypto implementations throughput or battery life of the platform. • Malware and virus protection Easy to install and use Using DSF for Android, developers can • Scalable and secure firmware updating Full source code quickly add much-needed firewall, VPN, and and secure boot capabilities encryption features to Android handsets Perfect for securing • Robust certificate handling features to and netbooks without compromising the netbook or handset authenticate devices, network services, products performance, throughput or battery life of and individuals to each other the platform. World-class development & technical support Device Security Framework for Android 3rd Party 3rd Party Application Application Free source code evaluation at Mocana Mocana NanoDefender NanoDefender www.mocana.com/ Protected Protected evaluate.html Application Application NanoCert NanoSSL NanoSSH NanoSec NanoDTLS Certificate SSL SSH IKEv1/v2 DTLS Mgt Client Client Client & MOBIKE Mocana NanoSec and Patch Management Agent FIPS Certified NanoUpdate IPSec XML Based Configuration Crypto Algorithms Mocana Corporation 350 Sansome Street NanoWireless Suite 1010 WPA2™ Other Data Access Technologies San Francisco, CA 94104 415-617-0055 Phone 866-213-1273 Toll Free Android Mobile Platform Android’s open nature and tremendous info@mocana.com flexibility make it the www.mocana.com perfect platform NanoBoot for Netbooks. Copyright © 2008 – 2009 Mocana Corp. WPA2 is a mark of the Wi-Fi Alliance. Mocana DSF for Android - Device Security Framework v4.2, revised March 2009. TM 1
  2. 2. The DSF for Android modular components include: Mocana FIPS Certified Crypto Libraries alone and pass thru authentication modes Standard in all configurations of the DSF for and acts as a framework and transport Android, your fully-stocked cache of state-of- mechanism for AAA (Authentication, the-art crypto algorithms, including ultra- Authorization, and Accounting) protocols. optimized implementations of RSA, AES, Blowfish, Diffie-Hellman, 3DES, DSA and NanoSec™ (Client): Designed from the dozens of others. ground up for use with IP connected devices, it also includes support for IKEv2. NanoBoot™ Provides all the tools and IPsec is a standard for securing (IP) Internet firmware source code needed to perform Protocol communications by encrypting and/ pre-boot verification. NanoBoot uses or authenticating all packets at the network strong cryptography to validate the BIOS, layer. The Client is standards-based and firmware, and boot loader images and can interoperates with IPsec enabled devices on run in memory-constrained environments the network. (depending on cryptographic configuration), requiring less than 8 KB uncompressed NanoSSH™ (Client): Designed for logging firmware space and less than 2 KB of RAM. into and executing commands on a networked computer and provides secure NanoCert™ Leverages mature technologies encrypted communications between two such as the Public Key Cryptography Standards untrusted hosts over an insecure network. (PKCS), specifically PKCS #10 and PKCS #7. The SSH Client is standard-based and Mocana internal HTTP implementation code interoperates with SSH Servers. provides the client-server transport protocol. Certificate management utility functions in NanoSSL™ (Client): Provides endpoint the Mocana crypto library provide extremely authentication, protecting against efficient key generation and management, eavesdropping, message forgery and certificate parsing, encoding and decoding, and interference. The Client is standards-based certificate store functions. and interoperates with any SSL Server. Both are commonly used for securing remote NanoDefender™ Mocana’s patent-pending device management via a web browser. new anti-malware product, is a device-based intrusion detection system that is designed NanoWireless™ Mocana delivers a Free source code evaluation at to instantly detect and shut down malware or standards-based, full featured, IEEE- www.mocana.com/ viruses before they have a chance to spread compliant WPA2 client software solution that evaluate.html throughout the network or hijack data — and is easy to use. The Mocana NanoWireless it does so while eliminating “false positives. ” solution is uniquely architected with an asynchronous core to fully leverage NanoDTLS™ (Client): Mocana delivers an hardware acceleration, is portable and has a open, standards-based, full featured, RFC small footprint. Mocana Corporation compliant Embedded DTLS Client that is easy to use. Mocana NanoDTLS is uniquely NanoUpdate™ An easy to use, high 350 Sansome Street Suite 1010 architected with an asynchronous core to performance Secure Firmware Update San Francisco, CA 94104 solution. Mocana NanoUpdate enables fully leverage hardware acceleration, is 415-617-0055 Phone portable and small footprint. It is ideally firmware images and other messages to 866-213-1273 Toll Free be securely delivered to devices in the field suited to securing voice and video. info@mocana.com automatically, therefore eliminating the need www.mocana.com NanoEAP™ (Client): Includes 14 different for insecure, user-intensive methods, like Copyright © 2008 – 2009 authentication methods and supports stand email, TFTP FTP HTTP and CD/DVD. , , , Mocana Corp. Mocana DSF for Android - Device Security Framework v4.2, revised March 2009. TM 2
  3. 3. DSF for Android Features and Benefits We know that developers working on mobile platforms like Android are on ultra- compressed development cycles. You don’t have a lot of time to think about, let alone implement, security features that have been optimized to maximize performance and battery requirements for Linux-based handsets. That’s why we’ve built DSF for Android. Now, you don’t need to be a crypto expert to make the design decisions required to build high-performing security applications in these embedded environments. The components share a common API and crypto library that hides the complexity of cryptography and reduces the risks of inexperienced developers introducing new security holes into their own code. Dramatically Reduce Time to Market an asynchronous, event-driven architecture, With development cycles cut in half, don’t cryptographic jobs are easily offloaded to waste valuable time building security different CPU cores or silicon channels, fully from scratch. The DSF for Android is the enabling today’s multi-core processors to do culmination of six years of development your application’s work in parallel. work backed by our decades of experience in the security industry. We’ve already At the heart of the NanoPhone Suite is done all the painstaking optimization work an asynchronous core that leverages our for you, resulting in DSF for Android’s patented Mocana Acceleration Harness™ — incredibly small footprint and best-in-class a software layer that virtualizes and manages performance. Our implementations of crypto offload from software to hardware protocols like IPSec and SSL can run in speeding up crypto operations by as much as less than 50KB of memory, yet are 2x-4x 400%, depending on the hardware platform faster than open source implementations to allow the best power and performance. — and they’re exhaustively tested for Tested and Supported by Actual Humans. interoperability. Now, you can focus on When it comes to security, you can’t what’s important to your business — getting cut corners. But with Mocana, you can your killer Android apps to market, first! significantly reduce your testing efforts No Need to Sacrifice Performance because we’ve done a significant amount for Security already. DSF for Android is pre-optimized Consumers and corporate users need and exhaustively tested so you can focus security but they expect true 3G or 4G on what’s important — getting to market Free source code ahead of your competitors. We’ve invested evaluation at performance in an elegantly designed www.mocana.com/ handset. So you don’t want to let an enormous amount of money into our evaluate.html testing infrastructure that runs 24x7 against computationally-intensive crypto operations suck all the Wow! factor or batter power out thousands of code scripts so you don’t have of your Android device or applications. to. Another benefit of choosing Mocana is our built-in verification process. While other Competing device security architectures programs only have one error code, “-1” our , Mocana Corporation are synchronous, which severely limits developer suite ships with over 1,000 unique the number of cryptography jobs that can code errors built-in so you can pinpoint bugs 350 Sansome Street Suite 1010 be offloaded to silicon at any one time. instantly. Because we’ve done the rigorous San Francisco, CA 94104 Synchronous architectures also severely testing and our support organization is 415-617-0055 Phone limit the way that completed cryptography available 24/7/365, you can have enterprise 866-213-1273 Toll Free jobs can be propagated back up the stack. grade security in weeks, not months. info@mocana.com Because Mocana’s DSF for Android features www.mocana.com Copyright © 2008 – 2009 Mocana Corp. Mocana DSF for Android - Device Security Framework v4.2, revised March 2009. TM 3
  4. 4. About Mocana Mocana provides management solutions and embedded security tools for consumer electronics manufacturers, datacom companies, telecom carriers, industrial automation applications and the enterprise. Mocana’s industry-leading infrastructure software solutions ensure that wired and wireless devices, networks and their services all scale securely. The company sells a portfolio of 18 product offerings and claims more than 90 major customers, including Cisco, Freescale, Philips, Dell, Nortel Networks, Honeywell and Aruba, among others. Mocana was founded in 2002, is privately held, and headquartered in Other Mocana Solutions San Francisco. The company was recently named one of Red Herring’s “Top 100 Privately-Held Companies Globally” for 2008 and also won Frost & Sullivan’s Technology Innovation of the NanoSSL TM Super-small SSL client Year award. NanoUpdate TM Secure firmware updates Awards and Certifications NanoSSH TM High-performance SSH client NanoSec TM Device-optimized IPsec, IKEv1/v2, MOBIKE NanoEAP TM EAP supplicant and 802.11 extensions NanoCert TM Certificate managment for client devices NanoDTLS TM Embedded DTLS client NanoDefender TM Intrusion detection for devices Free source code evaluation at www.mocana.com/ evaluate.html Mocana Corporation 350 Sansome Street Suite 1010 San Francisco, CA 94104 415-617-0055 Phone 866-213-1273 Toll Free info@mocana.com www.mocana.com Copyright © 2008 – 2009 Mocana Corp. Mocana DSF for Android - Device Security Framework v4.2, revised March 2009. TM 4