Debashis banerjee mobile_webappintrosecurity

316 views

Published on

Session on Mob

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
316
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Debashis banerjee mobile_webappintrosecurity

  1. 1. Debashis Banerjee (deba_ban@rediffmail.com)
  2. 2. Who are they and how are they changing our world?Pic: Free Lib:http://office.microsoft.com/en-us/images
  3. 3. Today’s Agenda What is Mobile Web What is Mobile App Mobile Web and App Ecosystem Inside the Mobile Security in Mobile Web Security in Mobile App The Pyramid of Safety
  4. 4. What is Mobile Web and Apps Mobile Web Mobile Apps  Android  iOS  Windows Mobile
  5. 5. On Premise or Off Premise Physical Access (internal/third party)Enterprise SecuritySoftware Web Developers Web Servers App Stores The Network App Developers On Premise or Off Premise Enterprise Security Software Mobile Web And Mobile On device App Ecosystem – The phone Security Perspective Security Software Phone User
  6. 6. Inside the Mobile6 Wireless RF Microphone (e.g. GSM,CDMA) SIM Cards RAM Browser or ROM OS Native Apps Calender Pictures Phone Book Or Mail, SMS Videos Keyboard Speaker Access Battery Power Supply
  7. 7. Security in Mobile web Decide on Device Class What is stored where? – cookies, passwords? Encryption – Off and on wire, Data & meta data Multi Factor Auth Anti Virus Intrusion Detection /Prevention Web Threats …SQL Injection, Cross Site Forgery
  8. 8. Security in Mobile web - Continued PCI DSS Identity , Previlidge and Access Sign in vs Sign off Logical and Physical Security Trusted/Untrusted Access/URLs Impact of Non Standard OSs
  9. 9. Security in Mobile app Security and Hosting Guidelines per app platform Signed Apps Marketplace security App to desktop sync risks Who reviewed the app? Security Ratings Install and Run previlidges of apps
  10. 10. Security in Mobile app - continued Remote Clean Access to areas of the phone Second Factor Auth Sandboxes Physical Security Security as a Service
  11. 11. The Pyramid of Safety11 Safe Internet /App usage practices Web Site Security/App Security Browser Security/Web App Store Security Network and on device Security (anti virus /Identity/Access/Privilege Management) Physical Security – device and server
  12. 12. In Summary Mobile Web and Apps are going to significantly impact our browsing experiences Know the ecosystem they work in Security aspects The pyramid of Safety
  13. 13. The changed world is here !!!!!Pic: Free Lib:http://office.microsoft.com/en-us/images

×