This document discusses security considerations for Android applications in an enterprise environment. It provides examples of potential attacks against mobile technologies like mTAN, cellular signaling, premium SMS, and operator billing. It then describes access control in the Android operating system, including how permissions are assigned to applications and components to restrict access. Finally, it discusses the MILS/separation kernel approach using L4Android and SECT to further isolate applications and increase security on Android phones.
This is my final report that i made in my course information communication technology about cell phone system technology
it include all generation of 1g-5g help students to take idea from it thank you happy learning
This is my final report that i made in my course information communication technology about cell phone system technology
it include all generation of 1g-5g help students to take idea from it thank you happy learning
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
A mobile jammer is a device which is used to jam signals of a cell phone from receiving signals from base stations. Mobile jammer is used majorly where the disturbances that are occurred with the cell phones. So, in this paper we are designing a new Mobile Jammer unit which is capable of blocking the working of a cell phone from not receiving signal from Base Station. This was implemented using FPGA by interfacing Mobile Device, RF Transmitter and RF Receiver and LCD Unit. Keywords'”Jammers, Mobile Jammer, FPGA, RF Transmitter, RF Receiver, LCD Pranjali V Gurnule"Wireless Jamming Networks" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-4 , June 2018, URL: http://www.ijtsrd.com/papers/ijtsrd14455.pdf http://www.ijtsrd.com/engineering/computer-engineering/14455/wireless-jamming-networks/pranjali-v-gurnule
Emerging Technologies of Future Multimedia Coding, Analysis and TransmissionSitha Sok
Emerging Technologies of Future Multimedia Coding, Analysis and Transmission.
Overview of the Second Generation AVS Video Coding Standard (AVS2).
An Introduction to High Efficiency Video Coding Range Extensions.
Multi⁃Layer Extension of the High Efficiency Video Coding (HEVC) Standard
Media processing in the cloud- what, where and howEricsson Slides
The evolution to IP technology, VoLTE and new video services will have a profound
impact on the way person-to-person media processing will be performed in the
networks of the future. This evolution raises some questions: what processing will be
needed, where will it take place and how will it be implemented?
Read more from the Ericsson Review here: http://www.ericsson.com/thinkingahead/technology_insights
To measure / determine the brand image, perceptions, attitudes and behaviour of the target audience with regard to the Nokia Android.
To interpret the results of the measurements based on statistical analysis.
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
A mobile jammer is a device which is used to jam signals of a cell phone from receiving signals from base stations. Mobile jammer is used majorly where the disturbances that are occurred with the cell phones. So, in this paper we are designing a new Mobile Jammer unit which is capable of blocking the working of a cell phone from not receiving signal from Base Station. This was implemented using FPGA by interfacing Mobile Device, RF Transmitter and RF Receiver and LCD Unit. Keywords'”Jammers, Mobile Jammer, FPGA, RF Transmitter, RF Receiver, LCD Pranjali V Gurnule"Wireless Jamming Networks" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-4 , June 2018, URL: http://www.ijtsrd.com/papers/ijtsrd14455.pdf http://www.ijtsrd.com/engineering/computer-engineering/14455/wireless-jamming-networks/pranjali-v-gurnule
Emerging Technologies of Future Multimedia Coding, Analysis and TransmissionSitha Sok
Emerging Technologies of Future Multimedia Coding, Analysis and Transmission.
Overview of the Second Generation AVS Video Coding Standard (AVS2).
An Introduction to High Efficiency Video Coding Range Extensions.
Multi⁃Layer Extension of the High Efficiency Video Coding (HEVC) Standard
Media processing in the cloud- what, where and howEricsson Slides
The evolution to IP technology, VoLTE and new video services will have a profound
impact on the way person-to-person media processing will be performed in the
networks of the future. This evolution raises some questions: what processing will be
needed, where will it take place and how will it be implemented?
Read more from the Ericsson Review here: http://www.ericsson.com/thinkingahead/technology_insights
To measure / determine the brand image, perceptions, attitudes and behaviour of the target audience with regard to the Nokia Android.
To interpret the results of the measurements based on statistical analysis.
Every moment is mobile: mobile marketing for the retail industryWarply
A presentation by Fanis Koutouvelis, CEO, Intale
This presentation was part of the 2nd Mobile Marketing event by Warply. Top executives from leading brands, media agencies and Greek media presented trends of the mobile industry and real examples of how they engage their customers and capitalize on the shift towards a mobile-first reality.
The event was powered by:
Warply
Microsoft Innovation center
Nespresso
Papadopoulou Biscuits
3rd Mobile Marketing event by Warply: Mobile as a Revenue ChannelWarply
A presentation by John Doxaras, Founder & CEO, Warply
This presentation was part of the 3rd Mobile Marketing event by Warply. Top executives from leading brands/companies and media agencies presented trends of the mobile industry and real examples of how they engage their customers using innovative mobile marketing practices.
Follow the conversation using #warply #mme3 on Facebook and Twitter.
The event was powered by:
Warply
Microsoft Innovation Center Greece
Nespresso
Nestle Ice-Cream Hellas
AirHopper: Bridging the Air-Gap between Isolated Networks and Mobile Phones u...mordechaiguri
Information is the most critical asset of modern organizations, and accordingly coveted by adversaries. When highly sensitive data is involved, an organization may resort to air-gap isolation, in which there is no networking connection between the inner network and the external world. While infiltrating an air-gapped network has been proven feasible in recent years (e.g., Stuxnet), data exfiltration from an air-gapped network is still considered to be one of the most challenging phases of an advanced cyber-attack.
In this paper we present "AirHopper", a bifurcated malware that bridges the air-gap between an isolated network and nearby infected mobile phones using FM signals.
While it is known that software can intentionally create radio emissions from a video display unit, this is the first time that mobile phones are considered in an attack model as the intended receivers of maliciously crafted radio signals. We examine the attack model and its limitations, and discuss implementation considerations such as stealth and modulation methods. Finally, we evaluate AirHopper and demonstrate how textual and binary data can be exfiltrated from physically isolated computer to mobile phones at a distance of 1-7 meters, with effective bandwidth of 13-60 Bps (Bytes per second).
Towards Future 4G Mobile Networks: A Real-World IMS Testbedjosephjonse
In the near future, current mobile communication networks will converge towards an All-IP network in order to provide richer applications, stronger customer satisfaction, andfurther return on investment for the industry. However, such a convergence induces a strong level of complexity when handling interoperability between different operators and different handset vendors. In this context, the 3GPP consortium is working on the standardization of the convergence, and IMS is emerging as the internationally agreed upon standard that is multi-operator and multi-vendor. In this paper, we shed further light on the subtleties of IMS, and we delineate a blueprint for the implementation of a real-world IMS testbed. An open source Presence Server is deployed as well. The operation of the IMS testbed and the Presence Server are checked to assess their conformance with 3GPP standards. A simple third party application is developed on top the IMS testbed to further assess its operation.
TOWARDS FUTURE 4G MOBILE NETWORKS: A REAL-WORLD IMS TESTBEDijngnjournal
In the near future, current mobile communication networks will converge towards an All-IP network in order to provide richer applications, stronger customer satisfaction, andfurther return on investment for the industry. However, such a convergence induces a strong level of complexity when handling interoperability between different operators and different handset vendors. In this context, the 3GPP consortium is working on the standardization of the convergence, and IMS is emerging as the internationally agreed upon standard that is multi-operator and multi-vendor. In this paper, we shed further light on the subtleties of IMS, and we delineate a blueprint for the implementation of a real-world
IMS testbed. An open source Presence Server is deployed as well. The operation of the IMS testbed and the Presence Server are checked to assess their conformance with 3GPP standards. A simple third party application is developed on top the IMS testbed to further assess its operation.
Telecom Resilience: Strengthening Networks through Cybersecurity VigilanceSecurityGen1
The digital age has redefined the way we communicate, relying on a complex network of telecommunications infrastructure to bridge distances and connect individuals, organizations, and nations. However, as the reliance on these interconnected systems grows, so does the potential for cyber threats to disrupt these vital connections. "Telecom Cybersecurity" takes center stage as the safeguarding force that strengthens the resilience of these networks against cyberattacks and breaches
Unleashing the Power of Telecom Network Security.pdfSecurityGen1
SecurityGen's commitment to unleashing the power of telecom network security extends beyond just protecting your organization. We understand the importance of maintaining the privacy and trust of your customers. Our solutions not only safeguard your network from external threats but also ensure the confidentiality and integrity of sensitive data transmitted over your telecom infrastructure. By choosing SecurityGen, you're choosing a partner dedicated to empowering your organization with comprehensive telecom network security solutions that go above and beyond industry standards.
Strengthening Your Network Against Future Incidents with SecurityGenSecurityGen1
Prevention is the cornerstone of a resilient network defense strategy. SecurityGen empowers you to take a proactive stance against potential incidents, fortifying your network against future threats. This segment outlines the proactive defense mechanisms offered by SecurityGen, highlighting how these measures can bolster your network's security posture and provide peace of mind in an ever-evolving digital landscape.
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxronak56
Abstract
Voice over Internet Protocol (VoIP) is an advanced telecommunication technology which transfers the voice/video over
high speed network that provides advantages of flexibility, reliability and cost efficient advanced telecommunication
features. Still the issues related to security are averting many organizations to accept VoIP cloud environment due to
security threats, holes or vulnerabilities. So, the novel secured framework is absolutely necessary to prevent all kind of
VoIP security issues. This paper points out the existing VoIP cloud architecture and various security attacks and issues
in the existing framework. It also presents the defense mechanisms to prevent the attacks and proposes a new security
framework called Intrusion Prevention System (IPS) using video watermarking and extraction technique and Liveness
Voice Detection (LVD) technique with biometric features such as face and voice. IPSs updated with new LVD features
protect the VoIP services not only from attacks but also from misuses.
A Comprehensive Survey of Security Issues and
Defense Framework for VoIP Cloud
Ashutosh Satapathy* and L. M. Jenila Livingston
School of Computing Science and Engineering, VIT University, Chennai - 600127, Tamil Nadu, India;
[email protected], [email protected]
Keywords: Defense Mechanisms, Liveness Voice Detection, VoIP Cloud, Voice over Internet Protocol, VoIP Security Issues
1. Introduction
The rapid progress of VoIP over traditional services is
led to a situation that is common to many innovations
and new technologies such as VoIP cloud and peer to
peer services like Skype, Google Hangout etc. VoIP is the
technology that supports sending voice (and video) over
an Internet protocol-based network1,2. This is completely
different than the public circuit-switched telephone net-
work. Circuit switching network allocates resources to
each individual call and path is permanent throughout
the call from start to end. Traditional telephony services
are provided by the protocols/components such as SS7, T
carriers, Plain Old Telephone Service (POTS), the Public
Switch Telephone Network (PSTN), dial up, local loops
and anything under International Telecommunication
Union. IP networks are based on packet switching and
each packet follows different path, has its own header and
is forwarded separately by routers. VoIP network can be
constructed in various ways by using both proprietary
protocols and protocols based on open standards.
1.1 VoIP Layer Architecture
VoIP communication system typically consist of a front
end platform (soft-phone, PBX, gateway, call manager),
back end platform (server, CPU, storage, memory, net-
work) and intermediate platforms such as VoIP protocols,
database, authentication server, web server, operating sys-
tems etc. It is mainly divided into five layers as shown in
Figure1.
1.2 VoIP Cloud Architecture
VoIP cloud is the framework for delivering telephony
services in which resourc.
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxdaniahendric
Abstract
Voice over Internet Protocol (VoIP) is an advanced telecommunication technology which transfers the voice/video over
high speed network that provides advantages of flexibility, reliability and cost efficient advanced telecommunication
features. Still the issues related to security are averting many organizations to accept VoIP cloud environment due to
security threats, holes or vulnerabilities. So, the novel secured framework is absolutely necessary to prevent all kind of
VoIP security issues. This paper points out the existing VoIP cloud architecture and various security attacks and issues
in the existing framework. It also presents the defense mechanisms to prevent the attacks and proposes a new security
framework called Intrusion Prevention System (IPS) using video watermarking and extraction technique and Liveness
Voice Detection (LVD) technique with biometric features such as face and voice. IPSs updated with new LVD features
protect the VoIP services not only from attacks but also from misuses.
A Comprehensive Survey of Security Issues and
Defense Framework for VoIP Cloud
Ashutosh Satapathy* and L. M. Jenila Livingston
School of Computing Science and Engineering, VIT University, Chennai - 600127, Tamil Nadu, India;
[email protected], [email protected]
Keywords: Defense Mechanisms, Liveness Voice Detection, VoIP Cloud, Voice over Internet Protocol, VoIP Security Issues
1. Introduction
The rapid progress of VoIP over traditional services is
led to a situation that is common to many innovations
and new technologies such as VoIP cloud and peer to
peer services like Skype, Google Hangout etc. VoIP is the
technology that supports sending voice (and video) over
an Internet protocol-based network1,2. This is completely
different than the public circuit-switched telephone net-
work. Circuit switching network allocates resources to
each individual call and path is permanent throughout
the call from start to end. Traditional telephony services
are provided by the protocols/components such as SS7, T
carriers, Plain Old Telephone Service (POTS), the Public
Switch Telephone Network (PSTN), dial up, local loops
and anything under International Telecommunication
Union. IP networks are based on packet switching and
each packet follows different path, has its own header and
is forwarded separately by routers. VoIP network can be
constructed in various ways by using both proprietary
protocols and protocols based on open standards.
1.1 VoIP Layer Architecture
VoIP communication system typically consist of a front
end platform (soft-phone, PBX, gateway, call manager),
back end platform (server, CPU, storage, memory, net-
work) and intermediate platforms such as VoIP protocols,
database, authentication server, web server, operating sys-
tems etc. It is mainly divided into five layers as shown in
Figure1.
1.2 VoIP Cloud Architecture
VoIP cloud is the framework for delivering telephony
services in which resourc ...
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxmakdul
Abstract
Voice over Internet Protocol (VoIP) is an advanced telecommunication technology which transfers the voice/video over
high speed network that provides advantages of flexibility, reliability and cost efficient advanced telecommunication
features. Still the issues related to security are averting many organizations to accept VoIP cloud environment due to
security threats, holes or vulnerabilities. So, the novel secured framework is absolutely necessary to prevent all kind of
VoIP security issues. This paper points out the existing VoIP cloud architecture and various security attacks and issues
in the existing framework. It also presents the defense mechanisms to prevent the attacks and proposes a new security
framework called Intrusion Prevention System (IPS) using video watermarking and extraction technique and Liveness
Voice Detection (LVD) technique with biometric features such as face and voice. IPSs updated with new LVD features
protect the VoIP services not only from attacks but also from misuses.
A Comprehensive Survey of Security Issues and
Defense Framework for VoIP Cloud
Ashutosh Satapathy* and L. M. Jenila Livingston
School of Computing Science and Engineering, VIT University, Chennai - 600127, Tamil Nadu, India;
[email protected], [email protected]
Keywords: Defense Mechanisms, Liveness Voice Detection, VoIP Cloud, Voice over Internet Protocol, VoIP Security Issues
1. Introduction
The rapid progress of VoIP over traditional services is
led to a situation that is common to many innovations
and new technologies such as VoIP cloud and peer to
peer services like Skype, Google Hangout etc. VoIP is the
technology that supports sending voice (and video) over
an Internet protocol-based network1,2. This is completely
different than the public circuit-switched telephone net-
work. Circuit switching network allocates resources to
each individual call and path is permanent throughout
the call from start to end. Traditional telephony services
are provided by the protocols/components such as SS7, T
carriers, Plain Old Telephone Service (POTS), the Public
Switch Telephone Network (PSTN), dial up, local loops
and anything under International Telecommunication
Union. IP networks are based on packet switching and
each packet follows different path, has its own header and
is forwarded separately by routers. VoIP network can be
constructed in various ways by using both proprietary
protocols and protocols based on open standards.
1.1 VoIP Layer Architecture
VoIP communication system typically consist of a front
end platform (soft-phone, PBX, gateway, call manager),
back end platform (server, CPU, storage, memory, net-
work) and intermediate platforms such as VoIP protocols,
database, authentication server, web server, operating sys-
tems etc. It is mainly divided into five layers as shown in
Figure1.
1.2 VoIP Cloud Architecture
VoIP cloud is the framework for delivering telephony
services in which resourc.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
J.-P. Seifert; Security-Aware Android Applications for the Enterprise
1. D e s ig n in g S e c u r it y -A w a r e
A n d r o id A p p lic a t io n s f o r t h e
Jean-Pierre Seifert
E n t e r p r i s e Telekom Laboratories, Berlin, Germany
TU Berlin & Deutsche
jpseifert@sec.t-labs.tu-berlin.de
2. Agenda
1. Introduction
2. Some reasons for Access Control in Phones
mTAN, Signalling based attacks, Premium Rate SMS
Trojan, WAC Operator Billing
3. Access Control in Android
4. The MILS/Seperation Kernel approach for Android
phones
SE C T ad for L4Android (simko3)
5. Q&A
Deutsche Telekom Laboratories 17.06.2011 2
4. Cell Phone Security
A cellular phone is only one part of a much larger system
Other parts of the system are even more complex
Historically, both network and devices were closed (started to open)
Provided some level of protection
17.5% of American homes had only wireless telephones in
year 2008.
What about Europe?
Myself I only have one single phone – a cell phone
What happens to the network and devices when interfaces
open?
What happens when we start relying on cell phones for
general computing needs?
Deutsche Telekom Laboratories 17.06.2011 4
5. Cellphone OS Security vs. OS Security
W hy is cellphone OS security different than ordinary OS security?
Connected to critical infrastructure - warnings of phone botnets
Connected to people - attacks can cross into the physical world
Multiple Stakeholders - there is a lot of money at risk
Network provider, OEM, enterprise, 3rd-party app developer, content
owner, end user, etc.
Who has control?
Who is the adversary?
Specific usage scenarios
Always with you
Only want to carry one
(for business and personal)
Deutsche Telekom Laboratories 17.06.2011 5
6. Cellular Networks
Cellular networks are complex systems made up of many components and
defined by thousands of pages of standards documents
3GPP aka GSM, and 3GPP2 aka CDMA ... leads to alphabet soup
There are many non-security concerns (most of them are non-security)
Interconnectivity with “landline” phone network
Efficient radio spectrum deployment
Maximizing number of active of subscribers
Low latency call-setup and in-call
Mobility and roaming (which tower?)
Handset power consumption (sleep periods)
Customer databases and billing mechanisms
and many more ...
Deutsche Telekom Laboratories 17.06.2011 6
7. Stakeholders
A cellphone stakeholder is an entity with valued interests in
proper phone functioning and something to loose from
malfeasance.
Variety of stakeholders, and each has its own goals and
concerns
A stakeholder can be identified by its presence on a phone
1. Provides a means of communication with the outside
world
2 .Uses the handset to deliver information
(e.g., news, music, etc)
3. Provides software or hardware to facilitate 1 and 2
4. An end user of the phone
Deutsche Telekom Laboratories 17.06.2011 7
8. Basic Phone Architecture
T he hardware and software configuration dictates what sorts of
policy is possible.
Each phone has implementation specific details, but some general
trends
Application processor and Baseband processors (most often single
chip)
Separate firmwares and execution environments
Example Chips (SoC) -- often bundle hardware features like GPS,
bluetooth, etc.
Qualcomm Mobile Station Modem (MSM 7x, e.g., MSM 7201a) -
single chip
TI Open Multimedia Application Platform (OMAP 1xxxx, OMAP
3xxxx) - only app
Broadcom baseband processors (e.g., ML2011)
Marvell (PXA series)
Deutsche Telekom Laboratories 17.06.2011 8
10. Example: mTAN – mobile TAN
TAN → Transaction Authentication Number
– secure online banking
mTAN generated individually for each transaction
– mTAN send via text SMS
– Limited life time
– Includes: destination account and amount
(with these values customer can verify his transaction)
Example:
Die mobileTAN für Ihre Überweisung über 11123,45 Euro auf das Konto
123456789 lautet: 73KXCM
Deutsche Telekom Laboratories 17.06.2011 10
11. Example: mTAN – mobile TAN
Deutsche Telekom Laboratories 17.06.2011 11
12. Attacks against mTAN
Prerequisite
– Attacker has the credentials for the victim's online banking
account
Attacker's goal
– Successfully complete online bank transfer from victim's
account to attacker account
Requirement
– Attacker needs to get mTAN from the user's phone
(remember mTAN is send via text SMS)
Deutsche Telekom Laboratories 17.06.2011 12
13. Man-in-the-Mobile Attack against mTAN
Attacker installs malware on victim's phone
– Malware reads and forwards mTAN SMS to attacker
This is easy since:
– All mobile OSes provide an API to read incoming SMS
• Users always grant all capability requests!
– Malware just registers, read and forward SMS messages
Already happening in the field!
– ZITMO (Symbian & Windows Mobile)
Deutsche Telekom Laboratories 17.06.2011 13
14. Example: Eavesdropping on SMS Traffic
Attacker needs to be close to victim
– Unlikely but possible
GSM can be easily recorded and decoded (A5/1 and A5/2)
– Public research available including ready to use tools
Femtocell based attacks can “sniff” 3G traffic
– SecT lab setup → non public yet
– Will be easy to reproduce once published
Deutsche Telekom Laboratories 17.06.2011 14
15. Example: Cellular Signaling
Signaling traffic generated by theMobile Equipment (ME) is sent to the
MSC and HLR in case of voice calls, SMS, and updating account
settings (such as call-forwarding).
Packetdata related signaling is mainly directed towards the SGSN, the
GGSN, and of course the HLR.
Packet Data Protocol (PDP) connection setup is a complex process.
When ME wishes to establish a PDP context it sends a GPRS-attach
message to the SGSN.
The SGSN authenticates the ME using the HLR.
Next, the PDP context is established and stored at the SGSN and GGSN.
This includes records and parameters for billing, quality of service
information, and the IP address assigned to the specific PDP context.
Maintenance and distribution of the PDP context information across the
different network components is a costly process as it involves many
components across the cellular network.
Deutsche Telekom Laboratories 17.06.2011 15
16. Example: Cellular Signaling Threats
Fast PDP context activation and de-activation lead to high network load
on the GGSN and SGSN infrastructure of cellular network operators.
This is performed by either malicious applications or badly configured
mobile phones.
This is possible because on smartphone platforms such as Android any
application has access to the network configuration and thus is able to
change the packet-data and APN settings.
On Android it is possible to force an PDP context change every 2
seconds. This will result in roughly 43,200 PDP activations per day (24
hours).
If it is installed on enough devices, a rouge application can easily carry out
a Denial-of-Service attack against an operator’s packet-data infrastructure.
GSMA. Network Efficiency Threats v0.4a, May 2010.
Deutsche Telekom Laboratories 17.06.2011 16
17. Example: Premium Rate SMS Trojans
Fraud caused by SMS Trojans such as FakePlayer-A is a
long standing problem in the mobile phone world
Costing consumers a considerable amount of money ever year.
This kind of fraud is possible since on modern smartphones
any application has access to the cellular API and is thus
able to send SMS messages.
Same problem applies to voice calls to premium numbers.
Trojan-SMS.AndroidOS.FakePlayer-A.
http://www.fortiguard.com/encyclopedia/virus/android_fakeplayer.a!
tr.html, August 2010.
Deutsche Telekom Laboratories 17.06.2011 17
18. Example: WAC Operator Billing
Pay via Operator bill
• WAC allows to bill consumers buying virtual and digital content
quickly, easily and safely using their m o b i l e p h o n e
numbe r
• It is available for W e b s i t e s , m o b i l e A p p s a n d
W i d g e t s running on M o b i l e s , T a b l e t s , P C s o r
18
e ve n TVs .
Deutsche Telekom Laboratories 17.06.2011 18
19. WAC is an alliance of some of the biggest
companies in the mobile industry.
WAC Board of Directors
Operator
Board Observers Sponsor Members Associate Members
Members
Accenture America Movil Fujitsu Aepona Limo Foundation
Ericsson Bell Mobility IBM Alcatel Lucent Neustar
Huawei China Unicom NEC ASPire-tech NTT Data
Intel Hutchison 3 group Borqs Obigo
Nokia KDDI Cambertech Inc Opera
Qualcomm LG UPlus Capgemini Oracle
Samsung MTS Eyeline Panasonic
Orascom GD RIM
Rogers HP Sandisk
SFR HTC SAP
Vimpelcom IMImobile Sharp
Incross Co. Sony Ericsson
Infraware WiPro
KT Innotz ZTE
LG Electronics
Deutsche Telekom Laboratories 17.06.2011 19
20. WAC has two focus areas.
Network APIs and Operator Billing to be focus.
W A C W id g e t R u n t im e O p e r a t o r N e t w o r ko c
F
us
A P Is
• Increase the overall market for mobile
applications • Exposure of valuable operator network
• Encourage open standardized capabilities to the developer
technologies • Allowing developers to enhance their
• Enable distribution of WAC widgets applications
through multiple channels • Reducing technical and commercial
complexity by offering APIs in a unified,
technology agnostic way
• O p e r a t o r B illin g is t h e
f ir s t A P I
Web: www.wacapps.net/payment-api
YouTube http://bit.ly/nObOd2
Deutsche Telekom Laboratories 17.06.2011 20
21. Using the WAC solution subscribers can pay for
content securely with just a few clicks on the
mobile.
Deutsche Telekom Laboratories 17.06.2011 21
22. Non-mobile devices can also be addressed with
convenient mobile TAN approach.
Illu s t r a t iv e p a y m e n t f lo w s h o w n o n m o b ile d e v ic e –
h o w e v e r t h is a p p lie s f o r o t h e r d e v ic e s a s w e ll, e . g .
T a b le t s o r D e s k t o p s
Deutsche Telekom Laboratories 17.06.2011 22
24. Android
One of the most anticipated smartphone operating
systems -- led by Google
Complete software stack
Open source (Apache v2 license) ... mostly
Open Handset Alliance
... 30+ industrial partners
Google, T-Mobile, Sprint, HTC, LG, Motorola,
Samsung, Broadcom, Intent, NVIDIA,
Qualcomm, … .
Deutsche Telekom Laboratories 17.06.2011 24
25. Android Phones
An Android contains a number of
“applications”
Android comes installed with a
number of basic systems tools, e.g.,
dialer, address book, etc.
Developers use the Android API to
construct applications.
All apps are written in Java and executed
within a custom Java virtual machine.
Each application package is contained
in a jar file (.apk)
Applications are installed by the user
No “app store” required, just build
and go.
Open access to data and voice
Deutsche Telekom Laboratories
services
17.06.2011 25
26. Security Enforcement
Android protects application at system level and at the Inter-component
communication (ICC) level.
Each application runs as a unique user identity, which lets Android limit
the potential damage of programming flaws.
Deutsche Telekom Laboratories 17.06.2011 26
27. Security Enforcement
• Core idea of Android security enforcement
• label assignment to applications and components
• A reference monitor provides mandatory access control
(MAC) enforcement of how applications access
components.
• Access to each component is restricted by assigning it an
access permission label; applications are assigned
collections of permission labels.
• When a component initiates ICC, the reference monitor
looks at the permission labels assigned to its containing
application and
• if the target component’s access permission label is in that
collection— allows ICC establishment to proceed.
Deutsche Telekom Laboratories 17.06.2011 27
28. Access permission logic
The Android middleware implements a reference monitor
providing mandatory access control (MAC) enforcement
about how applications access components.
The basic enforcement model is the same for all component
types. Component A’s ability to access components B and C
is determined by comparing the access permission labels on
B and C to the collection of labels assigned to application 1.
Deutsche Telekom Laboratories 17.06.2011 28
29. Enforcement Conclusion
Assigning permission labels to an application
specifies its protection domain.
Assigning permissions to the components in an
application specifies an access policy to protect its
resources.
Android’s policy enforcement is mandatory, all
permission labels are set at install time and can’t
change until the application is reinstalled.
Android’s permission label model only restricts
access to components and doesn’t currently
provide information flow guarantees.
Deutsche Telekom Laboratories 17.06.2011 29
30. Security Refinements --- Public vs. Private
Components
Applications often contain components that another
application should never access.
For example, component related to password
storing. The solution is to define private component.
This significantly reduces the attack surface for many
applications.
Deutsche Telekom Laboratories
31. Security Refinements --- Protected APIs
Not all system resources (for example, network) are
accessed through components — instead, Android
provides direct API access.
Android protects these sensitive APIs with additional
permission label checks:
an application must declare a corresponding
permission label in its manifest file to use them.
Deutsche Telekom Laboratories
32. Security Refinements --- Permission
Protection Levels
The permission protection levels provide a means of
controlling how developers assign permission labels.
Signature permissions ensure that only the
framework developer can use the specific
functionality (only Google applications can directly
interface the telephony API, for example).
Deutsche Telekom Laboratories
33. Lessons in Defining Policy
Android security policy begins with a relatively easy-
to-understand MAC enforcement model,
but the number and subtlety of refinements make
it difficult to discover an application’s policy.
The label itself is merely a text string,
but its assignment to an application provides
access to potentially limitless resources.
Deutsche Telekom Laboratories
43. SiMKo3 is based upon the L4 micro-kernel and the
Samsung Galaxy S II,
and …
Deutsche Telekom Laboratories 43
44. L4Android – www.l4android.org
• L4Android is derived from the L4Linux project,
which is developed at the Technische Universität
Dresden.
• L4Linux is a modified Linux kernel, which runs on
top of the Fiasco.OC microkernel.
• It is binary compatible with the normal Linux
kernel.
• L4Android combines both the L4Linux and Google
modifications of the Linux kernel and thus enables
us to run Android on top of a microkernel.
Deutsche Telekom Laboratories 44
45. Agenda
Thank you for your attention!
1. Introduction
2. Three reasons for Access Control in SmartPhones
mTAN, Signalling based attacks, Android Trojan(s)
3. So? Access Control in three Linux based
SmartPhones!
LiMo, MeeGo, Android
4. Problems with MAC for “responsible devices“
5. The MILS/Seperation Kernel approach for Android
phones
SECT ad for L4Android
6. Conclusion
Deutsche Telekom Laboratories 17.06.2011 45