Transcript Complete Mobile Security - Global Security Solutions

Secure Mobile
Complete mobile security
Secure Communications
Situation Awareness
Private Mobile Networking
October 2013
Introducing a new patent pending security methodology
Complete mobile security
Single Turnkey Solution* for…
SECURE
COMMUNICATIONS
SITUATIONAL
AWARENESS
Secure Voice.
Secure Voice Conferencing.
Secure Direct Chat (IM).
Secure Group Chat(s).
Secure Chat Automated Shredding.
Secure Direct File Transfer.
Secure Group File Transfer.
Secure Contact Transfer.
Secure Group Contact(s) Transfer.
Secure Camera.
Secure Picture Transfer.
Secure Automated Picture Erase.
Secure Communications Session
Shredded.
 Secure Sessions Uniquely
Encrypted.
 Dedicated Secured Accounts &
Contacts.
 No Call, Chat, Transfer, Camera
History.
 User based Panic Button.
 Silent Panic Initiation.
 GPS Automated Status
Transmission & Notification.
 Panic Administration Satellite
Mapping.
 GPS Tracking on Another
kryptofon Endpoint.
 OMNITrack – Team Based and/or
Cascaded Regional & Global GPS
Tracking.
 OMNITrack Integration Into Falcon
View or ESRI Enterprise.
 C2 – Command & Controls:
 Beacon GPS
 Front/Back Camera Execution
 Lock Screen
 Disable kryptofon
 Wipe Accounts Information
 Microphone Activation













SECURED, MOBILE, PRIVATE
NETWOKING














Supports:
2G, 3G, 4G
WiFi
Satellite
Supports:
Private 3G/4G
Private MANET
Anti-Triangulation.
Multiple Accounts Supporting
Multiple Network Profiles:
Work / Personal
Classified / SBU
Multiple Contacts Profiles
Only Show the Contacts
Associated With The Profile
Network Profile Configuration
Support.
* - patent pending
* - Red Team validated in 2013
www.global-security-solutions.com
Complete mobile security
Industry Leading Authentication and
Key Management.
Authentication
 Trusted Application Validation –
Encryption is Validated On Each
Launch.
 Is it the right app?
 Is it the right size?
 Is it one correct hardware?
 Is it the correct license?
 Is the correct user launching it?
 ….1
Encryption Keys
 Encryption Keys Are Highly
Protected
Never put in-the-air.
Never put on-the-wire.
Never saved on the endpoint.
Never saved on a server.
Used once and then destroyed.
 Each Communication Type (e.g.
voice, chat, transfer, etc.) Uses a
Unique Encryption Key.
1 – Company Proprietary & Need to Know Secured
www.global-security-solutions.com
Complete mobile security
End-to-end Security. Is It Real?
Feature / Capability
Our product
Other available products
Uses SRTP.
No
Yes
AES 256 bit encryption.
Yes
No – SRTP defaults to AES-128 bit encryption.
Implemented through RTP with unique header .
No – Attack surfaces are not allowed.
Yes – Allows and implements attack surface.
Intermediary ZRTP devices .
No – This creates an attack surface, and, attack
surfaces are not allowed.
Yes – Allows for intermediary eavesdropping
devices between endpoints.
Allow unencrypted communications if the other
endpoint is not validated.
No
Yes – by default, SRTP allows the call goes
through unencrypted.
True endpoint-to-endpoint (no servers) audio security.
Yes – Audio packets traverse between endpoints, not No – SRTP decrypts packets at the Session
servers, and only decrypt at the endpoint.
Boarder Controller(s) and SIP Server.
Direct Endpoint-to-Endpoint Audio
Yes – Audio travels endpoint to endpoint.
Execution with program trust validation
Yes – Uses 5 factors of authentication at time of start No
up to establish trust verification.
User must enter the shared secret within a period of
time.
No – Uses 5 factors of authentication at time of start
up to establish trust verification.
Yes
Require user to re-authenticate on each call .
Yes – trust is not assumed based on the last
communication, but on validated trust verification.
Each session validates trust.
No
Unique key for each communication session.
Yes
No
Keys shared over-the-air or over-the-wire.
No
Yes
Private address book
Yes
No
Maintains history of calls, chat, file transfers, photos,
video, etc.
No
Yes
Integrated conference calling
Yes
No
No security servers
Yes
No
Private mobile network ready
Yes
No
No – Audio travels through SBC(s) and SIP
servers.
Complete mobile security
Tactical Mission Deployment Support
Feature / Capability
Our product
Other available products
Use standard SIP/RTP protocols delivering lightweight traffic and
operates in low bandwidth global environments.
Yes
No
Use any server on any network.
Yes
No – requires specific vendor dependent servers
available on the internet.
Supports 2G networks.
Yes
No – server and decryption frequency does not support
low 2G throughput without 5+ seconds of latency .
Supports rapidly deployable private MANET tactical deployments.
Yes
No
Supports rapidly deployable private MANET tactical deployments with
private network backhauled (microwave, satellite, etc.).
Yes
No
Supports rapidly deployable private 3G tactical deployments.
Yes
No
Supports rapidly deployable private 3G tactical deployments with
private network backhauled (microwave, satellite, etc.).
Yes
No
Supports multiple accounts enabling a dedicated persona.
Yes
No
Dedicated contacts defined by active account persona.
Yes
No
Supports both Secret and SBU profile deployments.
Yes
No
Supports and fully interoperates on Windows, Blackberry & Android
Yes
No
Remote deployment – purchase of local endpoints, local SIMs, &
deploy on cell, internet, secure network or mobile 3G or MANET in less
than 5 minutes.
Yes
No
Remote provisioning – supports dedicated hardware/person
implementation within 1 minute, with dedicate MDM controls.
Yes
No
Situational awareness – panic button with hidden panic feature.
Yes
No
Situational awareness – GPS locator.
Yes
No
Situational awareness – integrated standalone mission Blue Force
Tracking with optional FalconView & ESRI integration
Yes
No
Situational awareness – C2 controls
Yes
No
Complete mobile security
Secure Chat Text Messaging
Send individual or group secured text chat messages to members of your
contact list.
 Unique encryption key for each chat session, even if an
additional chat session is to the same person.
 Execute multiple chat sessions simultaneously.
 Execute chat while in a secure call, file transfer, secure
camera execution and secure file transfer.
 Add & delete contacts to chat sessions on the fly.
 From within a chat, whisper to a member of a chat via a
private chat. This chat will utilize unique private key.
 From within a chat, secure call to a member of a chat
session while remaining in the session. This call will utilize
unique private key.
August 2013
Complete mobile security
Secure Camera Capture & Transfer
Take and send individual or group secured pictures with the GSS
integrated secure camera.
 Touch ‘n Send securely within 5 seconds. Simply select a
contact, press the camera button, and shoot. If you like the
preview of what was taken, press share.
 Touch ‘n Store – take your secure picture saving it to secure
onboard storage for later transmission.
 Individual or mass distribution – share to one or more
individual with a single Touch ‘n Send or Touch ‘n Send
action.
 Configurable for photo self destruct after sharing completes.
 Share other photos, or any file, on your Android with secure
file sharing.
August 2013
Complete mobile security
Situational Awareness
Controlling a 12 man team from a safe house, or in garrison overseeing
multiple squadrons, you need SITUATIONAL AWARENESS!
 Panic Alert is endpoint initiated through the Panic Button or Hidden Alert.
 C2 provides centrally controlled functions for team leaders & administrators.
CONTROL, OBTAIN INTELLIGNCE, RECOVER, & DESTROY!
Get GPS Location
Get Pictures
Take Photos
Lock Display
Turn on Microphone
Disable Speaker
Wipe User Data
Disable Application
Without user knowledge
August 2013
Complete Mobile Security
Private telecommunications server





Specifically designed for our server .
Scalable from 100-10,000 users.
Management system.
Deployed in private networks, the Internet or public or private clouds.
Integrates with other servers in other private networks, on the Internet or in other
public or private clouds.
 Warm/hot failover models available.
kryptofonServer
kryptofonServer
August 2013
Complete Mobile Security
OmniTrack – Blue Force Tracking
Track location and panic alerts of team members within seconds.
 All communications encrypted.
 Physical server implemented locally, regionally or
globally.
 Private network or Internet deployed.
kryptofonServer
Encry pted comms
OMNITrack
Administration
August 2013
Complete mobile security
Kryptofon Server & OMNITrack
Cascade Kryptofon Server and OMNITrack Servers Allowing Multi-Level
Monitoring and Oversight.
Team Alpha
kryptofonServer
kryptofonServer
Encry pted comms
HQ
NOC1 or Cloud1
OMNITrack
kryptofonServer
Encry pted comms
Administration
Team
Gamma
Encry pted comms
OMNITrack
NOC2 or Cloud2
OMNITrack
kryptofonServer
Encry pted comms
Administration
Team Zed
Administration
NOC3 or Cloud3
OMNITrack
August 2013
Anti-Triangulation, Cascaded Kryptofon Server & OmniTrack in Secure MultiVendor Cloud Deployments
Global
Local
Regional
Field
Team Alpha Cloud
Team Alpha in Field
IP1
Regional Leader
Team Leader
Regional N Cloud
IP2
IP111
IP4
Regional S Cloud
IP121
Global Cloud
IP211
Team Zed Cloud
Regional E Cloud
IP131
Team Leader
IP11
Team Zed in Field
Anti-Triangulation Deployment
IP3
HQ Monitoring
IP12
Regional W Cloud
IP141
IP13
Cloud Providers
Secure VPN+ Container
IP14
kryptofonServer + OmniTrack
VPN Connections
August 2013
Remote and Hidden Secure Deployments
The Mes provides a network of both
base and repeater nodes which
disseminate and propagate network
traffic in a dynamic, self-healing
fashion.
The Tower provides the capability of
deploying a remote, mobile tactical
3G/4G network in global locations
where local providers are not available
August 2013
10mi MIMO
Mobile Vehicle Bubble2
8mi MIMO Vest Bubble
MIMO Repeater
End-End Secured Communications
•From the Field With kryptofon on
Android.
•To Field HQ.
•To Global HQ.
•On Self-Healing High Speed Repeating
Network.
WiFi
10mi MIMO
Mobile Vehicle Bubble
kryptofon
•Uniquely Encrypted with Every
Communication.
•Without the Need of a Global Secure
Network.
MIMO Repeater
10km
10mi MIMO Bubble
MIMO
Repeater
Configuration Options
Field HQ
•Standalone – or
•Backhauled
WiFi
kryptofon
kryptofon
GSS Global Security Solutions
Tracking
Features
Benefits
• Supports 8-13 mile radius.
• Dynamically expandable
from 2-n nodes.
• Self creation, self healing
high speed network.
• High speed – up to 20 Mbps.
• Small – 3”x5”x1”.
• Lightweight – 1.9 lbs.
• Optional backhaul connect
via IP, satellite, microwave,
• Local deployment of server.
• Protects system with IDRS
Kynetique IDS/IPS.
• HD audio for remote users.
• Enhance open mission
secure communications and
conference calling.
• Rapid secure chat and file
transfer globally.
• Allows for team only
communications.
• Moves Kryptofon Tower to
specific geographic location
for mission implementation.
• Allows for onsite account
management based on local
team needs.
• Stops DDOS and SIP based
attacks.
Operational Outcomes
• Global secure tactical
communications anywhere
in the world.
• Sets up in minutes.
• End-to-End secured
communications.
• HQ communications and
monitoring.
• Undetectable indigenous
footprint.
• Rapid, mobile deployment.
• Land, sea, air deployment
ready.
• Allows for adaptation of in
field conditions.
• Maximized uptime without
attack vector interruption.
August 2013
Benefits
Features
• Supports 1-8 km radius.
• Optional back-end connect
via IP or satellite steady
state or tactical linkage.
• Deployed in a remote black
box container for mobile
vehicle or ship deployment.
• Local deployment of the
server.
• Protect system with IDRS
Kynetique IDS/IPS.
• HD audio for remote users.
• Enhance open mission
secure communications and
conference calling.
• Rapid secure chat and file
transfer globally.
• Allows for team only
communications.
• Moves Kryptofon Tower to
specific geographic location
for mission implementation.
• Allows for onsite account
management based on local
team needs.
Operational Outcomes
• Global secure tactical
communications anywhere
in the world.
• Sets up in minutes.
• End-to-End secured
communications.
• HQ communications and
monitoring.
• Undetectable indigenous
footprint.
• Rapid, mobile deployment.
• Land, sea, air deployment
ready.
• Allows for adaptation of in
field conditions.
• Maximized uptime without
attack vector interruption.
GSS Tower utilizes a patent pending security methodology
August 2013
Secure Mobile Communication
Base
Components
•
•
•
•
•
•
•
•
•
3G/4G cellular base stations
Kryptofon Server
OMNI Track
Laptop computer
Internal Router
Batteries
All cables & interconnect components
Android smartphones
GSS licenses
Optional
Components
•
•
Directional Antennas
Large omnidirectional antennas
August 2013
Secure communication from a laptop
The encryption software not only works with Android, it provides the same
secure capabilities and more on Windows.
SECURE VOICE &
CONFERENCING
SECURE FILE
TRANSFER, CHAT
SITUATIONAL
AWARENESS
SECURE
MOBILE PRIVATE
NETWORKING
August 2013
No matter how you do it!
It’s SECURE!
August 2013
Mobile License Packages
Elite VIP
Elite
Pro
Basic
Starter
Voice
Voice
Voice
Voice
Voice
Chat
Chat
Chat
Chat
Chat
File Transfer
File Transfer
File Transfer
File transfer
Camera
Camera
Camera
BlueTrack
BlueTrack
BlueTrack
Panic Button
Command Controls
Panic Button
Command Controls
Panic Button
Anti-Triangulation
The above packages come with GSS server (deployed
in secure cloud or onsite)
Onsite or Off-site training provided with purchase of
above packages
August 2013