Transcript Document
Mobile Computing: Security Issue Group 4 Members: 941603黃昱翔 941604梁振堃 941611郭雅恬 941618劉俊宏 941623王雋為 941650王瓊儀 941661李晏榕 941662黃筱涵 941702許椀淇 Introduction Evolution Of Network Mobile Computing Vital Issues A Timeline of Mobile Computing Wireless Communication Systems Security of Mobile Computing The advantages of mobile devices are undeniable, but so are the ways that they can bring vulnerability to your system. Consider these key ways to protect your company’s system. Device Security Tips to secure mobile devices like laptops & handhelds Be smart. Label your property. Use security products. Use the hard drive password setting on your laptop. Once device was lost Network Security Network Security Data in transit V.S. Data at rest. Deploy VPN (virtual private network). Security Layers Wireless Security Protocols. Network Security Security Layers Based on the OSI Motivation for the Mobile IP Security Services: Authentication Access control Non-repudiation Data integrity Data confidentiality Assurance/Availability Notarization/signature Network Security Wireless Security Protocols Four wireless security protocol types are needed: 1. Access control to mobile devices 2. Local access control to networks and network services 3. Remote access control to networks and network services 4. Protection of data communication to/from mobile devices. Network Security Wireless Security Protocols 1.Access control to mobile devices PIN and Password Authentication Visual and Graphical Login Biometrics Authorization File Masking Access Control Lists Role-based Access Control Network Security Wireless Security Protocols 2.Local access control to networks and network services WLAN Bluetooth Cellular Network… 3.Remote Network Access Remote access VPN 4.Protection of Data Communication Tips to secure the data on mobile devices Consider your real needs. Make a trusty backup. Ensure you're only carrying the data you think you are. Use encryption or a Virtual Private Network (VPN). Tips to ensure a secure Internet connection everywhere—including at home Disable your wireless Internet connection when not in use. Use secure wireless. Make your home wireless network more secure. Change the name of your “SSID” network and/or don’t broadcast it. Ensure you’re using a static IP address. Enable your firewall. Change the default admin password; make it longer and more complex. Only allow machines you know to connect to your network by enabling MAC address filtering. Wireless Application Security Wireless application security includes 1. Application access control 2. Client/server communications security 3. Anti-malware protection Wireless Application Security Application Access Control Mobile applications handling confidential data should require user authentication before application access is granted. A limited inactive time is specified for an application before re-authentication is required. Wireless Application Security Client/Server Communication Security Typical wireless Internet connections are: 1. The wireless connection between a mobile device and an access device 2. The Internet connection between the mobile device and the Internet host/server via the access device. For Web-based client/server applications, the SSL protocol provides encryption and signing of transmitted data. Wireless Application Security Anti-Malware Protection Malware can access and steal application data, such as credit card information stored in memory by wireless applications. Time and space for sensitive data in memory should be minimized. Privacy and Security Policies Any discussion of security and device management needs to acknowledge the importance of employees' efforts toward securing corporate data — especially customer data. IT needs to formulate and distribute clear, concise security policies regarding access via mobile devices. Privacy and Security Policies Conduct tests on a periodic basis to ensure that the protections you've deployed worked, and that your employees remain up-to-date on their responsibilities when it comes to privacy and security. Case-Sybase The largest enterprise software and services company exclusively focused on managing and mobilizing information. With the global solutions, enterprises can extend their information securely and make it useful for people anywhere using any device. Case-Sybase Government Solutions Information Technology, Management and Mobile Solutions for Government Agencies They offer complete government solutions in four key areas: 1. Federal 2. State and Local 3. Homeland Security 4. Sybase Government Partners Case-Sybase Sybase Homeland Security Solutions With the threat of terrorist attacks, homeland security has become a major concern for all individuals and organizations. Sybase solutions help meet this agency’s security objectives, and more. Case-Sybase Empowering field personnel with anywhere, anytime access to critical information offers many benefits, including: Increased productivity and improved response time Better information sharing and collaboration between agencies Error-free capture of data in a standardized format Ability to maintain security and confidentiality of critical data Case-Sybase Specific examples of Homeland Security solutions we provide include: Remote access to photos, documentation and other vital statistics for field investigators Onsite data collection for inspection of commercial structures, bridges, roads, military equipment, power lines and the nation's food supply Information access for custom checkpoints ensuring inspection of people, vehicles, packages and any other items that may pose a security threat Smart card identification and tracking of visitors at secure locations Future will forecast 1. Global information safe service market development present situation and tendency Future will forecast 2. Taiwan information security market 3. The new focus of enterprises funded protection for mobile devices 4. Establishes set of motions work the security policy a. Zero tolerance policy b. The document remembered wants redact c. Other protective measures Conclusion The advent of the World Wide Web Electronically、Efficiently、Nonpaperness the prevalent of notebook (laptop) and its high frequency