Multifunctional software is developed to solve comprehensively all security needs of mobile devices. From an administrators point of view such software is appealing, since a lot of resources can be saved in terms of effective central administration.
0
Security of Symbian Based Mobile Devices
The key function of Pointsec® for Symbian OS software is encryption. This feature ensures high security level, because all data can be automatically and immediately encrypted before being stored or transferred and decrypted automatically by an authenticated user. Recipients of encrypted data files do not need the same kind of software to open the encrypted data. Recipients can open files with a valid password. Pointsec® for Symbian OS encrypts automatically all data stored on ‘Pointsec for Symbian OS’ protected devices and on memory cards, such as Memory Stick Duo and MMC (Multimedia Cards) without any user interaction.
Trust Digital 2005 encrypts data on Symbian OS based mobile devices and PDA devices. Before data can be decrypted, users are required to authenticate themselves to the devices. Data can be encrypted based on administrator and user preferences.
Both Pointsec® for Symbian OS software uses the Advanced Encryption Standard (AES) algorithm, the US government approved cryptographic standard, based on the “Rijndael” algorithm with a 128-bit encryption key to encrypt data. Trust Digital 2005 provides six different selectable encryption algo- rithms, including the Advanced Encryption Standard (AES). In addition Trust Digital 2005 uses MD5 hash algorithm to protect passwords stored on the device.
One of the most important features of multifunctional software is the central management possibility. Pointsec® for Symbian OS enables administrators to create, deploy and manage their organization’s security policy for mobile devices from one central location. The central management system ensures that the security policy is enforced. End-users cannot uninstall the software from their mobile devices. Trust Digital 2005 can be centrally managed from a “Policy Editor” or from a “Trusted Mobility Server”, which allows administrators to create, push and manage a security policy for each device. The access policies for the device can also be managed.
Trust Digital 2005 together with Encryption Plus products makes a powerful combination, which provides end-to-end data access control and encryption.
Pointsec for Symbian OS enables users to securely regain access via “Remote Help”, when a PIN or a password is forgotten. The number of failed authentication attempts is restricted and access to the
Security of Symbian Based Mobile Devices
mobile device is denied without authentication. Administrators can assist users via a secure challenge/ response procedure, which helps user to regain access to the device and resets the PIN or password (Pointsec Mobile Technologies, 2006; GuardianEdge Technologies, 2005).
Two multifunctional security software solutions for Symbian based mobile devices are compared in Table A9.
references
Ayers, R., & Jansen, W. (2004). PDA forensic tools: An overview and analysis. Retrieved July 6, 2005, from http://csrc.nist.gov/publications/nistir/nistir-7100-PDAForensics.pdf
Biometric Watch. (2005). Face recognition, coming to a cell phone or PDA near you. Retrieved January 6, 2006, from http://www.biometricwatch.com/BW_20_issue/BW_20.htm
Communication Intelligence Corp. (2005). Sign-On™ True Verification comes to the handheld. Retrieved February 3, 2006, from http://www.cic.com/products/signon/
Ferraro, C. I. (2003). Choosing between IPSec and SSL VPNs. Retrieved January 16, 2006, from http:// searchsecurity.techtarget.com/qna/0,289202,sid14_gci940324,00.html
F-Secure Corporation. (2005). F-Secure mobile security for Series 80. Retrieved January 15, 2006, from http://www.f-secure.com/download-purchase/manuals/docs/manual/fsmavs80/avfws80.pdf
FreEPOC. (2006), FreEPOC’s software. Retrieved February 2, 2006, from http://www.freepoc.org/ software.php
GuardianEdge Technologies. (2005). Trust digital 2005. Retrieved February 4, 2006, from http://www. guardianedge.com/products/PDASecure/index.html
Nokia. (2006). Nokia mobile VPN. Retrieved January 20, 2006, from http://www.europe.nokia.com/ nokia/0,0,77172,0.html
NTT DoCoMo, Inc. (2004). NTT DoCoMo to market F900i, first model of 3G FOMA 900i series. Re- trieved January 3, 2006, from http://www.nttdocomo.com/presscenter/pressreleases/press/pressrelease.
html?param[no]=415
OMRON Corporation. Face recognition sensor for mobile phone. Retrieved January 5, 2006, from http://www.omron.com/ecb/products/mobile/okao.html
Oxygen Software. (2006), Oxygen phone manager II for Symbian OS phones. Retrieved January 22, 2006, from http://www.oxygensoftware.com/en/products/
Paraben Corporation. (2006), Handheld digital forensics. Retrieved January 22, 2006, from http://www. paraben-forensics.com/handheld_forensics.html
Pointsec Mobile Technologies. (2006). Pointsec® for Symbian OS. Retrieved January 10, 2006, from
Security of Symbian Based Mobile Devices
ROSISTEM. (2005). Biometric education » Fingerprint. Retrieved January 19, 2006, from http://www.
barcode.ro/tutorials/biometrics/fingerprint.html
Symantec Corporation. (2006). Symantec mobile security for Symbian. Retrieved January 15, 2006,
from http://www.symantec.com/Products/enterprise?c=prodinfo&refId=921
Utimaco Safeware AG. (2005). [SafeGuard® PDA] enterprise edition. Retrieved January 12, 2006, from http://www.utimaco.com/content_pdf/SG_PDA_40_en.pdf
WAC O M Te c h n ol o g y C o r p. (2 0 0 4). S of t p r o j o i n s Wa c o m’s D y n a m i c s i g n a - ture initiative to deliver secure mobile commerce. Retrieved Januar y 20, 2006 from http://www.wacom-components.com/english/news_and_events/nw0021.asp
Wikipedia. (2005), Secure sockets layer (SSL) and transport layer security (TLS). Retrieved January 16, 2006, from http://en.wikipedia.org/wiki/Secure_Sockets_Layer
ZDNet India News. (2005), Intoto introduces multi-service security software. Retrieved January 21, 2006, from http://www.zdnetindia.com/news/pr/stories/121012.html
APPendiX b: security sOftwAre PerfOrMAnce MeAsureMents
fOr syMbiAn Os
This case study presents performance measurements for the security software Pointsec for Symbian OS. The purpose was to measure the influence of Pointsec on data communication performance of Symbian OS. Pointsec is presented in more detail in the section Add-on Security Software. Accord- ing to Pointsec Mobile Technologies, the Pointsec security software should not reduce speed or other performance measures even when the strong 128-bit AES encryption is used to protect the information in the device and in memory cards.