Transmitting data over wireless networks causes a remarkable security risk, because the transmitted data over air can be easily exploited by outsiders. Secure VPNs use cryptographic tunneling protocols to ensure sender authentication, as well as the confidentially and integrity of data.
In an IPSEC VPN environment a mobile device requires preinstalled VPN client software to authen- ticate and connect to the VPN gateway. When the application on the user’s mobile device attempts to communicate, the network traffic from these requests is tunneled through the VPN connection
Nokia Mobile VPN is an example of a third party VPN solution for Symbian devices. The compo- nents of Nokia Mobile VPN include Nokia Mobile VPN Client and Nokia Security Service Manager (SSM). Nokia Mobile VPN Client is an IPSec based VPN application. It allows a user to authenticate and connect to an enterprise VPN and as a result data can be securely transferred between the mobile client and the VPN network. Key features of the Nokia Mobile VPN Client are:
• Provides a user the possibility to securely access any network services in a remote network • Support for Nokia Series 60 and Series 80 Symbian smart phones
• Supports legacy and PKI based authentication
• DES (Data Encryption Standard), 3DES, and AES for encryption
• SHA-1 (Secure Hash Algorithm 1) and MD5 (Message Digest 5) for data integrity
• Uses Nokia SSM for automatic provisioning of VPN settings, policy updates, and certificate en- rollment
The Nokia SSM is the core of a scalable mobile VPN solution. It extends VPN to the mobile domain us- ing the Nokia Mobile VPN Clients and supported gateways. Key features of the Nokia SSM include: • The cornerstone for rapid, large scale Mobile VPN deployments
• Integrates with management systems, VPN policy, and external authentication servers • Enables trust creation between a user and a corporate infrastructure
• Provides secure provisioning of VPN configuration automatically over the air • Provides PKI services for mobile devices (Nokia, 2006)
Security of Symbian Based Mobile Devices
Compared to the more common VPN, which uses IPSec technology, the modern VPN with SSL (secure sockets layer) cryptographic protocol makes it easier for administrators and users to set-up and manage secure communication on the Internet. SSL VPN uses SSL technology to enable secure remote access. The benefit of using SSL VPN instead of IPSec VPN is that users do not need any VPN client software installed on the mobile device. Users can also quickly and easily connect to the SSL VPN gateway via a web browser and on any compatible device or computer. SSL protocol is widely supported on most Web browsers (Ferraro, 2003; WIKIPEDIA, 2005).
Intoto’s iGateway SSL-VPN allows users to access enterprise Intranet services securely from mobile devices. iGateway SSL-VPN makes it possible for users to create a secure encrypted virtual tunnel from any standard web browser. Users of iGateway SSL-VPN can choose authentication methods according to their preferences from following alternatives: RADIUS (Remote Authentication Dial In User Ser- vice), LDAP (Lightweight Directory Access Protocol), Active Directory, Windows NTLM (NT LAN Manager) and digital certificates. The software provides end-point security controls i.e. features such as: filtering, anti-virus, personal firewall, registry, file-system entries and browser traces removal, etc. (Intoto Inc., 2005; ZDNet India News, 2005).
Available VPN software for Symbian based mobile devices is summarized in Table A7.
forensic Analysis software
While a large variety of forensic analysis software is available for personal computers, the range of so- lutions is much more limited for mobile devices, especially for Symbian OS based mobile devices. The problem is not only fewer software solution for Symbian OS, but also that available solutions operate only in most common series of Symbian OS based mobile devices.
Forensic analysis software has three main functionalities: acquisition, examination and reporting. Only available solutions have all these functionalities. Often several software solutions must be acquired for a full forensic examination process. The forensic analysis software need full access to a mobile device in order to start acquisition of data. If the examined mobile device is protected with some authentication method, then cracking software is needed.
Oxygen Software delivers software for police departments, law enforcement units and all government services for investigation purposes. The Oxygen Phone Manager II (Forensic version) secures phone data to remain unchanged during extraction and exporting. This forensic version allows users to read data from mobile phone and export this data in any supported formats (Oxygen Software, 2006).
Security of Symbian Based Mobile Devices
Paraben Corporation has developed tools to assist law enforcement, corporate security and digital investigators. Paraben’s PDA Seizure offers forensic analysis tools for Symbian OS, Windows CE/Pocket PC, Windows Mobile, and RIM BlackBerry. The version for Symbian OS allows forensic examiners to acquire, examine and analyze data. Both physical and logical acquisition of data is possible. Physical acquisition means complete bit-by-bit copying from physical storage, for example from a disk drive. Logical acquisition means exact copying of logical storage objects, i.e., files and folders. PDA Seizure has a built-in searching function on acquired data and also a book-marking function to help users to organize data. Moreover, the tool supports HTML reporting on findings.
Paraben Corporation provides another software solution, Cell Seizure, for forensic data acquisition. A forensic acquisition is carried out on all data stored on GSM SIM cards including deleted data (Paraben Corporation, 2006; Ayers & Jansen, 2004, p.14).
Available forensic analysis software for Symbian based mobile devices is summarized in Table A8.