SlideShare uma empresa Scribd logo

Debashis banerjee mobile_webappintrosecurity

D
debashisb

This document discusses mobile web and apps, their ecosystem, and security considerations. It begins by defining mobile web and apps, including different mobile platforms. It then outlines the ecosystem involving app stores, developers, networks and users. The document details security aspects of mobile web, such as encryption, authentication and threats. It also covers security of mobile apps regarding app platform guidelines, reviews, permissions and sandboxes. Finally, it presents a "pyramid of safety" involving different levels of security from safe usage to physical security. The overall message is that mobile web and apps will significantly impact experiences and understanding their security is important.

TecnologiaNegócios
1 de 13
Baixar para ler offline
Debashis Banerjee (deba_ban@rediffmail.com)
Who are they and how are they changing our world? Pic: Free Lib: http://office.microsoft.com/en-us/images
Today’s Agenda  What is Mobile Web  What is Mobile App  Mobile Web and App Ecosystem  Inside the Mobile  Security in Mobile Web  Security in Mobile App  The Pyramid of Safety
What is Mobile Web and Apps  Mobile Web  Mobile Apps  Android  iOS  Windows Mobile
On Premise or Off Premise Physical Access (internal/third party) Enterprise Security Software Web Developers Web Servers App Stores The Network App Developers On Premise or Off Premise Enterprise Security Software Mobile Web And Mobile On device App Ecosystem – The phone Security Perspective Security Software Phone User
Inside the Mobile 6 Wireless RF Microphone (e.g. GSM,CDMA) SIM Cards RAM Browser or ROM OS Native Apps Calender Pictures Phone Book Or Mail, SMS Videos Keyboard Speaker Access Battery Power Supply
Security in Mobile web  Decide on Device Class  What is stored where? – cookies, passwords?  Encryption – Off and on wire, Data & meta data  Multi Factor Auth  Anti Virus  Intrusion Detection /Prevention  Web Threats …SQL Injection, Cross Site Forgery
Security in Mobile web - Continued  PCI DSS  Identity , Previlidge and Access  Sign in vs Sign off  Logical and Physical Security  Trusted/Untrusted Access/URLs  Impact of Non Standard OSs
Security in Mobile app  Security and Hosting Guidelines per app platform  Signed Apps  Marketplace security  App to desktop sync risks  Who reviewed the app?  Security Ratings  Install and Run previlidges of apps
Security in Mobile app - continued  Remote Clean  Access to areas of the phone  Second Factor Auth  Sandboxes  Physical Security  Security as a Service
The Pyramid of Safety 11 Safe Internet /App usage practices Web Site Security/App Security Browser Security/Web App Store Security Network and on device Security (anti virus /Identity/Access/Privilege Management) Physical Security – device and server
In Summary  Mobile Web and Apps are going to significantly impact our browsing experiences  Know the ecosystem they work in  Security aspects  The pyramid of Safety
The changed world is here !!!!! Pic: Free Lib: http://office.microsoft.com/en-us/images

Recomendados

ttv_1215410348
ttv_1215410348ttv_1215410348
ttv_1215410348toptiervcs
 
Mobile security
Mobile securityMobile security
Mobile securitydilipdubey5
 
Srand005 message protection
Srand005 message protectionSrand005 message protection
Srand005 message protectionAndroidproject
 
Hacking JME platform by example / 0wned by MoMo
Hacking JME platform by example / 0wned by MoMoHacking JME platform by example / 0wned by MoMo
Hacking JME platform by example / 0wned by MoMoSven Kirsimäe
 
Sven Kirsimäe: "Hacking JME platform by example: 0wned by MoMo"
Sven Kirsimäe: "Hacking JME platform by example: 0wned by MoMo"Sven Kirsimäe: "Hacking JME platform by example: 0wned by MoMo"
Sven Kirsimäe: "Hacking JME platform by example: 0wned by MoMo"MobileMonday Estonia
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...IBM Security
 
NGSoft General Overview
NGSoft General OverviewNGSoft General Overview
NGSoft General OverviewMichael Starr
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileSISA Information Security Pvt.Ltd
 

Recomendados

ttv_1215410348
ttv_1215410348ttv_1215410348
ttv_1215410348toptiervcs
 
Mobile security
Mobile securityMobile security
Mobile securitydilipdubey5
 
Srand005 message protection
Srand005 message protectionSrand005 message protection
Srand005 message protectionAndroidproject
 
Hacking JME platform by example / 0wned by MoMo
Hacking JME platform by example / 0wned by MoMoHacking JME platform by example / 0wned by MoMo
Hacking JME platform by example / 0wned by MoMoSven Kirsimäe
 
Sven Kirsimäe: "Hacking JME platform by example: 0wned by MoMo"
Sven Kirsimäe: "Hacking JME platform by example: 0wned by MoMo"Sven Kirsimäe: "Hacking JME platform by example: 0wned by MoMo"
Sven Kirsimäe: "Hacking JME platform by example: 0wned by MoMo"MobileMonday Estonia
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...IBM Security
 
NGSoft General Overview
NGSoft General OverviewNGSoft General Overview
NGSoft General OverviewMichael Starr
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileSISA Information Security Pvt.Ltd
 
SecuSUITE for Enterprise Brochure
SecuSUITE for Enterprise BrochureSecuSUITE for Enterprise Brochure
SecuSUITE for Enterprise BrochureBlackBerry
 
Ambient Intelligence - Parham Beheshti
Ambient Intelligence - Parham BeheshtiAmbient Intelligence - Parham Beheshti
Ambient Intelligence - Parham BeheshtiWithTheBest
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTechWell
 
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityChallenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityCygnet Infotech
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012hemantchaskar
 
Mobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicMobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicTjylen Veselyj
 
Motorola Cell Phone Accessories
Motorola Cell Phone AccessoriesMotorola Cell Phone Accessories
Motorola Cell Phone AccessoriesESource Parts
 
Biometric Technology
Biometric TechnologyBiometric Technology
Biometric TechnologyTony Chew
 
Mobile security
Mobile securityMobile security
Mobile securitypriyanka pandey
 
SYPHERSAFE
SYPHERSAFESYPHERSAFE
SYPHERSAFEMustafa Kuğu
 
CTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCommonwealth Telecommunications Organisation
 
Ca partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milanoCa partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milanoCA Technologies Italia
 
Chapter 4
Chapter 4Chapter 4
Chapter 4NorazlinaAbdullah4
 
Cyber security
Cyber securityCyber security
Cyber securitySanthoshKumar2614
 
ANDROID SECURITY
ANDROID SECURITYANDROID SECURITY
ANDROID SECURITYyogeshraut090
 
Eventure mobile app
Eventure mobile appEventure mobile app
Eventure mobile appRoel Frissen, Parthen
 
Cloud based Anti-Theft Application for Android Devices: A Literature Review
Cloud based Anti-Theft Application for Android Devices: A Literature ReviewCloud based Anti-Theft Application for Android Devices: A Literature Review
Cloud based Anti-Theft Application for Android Devices: A Literature ReviewIJSRD
 
Mobile Apps Security Testing -1
Mobile Apps Security Testing -1Mobile Apps Security Testing -1
Mobile Apps Security Testing -1Krisshhna Daasaarii
 
Viruses on mobile platforms why we don't/don't we have viruses on android_
Viruses on mobile platforms why we don't/don't we have viruses on android_Viruses on mobile platforms why we don't/don't we have viruses on android_
Viruses on mobile platforms why we don't/don't we have viruses on android_Jimmy Shah
 
Biometrics - The Future of Authentication in the Banking Industry
Biometrics - The Future of Authentication in the Banking IndustryBiometrics - The Future of Authentication in the Banking Industry
Biometrics - The Future of Authentication in the Banking IndustryTony Chew
 
Changing trends in sw development
Changing trends in sw developmentChanging trends in sw development
Changing trends in sw developmentavniS
 
1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus
1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus
1102700 laporan jobsheet 1 - vegi laten haju embulni sanyusVegi Laten
 

Mais conteúdo relacionado

Mais procurados

SecuSUITE for Enterprise Brochure
SecuSUITE for Enterprise BrochureSecuSUITE for Enterprise Brochure
SecuSUITE for Enterprise BrochureBlackBerry
 
Ambient Intelligence - Parham Beheshti
Ambient Intelligence - Parham BeheshtiAmbient Intelligence - Parham Beheshti
Ambient Intelligence - Parham BeheshtiWithTheBest
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTechWell
 
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityChallenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityCygnet Infotech
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012hemantchaskar
 
Mobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicMobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicTjylen Veselyj
 
Motorola Cell Phone Accessories
Motorola Cell Phone AccessoriesMotorola Cell Phone Accessories
Motorola Cell Phone AccessoriesESource Parts
 
Biometric Technology
Biometric TechnologyBiometric Technology
Biometric TechnologyTony Chew
 
Ca partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milanoCa partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milanoCA Technologies Italia
 
Cloud based Anti-Theft Application for Android Devices: A Literature Review
Cloud based Anti-Theft Application for Android Devices: A Literature ReviewCloud based Anti-Theft Application for Android Devices: A Literature Review
Cloud based Anti-Theft Application for Android Devices: A Literature ReviewIJSRD
 
Viruses on mobile platforms why we don't/don't we have viruses on android_
Viruses on mobile platforms why we don't/don't we have viruses on android_Viruses on mobile platforms why we don't/don't we have viruses on android_
Viruses on mobile platforms why we don't/don't we have viruses on android_Jimmy Shah
 
Biometrics - The Future of Authentication in the Banking Industry
Biometrics - The Future of Authentication in the Banking IndustryBiometrics - The Future of Authentication in the Banking Industry
Biometrics - The Future of Authentication in the Banking IndustryTony Chew
 

Mais procurados (20)

SecuSUITE for Enterprise Brochure
SecuSUITE for Enterprise BrochureSecuSUITE for Enterprise Brochure
SecuSUITE for Enterprise Brochure
 
Ambient Intelligence - Parham Beheshti
Ambient Intelligence - Parham BeheshtiAmbient Intelligence - Parham Beheshti
Ambient Intelligence - Parham Beheshti
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile Apps
 
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityChallenges in Testing Mobile App Security
Challenges in Testing Mobile App Security
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012
 
Mobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicMobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final Public
 
Motorola Cell Phone Accessories
Motorola Cell Phone AccessoriesMotorola Cell Phone Accessories
Motorola Cell Phone Accessories
 
Biometric Technology
Biometric TechnologyBiometric Technology
Biometric Technology
 
Mobile security
Mobile securityMobile security
Mobile security
 
SYPHERSAFE
SYPHERSAFESYPHERSAFE
SYPHERSAFE
 
CTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David Turahi
 
Ca partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milanoCa partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milano
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
 
Cyber security
Cyber securityCyber security
Cyber security
 
ANDROID SECURITY
ANDROID SECURITYANDROID SECURITY
ANDROID SECURITY
 
Eventure mobile app
Eventure mobile appEventure mobile app
Eventure mobile app
 
Cloud based Anti-Theft Application for Android Devices: A Literature Review
Cloud based Anti-Theft Application for Android Devices: A Literature ReviewCloud based Anti-Theft Application for Android Devices: A Literature Review
Cloud based Anti-Theft Application for Android Devices: A Literature Review
 
Mobile Apps Security Testing -1
Mobile Apps Security Testing -1Mobile Apps Security Testing -1
Mobile Apps Security Testing -1
 
Viruses on mobile platforms why we don't/don't we have viruses on android_
Viruses on mobile platforms why we don't/don't we have viruses on android_Viruses on mobile platforms why we don't/don't we have viruses on android_
Viruses on mobile platforms why we don't/don't we have viruses on android_
 
Biometrics - The Future of Authentication in the Banking Industry
Biometrics - The Future of Authentication in the Banking IndustryBiometrics - The Future of Authentication in the Banking Industry
Biometrics - The Future of Authentication in the Banking Industry
 

Destaque

Changing trends in sw development
Changing trends in sw developmentChanging trends in sw development
Changing trends in sw developmentavniS
 
1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus
1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus
1102700 laporan jobsheet 1 - vegi laten haju embulni sanyusVegi Laten
 
atul_resume
atul_resumeatul_resume
atul_resumeatulweb
 
Transaction unit1 topic 2
Transaction unit1 topic 2Transaction unit1 topic 2
Transaction unit1 topic 2avniS
 
Debashis banerjee cloud_is_as_secure
Debashis banerjee cloud_is_as_secureDebashis banerjee cloud_is_as_secure
Debashis banerjee cloud_is_as_securedebashisb
 
Is there a Golden Ratio? Test Specialist to Developer in an Agile team
Is there a Golden Ratio? Test Specialist to Developer in an Agile teamIs there a Golden Ratio? Test Specialist to Developer in an Agile team
Is there a Golden Ratio? Test Specialist to Developer in an Agile teamdebashisb
 
Section 3 resistive circuit analysis ii
Section 3 resistive circuit analysis iiSection 3 resistive circuit analysis ii
Section 3 resistive circuit analysis iimidgettossing
 
Locks with updt nowait
Locks with updt nowaitLocks with updt nowait
Locks with updt nowaitavniS
 
Normalization
NormalizationNormalization
NormalizationavniS
 
Overview of query evaluation
Overview of query evaluationOverview of query evaluation
Overview of query evaluationavniS
 
Multivalued dependency
Multivalued dependencyMultivalued dependency
Multivalued dependencyavniS
 
Sequences
SequencesSequences
SequencesavniS
 
Locking unit 1 topic 3
Locking unit 1 topic 3Locking unit 1 topic 3
Locking unit 1 topic 3avniS
 

Destaque (13)

Changing trends in sw development
Changing trends in sw developmentChanging trends in sw development
Changing trends in sw development
 
1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus
1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus
1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus
 
atul_resume
atul_resumeatul_resume
atul_resume
 
Transaction unit1 topic 2
Transaction unit1 topic 2Transaction unit1 topic 2
Transaction unit1 topic 2
 
Debashis banerjee cloud_is_as_secure
Debashis banerjee cloud_is_as_secureDebashis banerjee cloud_is_as_secure
Debashis banerjee cloud_is_as_secure
 
Is there a Golden Ratio? Test Specialist to Developer in an Agile team
Is there a Golden Ratio? Test Specialist to Developer in an Agile teamIs there a Golden Ratio? Test Specialist to Developer in an Agile team
Is there a Golden Ratio? Test Specialist to Developer in an Agile team
 
Section 3 resistive circuit analysis ii
Section 3 resistive circuit analysis iiSection 3 resistive circuit analysis ii
Section 3 resistive circuit analysis ii
 
Locks with updt nowait
Locks with updt nowaitLocks with updt nowait
Locks with updt nowait
 
Normalization
NormalizationNormalization
Normalization
 
Overview of query evaluation
Overview of query evaluationOverview of query evaluation
Overview of query evaluation
 
Multivalued dependency
Multivalued dependencyMultivalued dependency
Multivalued dependency
 
Sequences
SequencesSequences
Sequences
 
Locking unit 1 topic 3
Locking unit 1 topic 3Locking unit 1 topic 3
Locking unit 1 topic 3
 

Semelhante a Debashis banerjee mobile_webappintrosecurity

MDM is not Enough - Parmelee
MDM is not Enough - Parmelee MDM is not Enough - Parmelee
MDM is not Enough - Parmelee Prolifics
 
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USUdløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USIBM Danmark
 
(Pptx) yury chemerkin hacker_halted_2013
(Pptx) yury chemerkin hacker_halted_2013(Pptx) yury chemerkin hacker_halted_2013
(Pptx) yury chemerkin hacker_halted_2013STO STRATEGY
 
(Pdf) yury chemerkin hackfest.ca_2013
(Pdf) yury chemerkin hackfest.ca_2013(Pdf) yury chemerkin hackfest.ca_2013
(Pdf) yury chemerkin hackfest.ca_2013STO STRATEGY
 
(Pdf) yury chemerkin hacktivity_2013
(Pdf) yury chemerkin hacktivity_2013(Pdf) yury chemerkin hacktivity_2013
(Pdf) yury chemerkin hacktivity_2013STO STRATEGY
 
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...IBM Danmark
 
Securing Mobile Apps: New Approaches for the BYOD World
Securing Mobile Apps: New Approaches for the BYOD WorldSecuring Mobile Apps: New Approaches for the BYOD World
Securing Mobile Apps: New Approaches for the BYOD WorldApperian
 
BehavioSec Web Summit START slideshare
BehavioSec Web Summit START slideshareBehavioSec Web Summit START slideshare
BehavioSec Web Summit START slideshareNeil Costigan
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the BerriesShmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the BerriesTyler Shields
 
When developer's api simplify user mode rootkits developing.
When developer's api simplify user mode rootkits developing.When developer's api simplify user mode rootkits developing.
When developer's api simplify user mode rootkits developing.Yury Chemerkin
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityDirk Nicol
 
Jerry Romanek series mobile development 2012 year end review
Jerry Romanek series mobile development 2012 year end reviewJerry Romanek series mobile development 2012 year end review
Jerry Romanek series mobile development 2012 year end reviewLeigh Williamson
 
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...IBM Security
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Security
 
IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015Sreeni Pamidala
 
WSO2Con ASIA 2016: Mobile Strategy for Your Enterprise
WSO2Con ASIA 2016: Mobile Strategy for Your EnterpriseWSO2Con ASIA 2016: Mobile Strategy for Your Enterprise
WSO2Con ASIA 2016: Mobile Strategy for Your EnterpriseWSO2
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?Tyler Shields
 
BYOD Enterprise Mobility: Beauty & the Beast
BYOD Enterprise Mobility: Beauty & the BeastBYOD Enterprise Mobility: Beauty & the Beast
BYOD Enterprise Mobility: Beauty & the BeastCA API Management
 

Semelhante a Debashis banerjee mobile_webappintrosecurity (20)

MDM is not Enough - Parmelee
MDM is not Enough - Parmelee MDM is not Enough - Parmelee
MDM is not Enough - Parmelee
 
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USUdløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
 
(Pptx) yury chemerkin hacker_halted_2013
(Pptx) yury chemerkin hacker_halted_2013(Pptx) yury chemerkin hacker_halted_2013
(Pptx) yury chemerkin hacker_halted_2013
 
(Pdf) yury chemerkin hackfest.ca_2013
(Pdf) yury chemerkin hackfest.ca_2013(Pdf) yury chemerkin hackfest.ca_2013
(Pdf) yury chemerkin hackfest.ca_2013
 
(Pdf) yury chemerkin hacktivity_2013
(Pdf) yury chemerkin hacktivity_2013(Pdf) yury chemerkin hacktivity_2013
(Pdf) yury chemerkin hacktivity_2013
 
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi VerzeNebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi Verze
 
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...
Mobile Security - Words like Bring Your Own Device, and Federation sounds fam...
 
Securing Mobile Apps: New Approaches for the BYOD World
Securing Mobile Apps: New Approaches for the BYOD WorldSecuring Mobile Apps: New Approaches for the BYOD World
Securing Mobile Apps: New Approaches for the BYOD World
 
BehavioSec Web Summit START slideshare
BehavioSec Web Summit START slideshareBehavioSec Web Summit START slideshare
BehavioSec Web Summit START slideshare
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference
 
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the BerriesShmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
 
When developer's api simplify user mode rootkits developing.
When developer's api simplify user mode rootkits developing.When developer's api simplify user mode rootkits developing.
When developer's api simplify user mode rootkits developing.
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
Jerry Romanek series mobile development 2012 year end review
Jerry Romanek series mobile development 2012 year end reviewJerry Romanek series mobile development 2012 year end review
Jerry Romanek series mobile development 2012 year end review
 
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
 
IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015
 
WSO2Con ASIA 2016: Mobile Strategy for Your Enterprise
WSO2Con ASIA 2016: Mobile Strategy for Your EnterpriseWSO2Con ASIA 2016: Mobile Strategy for Your Enterprise
WSO2Con ASIA 2016: Mobile Strategy for Your Enterprise
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
 
BYOD Enterprise Mobility: Beauty & the Beast
BYOD Enterprise Mobility: Beauty & the BeastBYOD Enterprise Mobility: Beauty & the Beast
BYOD Enterprise Mobility: Beauty & the Beast
 

Último

ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 

Último (20)

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 

Debashis banerjee mobile_webappintrosecurity

  • 2. Who are they and how are they changing our world? Pic: Free Lib: http://office.microsoft.com/en-us/images
  • 3. Today’s Agenda  What is Mobile Web  What is Mobile App  Mobile Web and App Ecosystem  Inside the Mobile  Security in Mobile Web  Security in Mobile App  The Pyramid of Safety
  • 4. What is Mobile Web and Apps  Mobile Web  Mobile Apps  Android  iOS  Windows Mobile
  • 5. On Premise or Off Premise Physical Access (internal/third party) Enterprise Security Software Web Developers Web Servers App Stores The Network App Developers On Premise or Off Premise Enterprise Security Software Mobile Web And Mobile On device App Ecosystem – The phone Security Perspective Security Software Phone User
  • 6. Inside the Mobile 6 Wireless RF Microphone (e.g. GSM,CDMA) SIM Cards RAM Browser or ROM OS Native Apps Calender Pictures Phone Book Or Mail, SMS Videos Keyboard Speaker Access Battery Power Supply
  • 7. Security in Mobile web  Decide on Device Class  What is stored where? – cookies, passwords?  Encryption – Off and on wire, Data & meta data  Multi Factor Auth  Anti Virus  Intrusion Detection /Prevention  Web Threats …SQL Injection, Cross Site Forgery
  • 8. Security in Mobile web - Continued  PCI DSS  Identity , Previlidge and Access  Sign in vs Sign off  Logical and Physical Security  Trusted/Untrusted Access/URLs  Impact of Non Standard OSs
  • 9. Security in Mobile app  Security and Hosting Guidelines per app platform  Signed Apps  Marketplace security  App to desktop sync risks  Who reviewed the app?  Security Ratings  Install and Run previlidges of apps
  • 10. Security in Mobile app - continued  Remote Clean  Access to areas of the phone  Second Factor Auth  Sandboxes  Physical Security  Security as a Service
  • 11. The Pyramid of Safety 11 Safe Internet /App usage practices Web Site Security/App Security Browser Security/Web App Store Security Network and on device Security (anti virus /Identity/Access/Privilege Management) Physical Security – device and server
  • 12. In Summary  Mobile Web and Apps are going to significantly impact our browsing experiences  Know the ecosystem they work in  Security aspects  The pyramid of Safety
  • 13. The changed world is here !!!!! Pic: Free Lib: http://office.microsoft.com/en-us/images