Upload File

debashis banerjee mobile_webappintrosecurity

13
Debashis Banerjee ([email protected])

Upload: debashisb

Post on 18-Jul-2015

187 views

Category:

Technology


7 download

Report

TRANSCRIPT

Page 1: Debashis banerjee mobile_webappintrosecurity

Debashis Banerjee ([email protected])

Page 2: Debashis banerjee mobile_webappintrosecurity

Who are they and how are they

changing our world?

Pic: Free Lib:

http://office.microsoft.com/en-us/images

Page 3: Debashis banerjee mobile_webappintrosecurity

Today’s Agenda

What is Mobile Web

What is Mobile App

Mobile Web and App Ecosystem

Inside the Mobile

Security in Mobile Web

Security in Mobile App

The Pyramid of Safety

Page 4: Debashis banerjee mobile_webappintrosecurity

What is Mobile Web and Apps

Mobile Web

Mobile Apps

Android

iOS

Windows Mobile

Page 5: Debashis banerjee mobile_webappintrosecurity

Phone User

Mobile Web And Mobile

App Ecosystem – The

Security Perspective

The Network

Physical Access (internal/third party)

App Developers

Web Developers

Web Servers

On Premise or Off Premise

Enterprise Security

Software

On Premise or Off Premise

Enterprise Security

Software

On device

phone

Security

Software

App Stores

Page 6: Debashis banerjee mobile_webappintrosecurity

Keyboard

Access

Battery

Power

Supply

Calender

Phone Book

Mail, SMS

Pictures

Or

Videos

Browser or

Native Apps

RF

(e.g.

GSM,CDMA)

SIM Cards

Speaker

Microphone

RAM

ROM OS

Wireless

6

Inside the Mobile

Page 7: Debashis banerjee mobile_webappintrosecurity

Security in Mobile web

Decide on Device Class

What is stored where? – cookies, passwords?

Encryption – Off and on wire, Data & meta data

Multi Factor Auth

Anti Virus

Intrusion Detection /Prevention

Web Threats …SQL Injection, Cross Site Forgery

Page 8: Debashis banerjee mobile_webappintrosecurity

Security in Mobile web - Continued

PCI DSS

Identity , Previlidge and Access

Sign in vs Sign off

Logical and Physical Security

Trusted/Untrusted Access/URLs

Impact of Non Standard OSs

Page 9: Debashis banerjee mobile_webappintrosecurity

Security in Mobile app

Security and Hosting Guidelines per app platform

Signed Apps

Marketplace security

App to desktop sync risks

Who reviewed the app?

Security Ratings

Install and Run previlidges of apps

Page 10: Debashis banerjee mobile_webappintrosecurity

Security in Mobile app - continued

Remote Clean

Access to areas of the phone

Second Factor Auth

Sandboxes

Physical Security

Security as a Service

Page 11: Debashis banerjee mobile_webappintrosecurity

Physical Security – device and server

Network and on device Security (anti virus

/Identity/Access/Privilege Management)

Browser Security/Web App Store Security

Web Site Security/App Security

Safe Internet

/App usage practices

11

The Pyramid of Safety

Page 12: Debashis banerjee mobile_webappintrosecurity

In Summary

Mobile Web and Apps are going to significantly

impact our browsing experiences

Know the ecosystem they work in

Security aspects

The pyramid of Safety

Page 13: Debashis banerjee mobile_webappintrosecurity

The changed world is here !!!!!

Pic: Free Lib:

http://office.microsoft.com/en-us/images


Arindam Banerjee - University of Minnesotabaner029/banerjee-cv.pdf · Arindam Banerjee October, 2016 ... Dept of Electronics and Telecommunication Engineering ... with Vipin Kumar

Analytical Chemistry Professor Debashis Ray Department of … · Analytical Chemistry Professor Debashis Ray Department of Chemistry Indian Institute of Technology Kharagpur Module

Prithviraj Banerjee

Banerjee Thesis

Bioinformatics for Stem Cell Lecture 2 Debashis Sahoo, PhD

Banerjee 1 0302

Debashis banerjee cloud_is_as_secure

Dr. Debashis Saha, Chairman Professor, MIS & Computer Science Group

Subhankar Banerjee Photography

Dr. Tamal Banerjee. Tamal Banerjee-CV... · 1 Dr. Tamal Banerjee Personal Profile Dr. Tamal Banerjee Professor of Chemical Engineering Indian Institute of Technology Guwahati Guwahati-

Sanhita Paper banerjee

Banerjee Duflo Poverty

001 banerjee

State of Micro Insurance in or and Uk Debashis Shailendra

College of Science and UHC Thesis Mixer - Honors Collegehonors.oregonstate.edu/sites/honors.oregonstate.edu/files/uhc... · 541-737-1986 [email protected] Debashis Mondal

BETA-MULTIPLIER REFERENCE GENERATOR BANDGAP REFERENCE GENERATOR GROUP3 – DEBASHIS BANERJEE JASON PINTO ASHITA MATHEW ECE4430 Project Presentation

Jean Cabello, Nilanjan Mukherjee, Debashis Basu, Jonathan Makem and Bhanu Peddi

Online Trading Trustline Debashis

LIVE BIO-SENSOR NODES FOR INVISIBLE PERVASIVE ...alumni.cs.ucr.edu/~anirban/Anir-AAW-HiPC03.pdf1 LIVE BIO-SENSOR NODES FOR INVISIBLE PERVASIVE COMPUTING Anirban Banerjee*. and Debashis

Banerjee Graphical Models

1 ndia.in Date Name ScrumIndia.In Proprietary Information Turning into an Agile Engineering Manager/Leader Debashis Banerjee ([email protected])

LEADERSHIP Banerjee [email protected] 747007009/776660888

College of Science and UHC Thesis Mixer - Honors College · 541-737-1986 [email protected] Debashis Mondal Statistics Hypotheses, statistics and computations Do DNAs follow

Krishanu Banerjee- Ntpc

Banerjee Duflo EconLivesofPoor

Wrik banerjee - Resume

Debashis Ppt

4 Banerjee

Bioinformatics for Stem Cell Lecture 1 Debashis Sahoo, PhD

Banerjee s

Department of Statistics, Stanford University 390 Serra ...anson.ucdavis.edu/~debashis/techrep/eigenlimit.pdf · 390 Serra Mall, Stanford, CA 94305 [email protected] Abstract

Entrepreneurship & Creativity_Sirsanath Banerjee

Sankha Banerjee paper

Debashis Khan -Seminar

OPERATIONAL AMPLIFIER GROUP3 – DEBASHIS BANERJEE JASON PINTO ASHITA MATHEW ECE4430 Project Presentation