Posts Tagged ‘Android Security’

LTE – The Security Imperative

Wednesday, September 21st, 2011

Long Term Evolution (LTE) is part of the GSM evolutionary path for mobile broadband. LTE is positioned to be one of the dominant broadband wireless technologies of the next decade and is expected to be widely available in 2012. LTE will provide a viable alternative to traditional broadband technologies, with added benefit of mobility.

Features of LTE include;

  • An all-IP flat network architecture
  • Peak download rates nearing 300 mbps and upload rates of 75 mbps
  • End-to-end QoS including provisions for low-latency communications
  • The ability manage fast-moving mobiles
  • Support for multi-cast and broadcast streams.

With LTE, the data capabilities of the mobile device are greatly extended and the technology is likely to have a massive impact on the services available to the smartphones and tablets of the future. LTE devices will be able to support high definition streaming video, advanced enterprise applications as well as payment and banking services.

The performance and functionality requirements of these applications require a robust, high performance security foundation, rooted in the chipset of the device. Moreover, LTE is likely to accelerate the adoption of open operating systems, which in and of itself creates additional security requirements. These security requirements apply to both platform and network security, as follows:

  • Assuring the system boots from valid image (secure boot)
  • Authenticating new images and revoking older ones (secure software updates and software image revocation)
  • Accelerating secure packet-based communication (e.g. IPSec)
  • Delivering a software image in an encrypted format and storing it encrypted in the device flash memory. The image gets decrypted only once the device boots (software update encryption)
  • Featuring a flexible debug policy, differentiating OEMs, devices in field  (Secure Debug)
  • Securely transferring an asset to the Device or the IC (either by the OEM or the IC vendor) during the manufacturing process (provisioning)
  • Applying different levels of SIM lock protection (SIM Lock)
  • Protecting the IMEI from alterations

No Comments

OMA DRM as the 1st Choice for Carriers and Service Providers Deploying E-book Services

Thursday, March 4th, 2010

E-book market is experiencing significant growth. Approximately four million electronic-book reading devices were sold last year. According to U.S.-based market intelligence firm iSuppli, number is expected to jump to 12 million in 2010 and 18 million in 2012 . Increasingly E-book readers are  equipped with a broadband mobile connectivity. For example Hanwang Science released a 3G e-reader capable of connecting with China Mobile Ltd.’s network, a feature that enables users to access the Internet and to download books. Other examples of e-book readers that include a cellular connection can be seen here

http://gizmodo.com/5365676/irex-dr800sg-ebook-reader-verizon-3g-bn-books-stylus-touchscreen
http://www.engadget.com/2009/10/29/asus-to-launch-3g-wimax-equipped-e-book-readers-by-march-2010/

OMA DRM is the most common content protection and access system in use today by mobile carriers. All forms of digital content including multimedia, ringtones, music, video and games are secured using the OMA DRM solution.

By expanding OMA DRM to protect E-book content mobile carriers can leverage their existing back end infrastructure and qualified workforce. Moreover as an open standard DRM scheme it enjoys the support of content owners and service provides alike. The scheme is robust and widely deployed, and supports all the required business models including:

  • Subscription
  • Time limited rental
  • Buy to own without sharing (forward lock)
  • Sharing with other users (super distribution)
  • Preview
  • Right to read on multiple devices (domains)
  • Usage metering and advertising funded models
  • Backup and recovery

No Comments

The Right Price for an eBook…Let the Consumer Decide

Wednesday, February 24th, 2010

The recent war of words between Apple and Amazon regarding the correct way to price an eBook says a great deal about Apple’s brand value and their ability to leverage success in music market. Ironically in this case the roles are reversed with Amazon charging $9.99 for a best-seller and Apple planning to $12.99 – $14.99. By pricing eBooks aggressively Amazon hoped to stimulate demand, an important lesson learned from Apple’s success in music market. What is not clear is whether Apple’s pricing for eBook’s will proved to be as successful as their 99c per song and whether the download-to-own is the correct approach. Both vendors are deploying in-house content protection technologies.

Just looking at the sheer volume of second hand books available for sale on Amazon.com, my guess is that any eBook pricing model that does not allow the owner to resell the content is not likely to succeed. Moreover, the business model for eBook needs to correctly reflect the way people consume and acquire books. For example support an electronic book library or so-called subscription based models is an important requirement. The ability to share a book with friends and family, typical of books clubs all over the world is another model that must be supported. Text books also pose a serious challenge to the monolithic download-to-own model. This is to say nothing of the different types of devices, with either fixed or removal storage and a multitude of operating systems (e.g. Android, Symbian).

What is clear is that a one-size-fits-all approach (download-to-own) will not allow the eBook market to reach its full potential. Any viable content protection technology for the eBook market needs to support the full range of business models.

OMA DRM 2.1 is such a scheme, providing an ideal solution for eBook market. As an open DRM scheme it enjoys the support of content owners and service provides alike. The scheme is very robust and widely deployed. Moreover the scheme supports all the enhanced business models required by the eBook market.

No Comments

Discretix to Provide Android and Windows Mobile DRM Security for Sony Ericsson

Monday, February 15th, 2010

Discretix Multi-Scheme DRM Client Will Secure Subscription-Based Music and Video Services on Sony Ericsson Android and Windows Mobiles Phones.

FIRA de BARCELONA, SUITE 4.7HS22 / BARCELONA, SPAIN — (February 15, 2010) — Discretix, the leading global provider of embedded Windows Mobile and Android security DRM, today announced that Sony Ericsson has chosen Discretix’ Multi-Scheme DRM Client to protect distribution and consumption of multimedia content on select mobile phones and for its PlayNow services.

Discretix’ Multi-Scheme DRM Client has been deployed on select Sony Ericsson mobile phones based on the Windows Mobile and Android operating systems.  The embedded technology enables a wide variety of business models including subscription-based music and video services for the consumer market.

No Comments

Discretix Joins ARM Solution Center for Android

Monday, December 7th, 2009

Optimized for Android and already selected by several Tier-1 Mobile Device OEMs, the Discretix Multi Scheme DRM client ensures quick time-to-market for next-generation open source mobile and connected devices.

http://www.discretix.com/corporate/pr071209.html

No Comments

iPhone doesn’t neither does Droid

Monday, November 9th, 2009

Verizon are doing level best to expose the weaknesses of the iPhone in the current “droiddoes” campain. Both the Apple iPhone and Motorola Droid devices are packed full of features, but both do not do security. The ability to install applications on the device – something common to all smartphones – comes with huge security risks, for individual subscribers, service providers and enterprises.

Limiting subscribers to downloading applications from approved app stores, certainly mitigates some of the risk. However there are several well known and freely available cracks online that will effectively bypass almost any restrictions and protection mechanisms.

Just in case the simple man on the street felt he had nothing to lose, vulnerabilities of the operating system pose other threats, placing the end-user at risk. Viruses and the trojan horse can reveal and/or modify personal information. These viruses can grab personal payment information such as credit card numbers, illegally obtain contact information from our private phone book stored on the mobile phone, and access our home network using a mobile device’s WiFi capabilities.

As smartphones become more prevalent and entrenched in our work and home lives, their security requirements increase as well. Without such safeguards in place, people will never feel safe using smartphones, thereby preventing these powerful innovations from ever reaching their full potential.

No Comments

Welcome to Discretix’ Blog dedicated to embedded security

Tuesday, October 27th, 2009

Since Discretix was founded the world of embedded security has evolved and grown in ways that few thought possible. Embedded security cuts across a wide spectrum of markets, playing a critical role in their development.  As the market continues to evolve at a rapid pace, this blog will allow us to share relevant information, news and announcements with our customers and partners. We welcome your feedback and comments and look forward to being part of a productive dialog about the issues facing our industry.

No Comments