Securing the Dissemination of Emergency Response Data with an Integrated Hardware-Software Architecture

During many crises, access to sensitive emergency-support information is required to save lives and property. For example, for effective evacuations first responders need the names and addresses of non-ambulatory residents. Yet, currently, access to such information may not be possible because government policy makers and third-party data providers lack confidence that today�s IT systems will protect their data. Our approach to the management of emergency information provides first responders with temporary, transient access to sensitive information, and ensures that the information is revoked after the emergency. The following contributions are presented: a systematic analysis of the basic forms of trusted communication supported by the architecture; a comprehensive method for secure, distributed emergency state management; a method to allow a user space application to securely display data; a multifaceted system analysis of the confinement of emergency information and the secure and complete revocation of access to that information at the closure of an emergency.Approved for public release; distribution is unlimited

iPhone forensics methodology and tools

iPhone mobile devices are rapidly overtaking the new generation of mobile phones market, especially among the young generation. It is also gaining a lot of popularity among security specialists and fancy gadgets for collectors. The device is considered as a “special” mobile phone due to its ability to perform multi-operations if not multitasking. It can therefore be used as a entertainment media device, a camera, a GPS, Internet surfing via Wi-Fi technology, Internet Mobile Edge Services, personal organizer, and finally performing as a cell phone with all the usual services including sms, and so forth. However, the difference between the iPhone and the other conventional phones vendors is its ability to store and process huge volume of data which is supported by decent computing capabilities of the iPhone processor. As part of every technology, such a device can be used for legal and illegal activities. Therefore the potential risks from such “special” technology are not limited to the possibility of containing illegal materials, such as audios and visuals, including explicit materials, images, documents and the possibility of propagating malicious activities rapidly. Such modification can breach or tamper with the telecommunications network authorities and regulations. The goal of this paper is to focus on both the logical and the physical extraction of the iPhone generation one through the extraction of the iPhone flash drive NAND memory chip and also the logical extraction of data onto the second generation of iPhone using various techniques and methods at our disposal

Can SDV technology be uUtilised in a smartphone to prevent forensic analysis?

Eliminating the opportunities to successfully acquire data from mobile devices is a critical security objective for certain organisations. In particular, Government agencies require assurance that classified data is secured against hostile forensic analysis. The Secure Systems Silicon Data Vault (SDV) is a hardware based data encryption and access control device that has been accredited by the Australian Government to secure classified information held on laptops and portable hard disk drives; hardware is recognised as a superior trusted platform to implement security mechanisms. The SDV’s 128bit Advanced Encryption Standard (AES) cryptography, sophisticated key management & access controls and total disk encryption makes the SDV an extremely difficult device from which to acquire data and perform forensic analysis. With the increasing functionality and storage capabilities of Smartphones strong security mechanisms are required by organisations that may hold sensitive data on these devices. Software based security applications exist for Smartphones that provide good security and severely impact the acquisition of data suitable for forensic analysis. If strong hardware based security can be integrated into a Smartphone, forensic analysis could be further constrained. This paper considers the feasibility of implementing the SDV technology into a Palm Treo. An overview of the SDV is given and six security design principles are enumerated. Implementation of the six design principles ensure the SDV provides strong security. The Treo architecture is reviewed and the concept of operation enumerated. The challenges with respect to implementing a Smartphone SDV that is conformant with the security design principles are discussed. Possible Smartphone SDV conceptual designs are presented. The concept of operation, implementation issues and conformance of each conceptual design to the SDV security design principles are discussed

Microcomputer security

https://egrove.olemiss.edu/aicpa_guides/1484/thumbnail.jp

Secure portable execution and storage environments: A capability to improve security for remote working

Remote working is a practice that provides economic benefits to both the employing organisation and the individual. However, evidence suggests that organisations implementing remote working have limited appreciation of the security risks, particularly those impacting upon the confidentiality and integrity of information and also on the integrity and availability of the remote worker’s computing environment. Other research suggests that an organisation that does appreciate these risks may veto remote working, resulting in a loss of economic benefits. With the implementation of high speed broadband, remote working is forecast to grow and therefore it is appropriate that improved approaches to managing security risks are researched. This research explores the use of secure portable execution and storage environments (secure PESEs) to improve information security for the remote work categories of telework, and mobile and deployed working. This thesis with publication makes an original contribution to improving remote work information security through the development of a body of knowledge (consisting of design models and design instantiations) and the assertion of a nascent design theory. The research was conducted using design science research (DSR), a paradigm where the research philosophies are grounded in design and construction. Following an assessment of both the remote work information security issues and threats, and preparation of a set of functional requirements, a secure PESE concept was defined. The concept is represented by a set of attributes that encompass the security properties of preserving the confidentiality, integrity and availability of the computing environment and data. A computing environment that conforms to the concept is considered to be a secure PESE, the implementation of which consists of a highly portable device utilising secure storage and an up-loadable (on to a PC) secure execution environment. The secure storage and execution environment combine to address the information security risks in the remote work location. A research gap was identified as no existing ‘secure PESE like’ device fully conformed to the concept, enabling a research problem and objectives to be defined. Novel secure storage and execution environments were developed and used to construct a secure PESE suitable for commercial remote work and a high assurance secure PESE suitable for security critical remote work. The commercial secure PESE was trialled with an existing telework team looking to improve security and the high assurance secure PESE was trialled within an organisation that had previously vetoed remote working due to the sensitivity of the data it processed. An evaluation of the research findings found that the objectives had been satisfied. Using DSR evaluation frameworks it was determined that the body of knowledge had improved an area of study with sufficient evidence generated to assert a nascent design theory for secure PESEs. The thesis highlights the limitations of the research while opportunities for future work are also identified. This thesis presents ten published papers coupled with additional doctoral research (that was not published) which postulates the research argument that ‘secure PESEs can be used to manage information security risks within the remote work environment’

Android Memory Capture and Applications for Security and Privacy

The Android operating system is quickly becoming the most popular platform for mobiledevices. As Android’s use increases, so does the need for both forensic and privacy toolsdesigned for the platform. This thesis presents the first methodology and toolset for acquiringfull physical memory images from Android devices, a proposed methodology for forensicallysecuring both volatile and non-volatile storage, and details of a vulnerability discovered by theauthor that allows the bypass of the Android security model and enables applications to acquirearbitrary permissions

A Taxonomy of Virtualization Security Issues in Cloud Computing Environments

Objectives: To identify the main challenges and security issues of virtualization in cloud computing environments. It reviews the alleviation techniques for improving the security of cloud virtualization systems. Methods/ Statistical Analysis: Virtualization is a fundamental technology for cloud computing, and for this reason, any cloud vulnerabilities and threats affect virtualization. In this study, the systematic literature review is performed to find out the vulnerabilities and risks of virtualization in cloud computing and to identify threats, and attacks result from those vulnerabilities. Furthermore, we discover and analyze the effective mitigation techniques that are used to protect, secure, and manage virtualization environments. Findings: Thirty vulnerabilities are identified, explained, and classified into six proposed classes. Furthermore, fifteen main virtualization threats and attacks ar defined according to exploited vulnerabilities in a cloud environment. Application/Improvements: A set of common mitigation solutions are recognized and discovered to alleviate the virtualization security risks. These reviewed techniques are analyzed and evaluated according to five specified security criteria