The demand for mobile devices requires that government agencies and defense organizations find a way to incorporate smartphones and tablets safely. User preferences aside, the growing demand for mobile workers, as well as evolving needs to share information between agencies makes the need for a means to secure these devices even more essential. Complicating the issue still more is the growing trend of BYOD, in which users expect to get access using their own devices. To facilitate these requirements, organizations must consider several key risk areas, including:
-
Usage – If a device is lost, how do organizations prohibit access by unauthorized users?
-
Data – If a device is lost or stolen, how to organizations protect sensitive data stored on the device?
-
Credentials – Like data, credentials are often stored on the mobile device. How do organizations ensure that these credentials cannot be used by others if the device falls out of the user’s hands?
-
Built-in vulnerabilities – Mobile platforms develop quickly and many operating systems are very complex, opening the door to attack proliferation. How do organizations enable users to take advantage of best-in-class technologies without also putting data and credentials at risk?
High Assurance Mobile Security with Ultimate Flexibility
The SafeNet uSmart Card 650 (uSC650) integrates the Smart Card 650 (SC650) and Trust Platform Module (TPM) functionality in a micro SD form factor targeted for mobile devices. The SC650, which is already approved to support data encryption to the highest U.S. Government assurance levels, offers strong two-factor authentication and proof-positive user identification in all Public Key Infrastructure (PKI) environments.
The uSC650 contains a custom ASIC developed by SafeNet and fabricated by an onshore trusted foundry. It provides an open standard cryptographic service Application Programmer Interface (API) to integrate with a wide array of standard applications, and provides a root of trust for mobile devices by providing an on-chip secure boot process that is compliant with the Trusted Computing Group’s (TCG) mobile trusted model.
Layered security approach
The SafeNet secure mobility framework was designed to provide certified device security for a wide array of mobile devices. The µSC650 serves as a hardware root of trust. The SafeNet middleware provides typical cryptographic service provider (CSP) functions, as well as support for SafeNet VPN services. Custom application integration is facilitated by the cryptographic API support for PKCS#11 and Java-based JCA. This approach allows a mobile application suite to be developed for unique customer requirements without having to go back through the certification process. The SafeNet Mobility Framework was designed to work with off-the-shelf mobile device managers and applications.