wso2con eu 2016: advance information access control system for mobile devices based on wso2...
TRANSCRIPT
AdvanceInforma.onAccessControlSystemforMobileDevicesBasedonaWSO2ArchitectureFidelPaniagua&JavierRuizResearchAssistants
Content
• Businessproblem• Solu.onArchitecture• Decisioncriteria• Implementa.onperformance• Deploymentinfo• Demo
BusinessProblem(I)
• Userssharecorporatedevicesatthesame.me• Bringyourowndevice• Cloudstorage• Keyscompromiseinuserdevices• Disgruntledemployees
Dataleakinforma?on
Currentsolu.onsonlycovers:• Userprofiles• Systemcipher• Containercipher• Mul.pleauthen.ca.onfactors• Informa.onRightsManagement
Ø MicrosoGIRMØ AdobeDRM
BusinessProblem(andII)
Solu?onarchitecture(I)
MobileDevice
Iden.tyServerServiceProvider
JavaCard
• AAA• Securekeymanagement
• Oursystemprovidesthefollowingsecuritymechanisms:– Downloadanddisplayinforma.onaccesscontrol– Cypherprotec.on– KeysarestoragewithintheJC– Mul.factorauthen.ca.on– Informa.onisdecipheredwithintheJC– Mul.lateralandmul.levelsecurity
Solu?onarchitecture(andII)
Decisioncriteria
• Opensourcealterna.ve• WSO2offersfullsuiteofproducts• Iden.tyServerisfullintegratedwithXACMLandSAML• Applica.on Server allows easily to deploy SSO and
XACMLinWebApplica.ons• Applica.on Server supports mul.ple web applica.on
formats• Publicmailinglists• WSO2offersalotofdocumenta.onandexamples
Implementa?onperformance
Advantages• XACMLevalua.oninashort.me• Hardwarecryptographicopera.ons
Drawbacks• PolicyAdministra.on• LowperformancewithJavaCard+NFCconnec.on
Futureop.miza.ons:SecureSD
Deploymentinfo(I)
MobileDevice
WebApplica.on Iden.tyserver
Virtualiza.on
Debian Debian
VMwareESXi
XperiaZ2Tablet
NFCUserJavaCard
Wi-Fi
ServiceProvider– WSO2Applica.onServer5.3.0
• SSOwithSAML2.0• HTTPS• En.tlementFilter
Iden.tyProvider– WSO2Iden.tyServer5.1.0
• SSOwithSAML2.0• XACML3.0• SupportforMicrosoGAc.veDirectory• PIPCustomiza.on
Deploymentinfo(andII)
Demo
• Video
UserProfiles
• Fidel– SecurityClearance:Confiden.al– Country:Spain– Ins.tu.on:Army– Mission:Alpha
• Javier– SecurityClearance:TopSecret– Country:Spain– Ins.tu.on:Navy– Mission:Beta
Documents
• UCAV_2_2_6– Classifica.onLevel:Confiden.al– Country:Spain– Ins.tu.on:Army– Mission:Alpha
• UCAV_2_3_2– Classifica.onLevel:Secret– Country:Spain
Demo
ThankYou!
#WSO2ConEU
Shareyourfeedbackforthissessionwso2con.com/app