SlideShare a Scribd company logo

Debashis banerjee mobile_webappintrosecurity

D
debashisb

This document discusses mobile web and apps, their ecosystem, and security considerations. It begins by defining mobile web and apps, including different mobile platforms. It then outlines the ecosystem involving app stores, developers, networks and users. The document details security aspects of mobile web, such as encryption, authentication and threats. It also covers security of mobile apps regarding app platform guidelines, reviews, permissions and sandboxes. Finally, it presents a "pyramid of safety" involving different levels of security from safe usage to physical security. The overall message is that mobile web and apps will significantly impact experiences and understanding their security is important.

TechnologyBusiness
1 of 13
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
Debashis Banerjee (deba_ban@rediffmail.com)
Who are they and how are they changing our world? Pic: Free Lib: http://office.microsoft.com/en-us/images
Today’s Agenda  What is Mobile Web  What is Mobile App  Mobile Web and App Ecosystem  Inside the Mobile  Security in Mobile Web  Security in Mobile App  The Pyramid of Safety
What is Mobile Web and Apps  Mobile Web  Mobile Apps  Android  iOS  Windows Mobile
On Premise or Off Premise Physical Access (internal/third party) Enterprise Security Software Web Developers Web Servers App Stores The Network App Developers On Premise or Off Premise Enterprise Security Software Mobile Web And Mobile On device App Ecosystem – The phone Security Perspective Security Software Phone User
Inside the Mobile 6 Wireless RF Microphone (e.g. GSM,CDMA) SIM Cards RAM Browser or ROM OS Native Apps Calender Pictures Phone Book Or Mail, SMS Videos Keyboard Speaker Access Battery Power Supply
Security in Mobile web  Decide on Device Class  What is stored where? – cookies, passwords?  Encryption – Off and on wire, Data & meta data  Multi Factor Auth  Anti Virus  Intrusion Detection /Prevention  Web Threats …SQL Injection, Cross Site Forgery
Security in Mobile web - Continued  PCI DSS  Identity , Previlidge and Access  Sign in vs Sign off  Logical and Physical Security  Trusted/Untrusted Access/URLs  Impact of Non Standard OSs
Security in Mobile app  Security and Hosting Guidelines per app platform  Signed Apps  Marketplace security  App to desktop sync risks  Who reviewed the app?  Security Ratings  Install and Run previlidges of apps
Security in Mobile app - continued  Remote Clean  Access to areas of the phone  Second Factor Auth  Sandboxes  Physical Security  Security as a Service
The Pyramid of Safety 11 Safe Internet /App usage practices Web Site Security/App Security Browser Security/Web App Store Security Network and on device Security (anti virus /Identity/Access/Privilege Management) Physical Security – device and server
In Summary  Mobile Web and Apps are going to significantly impact our browsing experiences  Know the ecosystem they work in  Security aspects  The pyramid of Safety
The changed world is here !!!!! Pic: Free Lib: http://office.microsoft.com/en-us/images

More Related Content

PPTX
Mobile security
dilipdubey5
 
PPT
ttv_1215410348
toptiervcs
 
PPT
Srand005 message protection
Androidproject
 
PPT
Hacking JME platform by example / 0wned by MoMo
Sven Kirsimäe
 
PPT
Sven Kirsimäe: "Hacking JME platform by example: 0wned by MoMo"
MobileMonday Estonia
 
PPTX
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
IBM Security
 
PPTX
NGSoft General Overview
Michael Starr
 
PDF
New trends in Payments Security: NFC & Mobile
SISA Information Security Pvt.Ltd
 
Mobile security
dilipdubey5
 
ttv_1215410348
toptiervcs
 
Srand005 message protection
Androidproject
 
Hacking JME platform by example / 0wned by MoMo
Sven Kirsimäe
 
Sven Kirsimäe: "Hacking JME platform by example: 0wned by MoMo"
MobileMonday Estonia
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
IBM Security
 
NGSoft General Overview
Michael Starr
 
New trends in Payments Security: NFC & Mobile
SISA Information Security Pvt.Ltd
 

What's hot (20)

PDF
SecuSUITE for Enterprise Brochure
BlackBerry
 
PDF
Ambient Intelligence - Parham Beheshti
WithTheBest
 
PDF
Tips and Tricks for Building Secure Mobile Apps
TechWell
 
PDF
Challenges in Testing Mobile App Security
Cygnet Infotech
 
PPT
How BYOD Will Shape Wireless Network Security in 2012
hemantchaskar
 
PPTX
Mobilination Ntymoshyk Personal Mobile Security Final Public
Tjylen Veselyj
 
PDF
Motorola Cell Phone Accessories
ESource Parts
 
PDF
Biometric Technology
Tony Chew
 
PPTX
Mobile security
priyanka pandey
 
PDF
SYPHERSAFE
Mustafa Kuğu
 
PDF
CTO Cybersecurity Forum 2013 David Turahi
Commonwealth Telecommunications Organisation
 
PDF
Ca partner day - cloud e mobile security - milano
CA Technologies Italia
 
PPTX
Chapter 4
NorazlinaAbdullah4
 
PPTX
Cyber security
SanthoshKumar2614
 
PPTX
ANDROID SECURITY
yogeshraut090
 
PDF
Eventure mobile app
Roel Frissen, Parthen
 
PDF
Cloud based Anti-Theft Application for Android Devices: A Literature Review
IJSRD
 
ODP
Mobile Apps Security Testing -1
Krisshhna Daasaarii
 
PDF
Viruses on mobile platforms why we don't/don't we have viruses on android_
Jimmy Shah
 
PDF
Biometrics - The Future of Authentication in the Banking Industry
Tony Chew
 
SecuSUITE for Enterprise Brochure
BlackBerry
 
Ambient Intelligence - Parham Beheshti
WithTheBest
 
Tips and Tricks for Building Secure Mobile Apps
TechWell
 
Challenges in Testing Mobile App Security
Cygnet Infotech
 
How BYOD Will Shape Wireless Network Security in 2012
hemantchaskar
 
Mobilination Ntymoshyk Personal Mobile Security Final Public
Tjylen Veselyj
 
Motorola Cell Phone Accessories
ESource Parts
 
Biometric Technology
Tony Chew
 
Mobile security
priyanka pandey
 
SYPHERSAFE
Mustafa Kuğu
 
CTO Cybersecurity Forum 2013 David Turahi
Commonwealth Telecommunications Organisation
 
Ca partner day - cloud e mobile security - milano
CA Technologies Italia
 
Chapter 4
NorazlinaAbdullah4
 
Cyber security
SanthoshKumar2614
 
ANDROID SECURITY
yogeshraut090
 
Eventure mobile app
Roel Frissen, Parthen
 
Cloud based Anti-Theft Application for Android Devices: A Literature Review
IJSRD
 
Mobile Apps Security Testing -1
Krisshhna Daasaarii
 
Viruses on mobile platforms why we don't/don't we have viruses on android_
Jimmy Shah
 
Biometrics - The Future of Authentication in the Banking Industry
Tony Chew
 
Ad

Viewers also liked (13)

PPT
Changing trends in sw development
avniS
 
DOC
1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus
Vegi Laten
 
DOC
atul_resume
atulweb
 
PPT
Transaction unit1 topic 2
avniS
 
PDF
Debashis banerjee cloud_is_as_secure
debashisb
 
PPTX
Is there a Golden Ratio? Test Specialist to Developer in an Agile team
debashisb
 
PPT
Section 3 resistive circuit analysis ii
midgettossing
 
PPT
Locks with updt nowait
avniS
 
PPT
Normalization
avniS
 
PPT
Overview of query evaluation
avniS
 
PPT
Multivalued dependency
avniS
 
PPT
Sequences
avniS
 
PPT
Locking unit 1 topic 3
avniS
 
Changing trends in sw development
avniS
 
1102700 laporan jobsheet 1 - vegi laten haju embulni sanyus
Vegi Laten
 
atul_resume
atulweb
 
Transaction unit1 topic 2
avniS
 
Debashis banerjee cloud_is_as_secure
debashisb
 
Is there a Golden Ratio? Test Specialist to Developer in an Agile team
debashisb
 
Section 3 resistive circuit analysis ii
midgettossing
 
Locks with updt nowait
avniS
 
Normalization
avniS
 
Overview of query evaluation
avniS
 
Multivalued dependency
avniS
 
Sequences
avniS
 
Locking unit 1 topic 3
avniS
 
Ad

Similar to Debashis banerjee mobile_webappintrosecurity (20)

PPTX
Securing mobile population for White Hats
Vladimir Jirasek
 
PPTX
Enterprise Mobile Security
HP Enterprise Security
 
PDF
Be A Mobile Design Hero: Transform Your Web Design Knowledge Into Mobile Desi...
Vinny Wu
 
PPT
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
IBM Danmark
 
PDF
Securing Mobile Apps: New Approaches for the BYOD World
Apperian
 
PDF
Mobile Application Security
Dirk Nicol
 
PPTX
SMART PHONE
kaushalDesai22
 
PDF
Pharma times mobile[2]
Doctors.net.uk
 
PDF
C0c0n 2011 mobile security presentation v1.2
Santosh Satam
 
PDF
35602787 mobile-application-testing
praveen kumar yechuri
 
PDF
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
Software Park Thailand
 
PDF
Lotusphere 2012 - Harnessing the Power of Enterprise Mobility
Robert Sutor
 
PDF
All about apps
getsocialize
 
PDF
Online information conference 2011
Paul Golding
 
PPT
Mobile Apps Security
Xavier Mertens
 
PDF
The Enterprise Goes Mobile
Connected-Blog
 
PPTX
Mobile – Adoption and Adaption in 2012
Global Business Events - the Heart of your Network.
 
PDF
Palm Pre User Guide
Content Rules, Inc.
 
PDF
Mobile Apps for Business Productivity The Circuit
The Circuit
 
PDF
How to scale enterprise mobility and improve roi
Apperian
 
Securing mobile population for White Hats
Vladimir Jirasek
 
Enterprise Mobile Security
HP Enterprise Security
 
Be A Mobile Design Hero: Transform Your Web Design Knowledge Into Mobile Desi...
Vinny Wu
 
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
IBM Danmark
 
Securing Mobile Apps: New Approaches for the BYOD World
Apperian
 
Mobile Application Security
Dirk Nicol
 
SMART PHONE
kaushalDesai22
 
Pharma times mobile[2]
Doctors.net.uk
 
C0c0n 2011 mobile security presentation v1.2
Santosh Satam
 
35602787 mobile-application-testing
praveen kumar yechuri
 
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
Software Park Thailand
 
Lotusphere 2012 - Harnessing the Power of Enterprise Mobility
Robert Sutor
 
All about apps
getsocialize
 
Online information conference 2011
Paul Golding
 
Mobile Apps Security
Xavier Mertens
 
The Enterprise Goes Mobile
Connected-Blog
 
Mobile – Adoption and Adaption in 2012
Global Business Events - the Heart of your Network.
 
Palm Pre User Guide
Content Rules, Inc.
 
Mobile Apps for Business Productivity The Circuit
The Circuit
 
How to scale enterprise mobility and improve roi
Apperian
 

Recently uploaded (20)

PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Cloud computing and distributed systems.
kkkkkhan
 
Approach and Philosophy of On baking technology
30anthuong17
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 

Debashis banerjee mobile_webappintrosecurity

  • 2. Who are they and how are they changing our world? Pic: Free Lib: http://office.microsoft.com/en-us/images
  • 3. Today’s Agenda  What is Mobile Web  What is Mobile App  Mobile Web and App Ecosystem  Inside the Mobile  Security in Mobile Web  Security in Mobile App  The Pyramid of Safety
  • 4. What is Mobile Web and Apps  Mobile Web  Mobile Apps  Android  iOS  Windows Mobile
  • 5. On Premise or Off Premise Physical Access (internal/third party) Enterprise Security Software Web Developers Web Servers App Stores The Network App Developers On Premise or Off Premise Enterprise Security Software Mobile Web And Mobile On device App Ecosystem – The phone Security Perspective Security Software Phone User
  • 6. Inside the Mobile 6 Wireless RF Microphone (e.g. GSM,CDMA) SIM Cards RAM Browser or ROM OS Native Apps Calender Pictures Phone Book Or Mail, SMS Videos Keyboard Speaker Access Battery Power Supply
  • 7. Security in Mobile web  Decide on Device Class  What is stored where? – cookies, passwords?  Encryption – Off and on wire, Data & meta data  Multi Factor Auth  Anti Virus  Intrusion Detection /Prevention  Web Threats …SQL Injection, Cross Site Forgery
  • 8. Security in Mobile web - Continued  PCI DSS  Identity , Previlidge and Access  Sign in vs Sign off  Logical and Physical Security  Trusted/Untrusted Access/URLs  Impact of Non Standard OSs
  • 9. Security in Mobile app  Security and Hosting Guidelines per app platform  Signed Apps  Marketplace security  App to desktop sync risks  Who reviewed the app?  Security Ratings  Install and Run previlidges of apps
  • 10. Security in Mobile app - continued  Remote Clean  Access to areas of the phone  Second Factor Auth  Sandboxes  Physical Security  Security as a Service
  • 11. The Pyramid of Safety 11 Safe Internet /App usage practices Web Site Security/App Security Browser Security/Web App Store Security Network and on device Security (anti virus /Identity/Access/Privilege Management) Physical Security – device and server
  • 12. In Summary  Mobile Web and Apps are going to significantly impact our browsing experiences  Know the ecosystem they work in  Security aspects  The pyramid of Safety
  • 13. The changed world is here !!!!! Pic: Free Lib: http://office.microsoft.com/en-us/images