Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.
-
Upload
reynold-chandler -
Category
Documents
-
view
219 -
download
0
Transcript of Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.
![Page 1: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/1.jpg)
Identity and Access
IDGo Secure Email (ISE) for Android
Didier BonnetApril 2015
![Page 2: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/2.jpg)
Emails are a Priority for Enterprises
2
Forrester, December 2011
Mobile Enterprise, December 2014
![Page 3: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/3.jpg)
Main Requirements Addressed
3
![Page 4: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/4.jpg)
Mobile OS Market Share Evolution in Q3 2014
4
![Page 5: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/5.jpg)
Adoption of the OS by the Enterprises
Footer, 20xx-xx-xx5
Mobile Enterprise, December 2014
![Page 6: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/6.jpg)
6
Secure Elements Now and Future
MicroSD
UICC TEE
eSE
Badge via contact reader
As of today: 10 Million Gemalto smartcard active
users20 Million 3rd party smartcard active users
Next 2 years:Prototypes in progress
Badge via NFC
Semi-detached
credentials
Semi-detached
credentials
Embedded credentialsEmbedded credentials
Smart card on a stick
Badge via Bluetooth reader
Detached credentialsDetached
credentials
In 2 - 5 years:Next generation of handsets BYOD/ mobile desktop will increase needs for Secure Elements
Secure Element adoption over the time
![Page 7: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/7.jpg)
IDGo 800 Middleware and SDK
7
NFC driver NFC driver USB OTG (*) driver
USB OTG (*) driver
PKI Crypto Layer API PKI Crypto Layer API
Test toolsTest tools
OTP APIOTP API
33rdrd party client applications party client applications33rdrd party client applications party client applicationsM
iddl
ewar
e
SD
K
IDPrime Secure Elements
TEE (*)
PC-SC like APIPC-SC like API
(*) OTG: On-The-Go = USB Master TEE: Trusted Execution Environment
BlueTooth driver
BlueTooth driver
Other Secure Elements
Other Secure Elements
Other APIsOther APIs
![Page 8: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/8.jpg)
Supported Readers and Tokens on Android
8
USB On-The-Go port (= USB Master )
orBlueTooth
USB Female – Micro USB adaptor or cable
BHXT and Feitian readers
USB tokens & IDBridge K3000
PC-Link readers
Micro USB cable
![Page 9: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/9.jpg)
IDGo Secure Email
Native Email applications:Native Email clients are not designed with security in mind:
Emails and attached documents are in clear text
Encrypted or signed emails cannot be read User credentials can be easily discovered
IDGo Secure Email features: Encryption of emails and User credentials Digital signature Strong authentication of the user
12
![Page 10: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/10.jpg)
Value Proposition
For enterprises and governments who want to secure their emails, IDGo Secure Email is a state-of-the-art application for Android that signs, encrypts and decrypts the professional emails based on Extended ActiveSync (EAS) and S/MIME protocols. Thanks to the IDGo 800 middleware, it addresses all the Gemalto hardware Secure Elements and benefits from their unequaled security level.
1010
For BYOD environments, IDGo Secure Email also manages the private emails following the standard public POP3, SMTP and IMAP4 protocols.
![Page 11: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/11.jpg)
ISE Security Features
S/MIME email signature and encryption
Encryption algorithms: 3DES, AES256, RSA
Signature algorithms: MD5, SHA1, SHA256, SHA512, RSA
11 11
Gemalto middleware and Secure ElementsIDGo 800 for Android and associated readers: USB, NFC, BLE, µSDIDPrime MD, .NET and PIV PKI applets
SSL / TLS communication with the server
![Page 12: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/12.jpg)
More Features and Benefits
Microsoft Exchange ActiveSync (EAS) protocol
Synchronization of Contacts and Calendar
Push or periodical email synchronization, SSL / TLS communication
Compliant with Outlook, Thunderbird and other standard email apps
S/MIME email signature and encryption
Crypto algorithms: 3DES, AES256, RSA, MD5, SHA1, SHA256, SHA512
PKI certificates managementLocal validation with the CA, revocation by CRL
Certificates retrieved from validated emails, (multi) LDAP and EAS server
POP3, IMAP4 and SMTP email protocols for BYOD usage
Multi accounts, mailboxes and folders, combined mailbox
HTML or plain text email format, Group and Search emails, Remote Wipe, Root detection
12 12
![Page 13: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/13.jpg)
What is Exchange ActiveSync?
EAS is a communication protocol that synchronizes emails, calendars, contacts and tasks between email servers and mobile client applications
It also provides some Mobile Device Management (MDM) features and security policy controls
It is based on XML and HTTP(S) protocols
More details…
EAS is licensed by
Microsoft is the main provider of EAS compliant email servers
EAS is supported by Windows Phone, Android, iOS, BB, Gmail, Google Apps, Office 365, Lotus Notes
13
![Page 14: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/14.jpg)
What is S/MIME?
Secure / Multipurpose Internet Mail Extensions Standard protocol based on X509 PKI certificatesDescribed by several specifications: RFC 3851, 5751, 5652Present version is S/MIME v3.2
Insures compatibility between the various email applications and servers
Main applications Outlook, Mozilla Thunderbird, MacOS Mail, Gmail, OWA
Main email server: Microsoft Exchange Active Sync (EAS)
14
S/MIME specifies the email Digital Signature and encryption / decryption
![Page 15: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/15.jpg)
S/MIME Signature more details
15
Note: The signed emails can be sent in clear or opaque (base64 encoded) format. Opaque format prevents the risk of wrong signature verification due to some automatic conversion of the text, but requires a S/MIME compliant email app.
![Page 16: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/16.jpg)
S/MIME Encryption and Decryption more details
16
![Page 17: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/17.jpg)
Basic Operations
17
Email edition
Input mailbox
![Page 18: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/18.jpg)
Wide Settings Capabilities
18
![Page 19: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/19.jpg)
More details on our webpage
19
![Page 20: Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.](https://reader036.fdocuments.in/reader036/viewer/2022081513/56649d305503460f94a08009/html5/thumbnails/20.jpg)
Thank you!