Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ......
Transcript of Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ......
![Page 1: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/1.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. Copyright© 1995-2016 SAMSUNG. All rights reserved.
Samsung KNOX SDKs:
More than Security!
Victor Okunev SEAP Developer Evangelist
Samsung Electronics
![Page 2: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/2.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 2
Introduction
Hello! My name is Victor Okunev.
• Developer Evangelist • Vancouver Enterprise Lab
• Samsung Electronics Canada
• Email: [email protected]
![Page 3: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/3.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 3
Agenda Webinar Duration: 1 hour
1. Presenter Introduction
2. Samsung KNOX Platform
3. KNOX Standard SDK • Key Features
4. KNOX ISV SDK • Key Features
5. Introduction to SEAP
![Page 4: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/4.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 4
Mobile software requirements
Consumer vs Business
• Performance
• UX
• Security
• Scalability
• Generic platform
• all that… but
• Hardened Security
• Manageability
• Customization
• Best-suited platform
• No can do:
![Page 5: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/5.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 5
Samsung KNOX Platform
Tamper-resistant HW/SW Security Stack
• Built into Samsung Galaxy devices • Hardware Root of Trust
• Boot-time system integrity
• OS-level data and app protection
• Run-time kernel integrity
• Integrity-based security services
• Secure application and data container
• Includes Samsung APIs • SDKs are provided free of charge
• In-code license activation required
![Page 6: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/6.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 6
Samsung KNOX Security Certifications
https://www.samsungknox.com/en/security-certifications
CANADA
USA
UK
FRANCE
CHINA
AUSTRALIA
![Page 7: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/7.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 7
Samsung KNOX SDKs
![Page 8: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/8.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 8
KNOX Standard SDK
![Page 9: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/9.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 9
Mobile Device Management 101
What is a device policy?
![Page 10: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/10.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 10
Advanced MDM APIs for Android
KNOX Standard SDK
• Integrated with Samsung KNOX Platform
• 430+ device policies • App Management, HW/SW Component
Management, Expense Management, Security Management, Inventory monitoring, Services Provisioning, etc.
• Used in 120+ MDM products
![Page 11: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/11.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 11
KNOX Standard SDK: Core Features
Voice/Data Management
Location-based Services
Customized Device Mode
Device Inventory Help Desk
Application Management
Lock Screen
Remote Control
Kiosk Mode
App Control
Geo fencing
Roaming Phone
App Permissions
Location
Inventory
Remote Configuration
HW / SW Component Management
Security Management
Bluetooth
APN
Email Android VPN
Exchange
Firewall
LDAP
Password Security
Wi-Fi
Backup
Restrictions
Date and Time Settings
SSO
Browser
Multi User
Per user polices Per device polices
![Page 12: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/12.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 12
KNOX Standard SDK: Core Features
Voice/Data Management
Location-based Services
Customized Device Mode
Device Inventory Help Desk
Application Management
Lock Screen
Remote Control
Kiosk Mode
App Control
Geo fencing
Roaming Phone
App Permissions
Location
Inventory
Remote Configuration
HW / SW Component Management
Security Management
Bluetooth
APN
Email Android VPN
Exchange
Firewall
LDAP
Password Security
Wi-Fi
Backup
Restrictions
Date and Time Settings
SSO
Browser
Multi User
Per user polices Per device polices
![Page 13: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/13.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 13
Application Management
KNOX Standard SDK
• API examples • Silent install/uninstall of applications
• Restrict installation and un-installation of applications
• Disable and enable applications
• Use case example: POS system • Silently push an app update
• No user interaction required
• Even with extra new permissions
• Download an APK from your server
![Page 14: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/14.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 14
KNOX Standard SDK: Core Features
Voice/Data Management
Location-based Services
Customized Device Mode
Device Inventory Help Desk
Application Management
Lock Screen
Remote Control
Kiosk Mode
App Control
Geo fencing
Roaming Phone
App Permissions
Location
Inventory
Remote Configuration
HW / SW Component Management
Security Management
Bluetooth
APN
Email Android VPN
Exchange
Firewall
LDAP
Password Security
Wi-Fi
Backup
Restrictions
Date and Time Settings
SSO
Browser
Multi User
Per user polices Per device polices
![Page 15: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/15.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 15
Customized Device Mode
KNOX Standard SDK
• API examples • Customize Home screen
• Disable Settings changes
• Customize device lock screen with client's company logo
• Use case example: In-room hospitality devices • Minimize the device environment
• To prevent guest from misconfiguring it
• Provide access to relevant apps only
• Simplify the OS experience for non-Android users
KIOSK MODE
Calculator Contacts
Calendar Camera
Hidden
Notification
Bar
No default
Applications
Disable
Menu key
Custom
Wallpaper
Custom
Applications
Disable
Soft keys
Disable Hardware keys
![Page 16: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/16.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 16
KNOX Standard SDK: Core Features
Voice/Data Management
Location-based Services
Customized Device Mode
Device Inventory Help Desk
Application Management
Lock Screen
Remote Control
Kiosk Mode
App Control
Geo fencing
Roaming Phone
App Permissions
Location
Inventory
Remote Configuration
HW / SW Component Management
Security Management
Bluetooth
APN
Email Android VPN
Exchange
Firewall
LDAP
Password Security
Wi-Fi
Backup
Restrictions
Date and Time Settings
SSO
Browser
Multi User
Per user polices Per device polices
![Page 17: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/17.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 17
Location-Based Services
KNOX Standard SDK
• API examples • Define Polygonal, Circular, and Linear geofences
• Apply specific behavior based on the device location
• Configure frequency of GPS location querying
• Based on time and distance
• Use case example: Preventing data leakage from restricted area
• Detect when device enters the geofence
• Disable camera and Bluetooth on the device
• Detect when device leaves the geofence
• Restore device and Bluetooth functionality
Main gate
![Page 18: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/18.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 18
KNOX Standard SDK: Core Features
Voice/Data Management
Location-based Services
Customized Device Mode
Device Inventory Help Desk
Application Management
Lock Screen
Remote Control
Kiosk Mode
App Control
Geo fencing
Roaming Phone
App Permissions
Location
Inventory
Remote Configuration
HW / SW Component Management
Security Management
Bluetooth
APN
Email Android VPN
Exchange
Firewall
LDAP
Password Security
Wi-Fi
Backup
Restrictions
Date and Time Settings
SSO
Browser
Multi User
Per user polices Per device polices
![Page 19: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/19.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 19
Help Desk: Remote Control
KNOX Standard SDK
• API examples • Inject touch events
• Inject hardware key events
• Access the frame-buffer to capture the screen content
• Use case example: Customer support • Need to take control of the device
• Via standard VNC client
• Build a mobile VNC server
• No device rooting required!
• The user assistance is not needed
Device Screen Sharing
Keyboard/ Mouse Event Sharing
![Page 20: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/20.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 20
KNOX Standard SDK: Core Features
Voice/Data Management
Location-based Services
Customized Device Mode
Device Inventory Help Desk
Application Management
Lock Screen
Remote Control
Kiosk Mode
App Control
Geo fencing
Roaming Phone
App Permissions
Location
Inventory
Remote Configuration
HW / SW Component Management
Security Management
Bluetooth
APN
Email Android VPN
Exchange
Firewall
LDAP
Password Security
Wi-Fi
Backup
Restrictions
Date and Time Settings
SSO
Browser
Multi User
Per user polices Per device polices
![Page 21: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/21.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 21
Security Management
KNOX Standard SDK
• API examples • Configure firewall rules to allow, block, and reroute
traffic, based on app or server identity
• Configure HTTP proxy
• Encrypt SD Card
• Install user & CA certificates
• Force user to change device password
• Use case example: Restricted data usage • Allow business app only to use mobile network
• The rest of the apps can access data over Wi-Fi
• The user can't bypass this restriction
![Page 22: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/22.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 22
KNOX Standard SDK: Core Features
Voice/Data Management
Location-based Services
Customized Device Mode
Device Inventory Help Desk
Application Management
Lock Screen
Remote Control
Kiosk Mode
App Control
Geo fencing
Roaming Phone
App Permissions
Location
Inventory
Remote Configuration
HW / SW Component Management
Security Management
Bluetooth
APN
Email Android VPN
Exchange
Firewall
LDAP
Password Security
Wi-Fi
Backup
Restrictions
Date and Time Settings
SSO
Browser
Multi User
Per user polices Per device polices
![Page 23: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/23.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 23
HW/SW Component Management
KNOX Standard SDK
• API examples • Disable Wi-Fi, Bluetooth, NFC, SD Card
• Disallow factory reset
• Detect SIM change
• Disable tethering
• Perform full backup of application data
• Use case example: Fleet management solution • Force the GPS On
• No user confirmation is required
• Prevents user from turning the GPS Off
![Page 24: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/24.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 24
KNOX Standard SDK: Core Features
Voice/Data Management
Location-based Services
Customized Device Mode
Device Inventory Help Desk
Application Management
Lock Screen
Remote Control
Kiosk Mode
App Control
Geo fencing
Roaming Phone
App Permissions
Location
Inventory
Remote Configuration
HW / SW Component Management
Security Management
Bluetooth
APN
Email Android VPN
Exchange
Firewall
LDAP
Password Security
Wi-Fi
Backup
Restrictions
Date and Time Settings
SSO
Browser
Multi User
Per user polices Per device polices
![Page 25: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/25.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 25
Remote Configuration
KNOX Standard SDK
• API examples • Control & configure Wi-Fi access points settings
• Configure Android VPN settings
• Create, update, and delete VPN profiles
• Provision accounts for MS Exchange ActiveSync, IMAP, and POP
• Use case example: Secure app traffic over untrusted data connections
• Detect if Wi-Fi is a trusted profile
• If so, disconnect corporate VPN to save VPN server load
• Otherwise the data connection is not trusted, enable VPN
![Page 26: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/26.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 26
Learn from Samsung Partner Solutions
https://seap.samsung.com/solution-briefs
![Page 27: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/27.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 27
KNOX ISV SDK
![Page 28: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/28.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 28
KNOX ISV SDK: Core Features
Device Integrity
Attestation
Data Security
Sensitive Data Protection (SDP)
Secure Credential Storage
Universal Credential Management (UCM)
![Page 29: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/29.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 29
KNOX ISV SDK: Core Features
Device Integrity
Attestation
Data Security
Sensitive Data Protection (SDP)
Secure Credential Storage
Universal Credential Management (UCM)
![Page 30: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/30.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 30
Device Attestation
KNOX ISV SDK
• API examples • Request trusted device measurements
• Use case example: Ensure device is not compromised before installing banking app
• Initiate attestation sequence
• Receive attestation verdict
• Whether device has been rooted or is running unofficial firmware
• If device is uncompromised, install the app
![Page 31: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/31.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 31
Device Attestation
TrustZone Attestation
Agent Your App
Your Server
Attestation Server
Get nonce 1
Get nonce Nonce generated and stored with timestamp
Nonce Start attestation (nonce)
2 Start attestation
(nonce) Attest (nonce)
Blob with nonce, Measurements,
device ID, signature and certificate
Attest (blob) Attest (blob)
3
Get verdict (nonce, blob)
Verify blob signature, certificates; parse blob data
Verdict (success/fail)
How it Works:
![Page 32: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/32.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 32
KNOX ISV SDK: Core Features
Device Integrity
Attestation
Data Security
Sensitive Data Protection (SDP)
Secure Credential Storage
Universal Credential Management (UCM)
![Page 33: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/33.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 33
Sensitive Data Protection (SDP)
KNOX ISV SDK
• API examples • Protect selected databases and database columns
• Protect selected application files
• Create custom SDP engine
• Use case example: Ensure protection of patient's confidential data even in the event of security breach on the device
• Mark application file as sensitive
• Choose SDP engine
• Default or custom
• Let SDP infrastructure to do the rest
![Page 34: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/34.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 34
Sensitive Data Protection (SDP)
How it Works:
Decrypted Encrypted
Power on Power off
Unlock state Lock state
Write
Read
![Page 35: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/35.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 35
KNOX ISV SDK: Core Features
Device Integrity
Attestation
Data Security
Sensitive Data Protection (SDP)
Secure Credential Storage
Universal Credential Management (UCM)
![Page 36: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/36.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 36
Universal Credential Management (UCM)
KNOX ISV SDK
• API examples • Query available credential storages on the device
• Check if the storage is locked
• Install certificates to credential storage (Used by Email, Browser, Wi-Fi, VPN)
• Use case example: Provide financial application with credential storage access:
• Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, and Common Access Card (CAC) smartcards from third-party vendors
• Do not create dependency on the vendor API
• Use generic API
• Take advantage of plugin architecture
![Page 37: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/37.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 37
Universal Credential Management (UCM)
How It Works:
Credential-consuming apps (Email, browser, WiFi, VPN, etc.)
Storage management apps
![Page 38: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/38.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 38
Where do I get Samsung B2B SDKs?
https://seap.samsung.com/
• SEAP – Samsung Enterprise Alliance Program
• Instant registration, start developing in minutes:
![Page 39: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/39.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. 39
Samsung Enterprise Alliance Program
Sales Support • Dedicated sales support from Samsung sales
network based on Business Opportunities
Co-Marketing Activities • Partner Promotion via Samsung online channels
• Co-branded marketing materials
• Samsung event participation
• SEAP Newsletter & Logo
Access Samsung’s technology • KNOX SDKs and licenses
• Technical Q&A ticket
• Priority technical support
• Technical consultants
Marketing
Sales
Tech
Support
![Page 40: Samsung KNOX SDKs: More than Security! SDKs More Than... · • Minimize the device environment ... • Ability to support Embedded Secure Elements, Micro SD cards, SIM cards, ...](https://reader033.fdocuments.in/reader033/viewer/2022051602/5aed0fde7f8b9a45568f1693/html5/thumbnails/40.jpg)
Copyright© 1995-2016 SAMSUNG. All rights reserved. Copyright© 1995-2016 SAMSUNG. All rights reserved.
Q&A and THANK YOU for your time.
Victor Okunev [email protected]