41
Dominik Helleberg | inovex GmbH Android-Enterprise- Integration

Android Enterprise Integration

Embed Size (px)

DESCRIPTION

 

Citation preview

Page 1: Android Enterprise Integration

Dominik Helleberg | inovex GmbH

Android-Enterprise-Integration

Page 2: Android Enterprise Integration

Dominik Helleberg

Mobile Development

Android

HTML5

http://dominik-helleberg.de/+

http://twitter.com/_cirrus_

Page 3: Android Enterprise Integration

Agenda

• Intro

• Enterprise Apps / Anwendungen

• Connectivity

• Security

• Device Management

• Distribution

Page 4: Android Enterprise Integration

Consumer <-> Enterprise

Page 5: Android Enterprise Integration

Bring your own...

Page 6: Android Enterprise Integration

Apps!

Kalender

Email

Chat

Groupware

Adressbuch

NewsSelfcare

HR

BI-ReportsSocial

Dokumentenmanagement

Page 7: Android Enterprise Integration

Enterprise App?

• Angepasste / optimierte– Funktion

– GUI

– Logik

– Autorisierung / Authentifizierung

– Distribution

– Sicherheitsfunktion

Page 8: Android Enterprise Integration

Android: Open Source

Browser

Calendar

Contacts

Email / Exchange

http://source.android.com/packages/apps/

Page 9: Android Enterprise Integration

Connectivity

Page 10: Android Enterprise Integration

SSL

• Automatische Validierung wenn root-Zertifikat bekannt ist

• Manueller Import über Dateisystem• Trust-All-Hack

• Zertifikat in App einbetten

Page 11: Android Enterprise Integration

SSL

• Zertifikat in App einbetten

APK

Applikation

Cert

APK

Applikation

Cert

APK

Applikation

Cert

APK

Applikation

Cert

Page 12: Android Enterprise Integration

Keystore

SSL

• Zentraler Keystore zur Verwaltung von Zertifikaten

APK

Applikation

Cert

APK

Applikation

APK

Applikation

Cert

Page 13: Android Enterprise Integration

VPN

• PPTP• L2PT• L2PT mit IPSec und Pre-Shared-Key• L2PT mit IPSec und Zertifikat

Page 14: Android Enterprise Integration

VPN

APK

ApplikationVPN

VPNVPN

Client

Config

ConfigAPK

Applikation

APK

Applikation

Server

Server

Page 15: Android Enterprise Integration

VPN

• Cisco?

• Auto-Konfiguration?

• Applikations-spezifische Konfiguration?

Page 16: Android Enterprise Integration

VPN

• PPTP• L2PT mit IPSec und Pre-Shared-Key• L2PT mit IPSec und RSA• IPSec Xauth PSK• IPSec Xauth RSA• IPSec Hybrid RSA

Page 17: Android Enterprise Integration

VPN-API

APK

ApplikationVPN

VPN

VPN Service

Config

APK

Applikation Server

Server

Config

Page 18: Android Enterprise Integration

VPN-API

Page 19: Android Enterprise Integration

SECURITY

Page 20: Android Enterprise Integration

Protect Components

Activity, Service, ContentProvider

<service android:name="DemoService"

android:exported="false" ></service>

Page 21: Android Enterprise Integration

Protect Components*mercury#service> info --filter de.

Package name: de.inovex.mobi.secdemoService: de.inovex.mobi.secdemo.DemoService

*mercury#service> start --component de.inovex.mobi.secdemo de.inovex.mobi.secdemo.DemoService

Service started with Intent { cmp=de.inovex.mobi.secdemo/.DemoService } - de.inovex.mobi.secdemo/de.inovex.mobi.secdemo.DemoService

*mercury#service>

Page 22: Android Enterprise Integration

Local Broadcasts

Android Compatibility Lib:

LocalBroadcastManager.getInstance(this).sendBroadcast(intent));

Page 23: Android Enterprise Integration

Verschlüsselung

• Schutz vor– anderen Applikationen

• Android Security ?• Rooted devices are the root of all evil...

– externem Zugriff• Gerät verloren?

Page 24: Android Enterprise Integration

Verschlüsselung

• Dateien (z.B. externer Speicher):– Manuell (z.B. javax.crypto )

• SQLite

Page 25: Android Enterprise Integration

Verschlüsselung

• Encrypt-Storage feature– Über Device-Policies anfordern

– Verschlüsselt /data

– Performance leidet

Page 26: Android Enterprise Integration

Device Policies

• Definieren lokale „Sicherheits-

Vorschriften“

• Applikationen können Vorschriften

anfordern, überwachen und setzen

• Applikationen können administrative

Funktionen ausführen

Page 27: Android Enterprise Integration

Device Policies

API Level 8 API Level 11 API Level 14

Wipe Data Expire Password Disable Camera

Reset Password Encrypt Storage

Limit Password

Force Lock

Watch Login

Page 28: Android Enterprise Integration

Device Policies

APK

Applikation

Policies

APK

Applikation

Policies

APK

Applikation

Policies

Android Framework

Device Policy Manager

System Services

Page 29: Android Enterprise Integration

Device Policies

Page 30: Android Enterprise Integration

DEVICE MANAGEMENT

Page 31: Android Enterprise Integration

Device Management

• Zentrale Verwaltung und Wartung

mobiler Endgeräte

• Überwachung & Kontrolle

sicherheitsrelevanter Funktionen

Page 32: Android Enterprise Integration

Device Management

Device Management Server

Mobile Device

DM-App

Admin Module

Control Module

Mobile Device

DM-App

Mobile Device

DM-App

Mobile Device

DM-App

GUI

Page 33: Android Enterprise Integration

Device Management Demo

Page 34: Android Enterprise Integration

DISTRIBUTION

Page 35: Android Enterprise Integration

DISTRIBUTION

APK

Applikation

APK

Applikation

APK

Applikation

Page 36: Android Enterprise Integration

Side Loading

• Verteilung über eigene

Server

• Updates und App

Directory?

Page 37: Android Enterprise Integration

Interner „Market“

App Distribution Server

App Directory

Crash reports

Mobile Device

App Market

App Repository

Package Manager

Adm

in

GUI

App

App

App

Reports

Page 38: Android Enterprise Integration

Do It Yourself!

Page 39: Android Enterprise Integration

Credits

http://farm6.staticflickr.com/5271/5874024242_3564c94c0e_b.jpg

http://farm6.staticflickr.com/5271/5874024242_3564c94c0e_b.jpg

http://www.flickr.com/photos/automaciej/203064118/sizes/l/in/

photostream/

http://www.flickr.com/photos/automaciej/203064118/sizes/l/in/

photostream/

Page 40: Android Enterprise Integration

Links

http://android-developers.blogspot.com/2012/03/unifying-key-store-access-in-ics.html

http://www.google.com/events/io/2011/sessions/taking-android-to-work.html

http://source.android.com

http://labs.mwrinfosecurity.com/tools/2012/03/16/mercury/

Page 41: Android Enterprise Integration

DANKE!

http://inovex.mobi/mtc2012-e/


Mixpanel Integration in Android

Mixpanel Integration in Android

Technology
For Android 6.0.1 Enterprise Mobility

For Android 6.0.1 Enterprise Mobility

Documents
Helpshift Integration with Android

Helpshift Integration with Android

Technology
MobileIron Core UEM 10.5 Knox Platform for Enterprise · Android Enterprise: BYOD (Work Profile) 10 Android Enterprise BYOD Deployment To enroll a device in the Android Enterprise

MobileIron Core UEM 10.5 Knox Platform for Enterprise · Android Enterprise: BYOD (Work Profile) 10 Android Enterprise BYOD Deployment To enroll a device in the Android Enterprise

Documents
Android Design Integration

Android Design Integration

Design
Enterprise Application Integration (EAI) 2007 Brochure.pdf · Enterprise Application Integration (EAI) Market ... Enterprise Application Integration Market ... Packaged applications

Enterprise Application Integration (EAI) 2007 Brochure.pdf · Enterprise Application Integration (EAI) Market ... Enterprise Application Integration Market ... Packaged applications

Documents
Enterprise Integration Patterns with Spring integration!

Enterprise Integration Patterns with Spring integration!

Presentations & Public Speaking
Continuous integration for Android

Continuous integration for Android

Technology
Android Enterprise Setup Guide v2

Android Enterprise Setup Guide v2

Documents
Local BroadcastManager Integration for Android app

Local BroadcastManager Integration for Android app

Documents
Continuous Integration in android

Continuous Integration in android

Technology
Android System Integration (SJU 2010.04)

Android System Integration (SJU 2010.04)

Documents
Android enterprise application development

Android enterprise application development

Technology
Enterprise Application Integration Björn Eilers Enterprise Application Integration Message oriented Middleware

Enterprise Application Integration Björn Eilers Enterprise Application Integration Message oriented Middleware

Documents
Mobile First Notice of Loss: Web Service- Based Enterprise ... · Mobile First Notice of Loss: Web Service-Based Enterprise Integration of the Android Platform Oliver Baecker 1,3,

Mobile First Notice of Loss: Web Service- Based Enterprise ... · Mobile First Notice of Loss: Web Service-Based Enterprise Integration of the Android Platform Oliver Baecker 1,3,

Documents
Enterprise Integration

Enterprise Integration

Documents
Android Enterprise provisioning guide

Android Enterprise provisioning guide

Documents
Section 10 Enterprise Application Integration Section 10 Enterprise Application Integration

Section 10 Enterprise Application Integration Section 10 Enterprise Application Integration

Documents
Wonderware Enterprise Integration Application Enterprise Integration Application... · Wonderware Enterprise Integration Application Page 3 Wonderware’s Enterprise Integration Application

Wonderware Enterprise Integration Application Enterprise Integration Application... · Wonderware Enterprise Integration Application Page 3 Wonderware’s Enterprise Integration Application

Documents
Enterprise Operations Overview EGN 5622 Enterprise Systems Integration Spring, 2015 Enterprise Operations Overview EGN 5622 Enterprise Systems Integration

Enterprise Operations Overview EGN 5622 Enterprise Systems Integration Spring, 2015 Enterprise Operations Overview EGN 5622 Enterprise Systems Integration

Documents
Enterprise Integration with Spring Integration · Enterprise Integration with Spring Integration Agim Emruli SpringSource 8100. 2 ... System Failures 4. 5 Intolerant Systems. Enterprise

Enterprise Integration with Spring Integration · Enterprise Integration with Spring Integration Agim Emruli SpringSource 8100. 2 ... System Failures 4. 5 Intolerant Systems. Enterprise

Documents
Integration beyond the Enterprise - mqug.org.uk - ESB04 - Integration... · Integration beyond the Enterprise ... Application Integration (application) ... cloud, using IBM, partner,

Integration beyond the Enterprise - mqug.org.uk - ESB04 - Integration... · Integration beyond the Enterprise ... Application Integration (application) ... cloud, using IBM, partner,

Documents
Android Enterprise Fully managed device

Android Enterprise Fully managed device

Documents
Enterprise Integration with Spring Integration - Jazoonjazoon.com/history/Portals/0/Content/ArchivWebsite/jazoon.com/... · to solve common Enterprise Integration ... Systems. Enterprise

Enterprise Integration with Spring Integration - Jazoonjazoon.com/history/Portals/0/Content/ArchivWebsite/jazoon.com/... · to solve common Enterprise Integration ... Systems. Enterprise

Documents
Continues Integration for Android

Continues Integration for Android

Mobile
Android Continuous Integration

Android Continuous Integration

Documents
Paypal integration tutorial for Android Apps

Paypal integration tutorial for Android Apps

Documents
XMPP Integration for Android Apps

XMPP Integration for Android Apps

Documents
Android in the Enterprise

Android in the Enterprise

Documents
Android Enterprise Migration Bluebook

Android Enterprise Migration Bluebook

Documents