Upload
samsung-at-work
View
367
Download
4
Tags:
Embed Size (px)
DESCRIPTION
Jae Shin and Neil Barclay present the evolution of Samsung KNOX™ at our Business Discovery Day in London.
Citation preview
Security MattersThe Evolution of Samsung KNOXJAE SHINVICE PRESIDENT, KNOX BUSINESS GROUPSAMSUNG ELECTRONICS
CONSUMER EMPOWERM
ENT
INNOVATION AND SPEED
CUSTOMER DISCOVERY
KEY CHALLENGES
Security
Privacy Usability
Manageability
Choice
Cost
The Secure Enterprise Mobile Platform
THE BIRTH OF SAMSUNG KNOX
THE EVOLUTION OF SAMSUNG KNOX
Samsung KNOX-enabled devices
users have activated
Resellersnow sell
Device models in 230 coun-
tries
Create SecurityPlatform
Assertive
Evolve Capabilities
Proactive
Adaptto Threats
Responsive
Pursue Compliance
Authoritative
EngageEcosystem
Collaborative
+ 63M +1.9m + 120 +24
The Power of Customer Discovery
Security MattersThe Evolution of Samsung KNOXNEIL BARCLAYSENIOR B2B PRODUCT MANAGER,SAMSUNG MOBILE EUROPE
INTRODUCING Samsung KNOX SECURITY BUILT FROM THE GROUND UP
Android Stack
Application Layer
Android Framework
Android OS
Linux Kernel
Boot Loader
Hardware TrustZone
Samsung KNOXSamsung KNOX Con-
tainerSamsung KNOX Android Frame-
work
SE for Android
Trusted Boot
Secure Boot
TIMA TrustZone-protected Client Certificate Mgmt.TrustZone-protected KeyStoreTrustZone-protected ODEReal-time Kernel ProtectionTrustZone-based remote attestation
530+ IT-policies & 1300+ APIs for MDMGeneric VPN/SSO FrameworkTwo Factor AuthenticationSE for Android Management Service
Enhancements in Samsung KNOX Improved Samsung KNOX Container
Core platform service for generating and maintaining cryptographic certificates
Enables the device to act as a SmartCard and it’s reader
Benefits: More secure certificate management for service such as WiFi, VPN, HTTPs, SSL, Email.
SAMSUNG KNOX SECURITYTRUSTZONE-PROTECTED CLIENT CERTIFICATE MGMT.
PKCS #11
Interface
TrustZone
Encryption
Core platform service for generating and maintaining cryptographic key
Benefits: Key storage (not necessarily managed) inside TrustZone
SAMSUNG KNOX SECURITYTRUSTZONE-PROTECTED KEYSTORE
StandardAndroid
KeyStore API
TrustZone
Encryption
DRM Services
PaymentsCommerc
eEnterpris
e
SE for android for 3rd party container (i.e Good Technology, Mobileiron, Fixmo)
Domains are only activated on demand and verified by certificate
Benefits: 3rd party applications secured by SELinuxThe APIs to use SEAMS1) are available to partners
SAMSUNG KNOX SECURITYSE FOR ANDROID MGMT. SERVICE
1) SE for Android Management Service
SEAMS API
SELinux Domain SELinux Domain
KNOX SE for Android
Samsung Container
3rd Party Container
Samsung Agent 3rd Party Agent
The Power of Customer Discovery
SaaSApplications
AzureActive
Directory
ActiveDirectory Cloud Management
Single Sign-On
SAMSUNG KNOX EMMCLOUD BASED MDM & IAM
Cloud One Stop Shop
Security& Privacy
Manageability &Usability
Cost & Choice