SlideShare una empresa de Scribd logo

Kerberos + Android: A Tale of Opportunity

wolfSSL
wolfSSL

Slides from Chris Conlon's presentation about yaSSL's work porting the CyaSSL embedded SSL library, the MIT Kerberos library, and the Kerberos GSS-API to the Android platform. To learn more, visit www.yassl.com.

TecnologíaEntretenimiento y humor
1 de 39
Descargar para leer sin conexión
Kerberos + Android A Tale of Opportunity Slide 1 / 39 © Copyright 2012 yaSSL
Platform Decisions The Statistics Slide 2 / 39 © Copyright 2012 yaSSL
Why Go Mobile? 80% of the world's population now has a mobile phone. ( 5 Billion Phones ) Slide 3 / 39 © Copyright 2012 yaSSL
Why Go Mobile? 21.6% Of those 80%, 1.08 Billion are smartphones. Slide 4 / 39 © Copyright 2012 yaSSL
Why Go Mobile? In the US: 60% 40% the ratio is even higher, with smartphones making up 40% of all mobile phones. Slide 5 / 39 © Copyright 2012 yaSSL
OK, well why Android? Slide 6 / 39 © Copyright 2012 yaSSL
Android? Reason 1: US Market Dominance iPhone 28% U.S. Android Smartphones == 40% (40%) Blackberry 19% Windows Mobile, 7% Windows Phone 7, 1% Other, 5% Slide 7 / 39 © Copyright 2012 yaSSL
Android? Reason 2: Consumer Popularity •  100 million activated Android devices (now 400,000 / day) •  200,000 apps in Android Market (4.5 billion activations to date) •  310 devices available to consumers (112 countries) Slide 8 / 39 © Copyright 2012 yaSSL
Android? Reason 3: Developer Popularity •  450,000 developers building for the platform! Slide 9 / 39 © Copyright 2012 yaSSL
Android. Meaning? •  Opportunity for increased Kerberos visibility •  Useful for Android and Kerberos developers •  Fun to see where the community takes it Slide 10 / 39 © Copyright 2012 yaSSL
Our Plan What we wanted to do. Slide 11 / 39 © Copyright 2012 yaSSL
Goals We wanted to fill a missing gap. 1.  Port Kerberos libraries to Android 2.  Port some C-based Kerberos client apps to Android kinit klist kvno kdestroy Slide 12 / 39 © Copyright 2012 yaSSL
Goals We wanted to spark community involvement. 3.  Build a sample Android NDK App (with a simple GUI) 4.  Give changes back to community Slide 13 / 39 © Copyright 2012 yaSSL
Action! What we did. Slide 14 / 39 © Copyright 2012 yaSSL
1. Crypto Implementation Slide 15 / 39 © Copyright 2012 yaSSL
Crypto Added new CyaSSL crypto implementation •  Kerberos crypto options: CyaSSL, OpenSSL, NSS, built-in Slide 16 / 39 © Copyright 2012 yaSSL
Crypto Added new CyaSSL crypto implementation •  CyaSSL is very portable Slide 17 / 39 © Copyright 2012 yaSSL
2. Porting Slide 18 / 39 © Copyright 2012 yaSSL
Android Port Kerberos Libraries + CyaSSL Android. •  Cross-compiled libraries for Android •  Created shell script for easy reproduction by developers Slide 19 / 39 © Copyright 2012 yaSSL
3. Android Application Slide 20 / 39 © Copyright 2012 yaSSL
Android App Simple sample NDK project Home Screen •  Single screen •  Uses JNI •  Wrapper around native client apps Slide 21 / 39 © Copyright 2012 yaSSL
Android App Simple sample NDK project kinit •  Gets a ticket using specified principal Slide 22 / 39 © Copyright 2012 yaSSL
Android App Simple sample NDK project klist •  Lists our tickets Slide 23 / 39 © Copyright 2012 yaSSL
Android App Simple sample NDK project kvno •  Gets a service ticket for the entered principal Slide 24 / 39 © Copyright 2012 yaSSL
Android App Simple sample NDK project klist after kvno •  Verify that we got a ticket Slide 25 / 39 © Copyright 2012 yaSSL
Android App Simple sample NDK project kdestroy •  Clear our ticket cache Slide 26 / 39 © Copyright 2012 yaSSL
Android App Notes •  Uses a keytab instead of passwords •  Storage locations have been chosen for convenience Can be easily modified to what the developer needs Currently at /data/local/kerberos Slide 27 / 39 © Copyright 2012 yaSSL
Android App License Type •  Application code will remain under the MIT license Slide 28 / 39 © Copyright 2012 yaSSL
4. GSS-API Wrapper Slide 29 / 39 © Copyright 2012 yaSSL
GSS-API Java Wrapper •  Provide Java bindings for developers to use •  Uses framework •  Wrapper around native Kerberos GSS-API library (Contains functionality found in gssapi.h) Slide 30 / 39 © Copyright 2012 yaSSL
GSS-API Java Wrapper 2 example clients: •  Android client functionality •  Stand-alone Java app for desktop use Slide 31 / 39 © Copyright 2012 yaSSL
GSS-API Integrated into sample app. Example Client •  Est. context with example server •  Send wrapped message, verify returned sig. block (gss_wrap, gss_verify_mic) •  Repeat #2, but with gss_seal, gss_verify •  Misc. API tests and exit. Slide 32 / 39 © Copyright 2012 yaSSL
GSS-API Integrated into sample app. Example Server •  Est. context with client •  Receive and unwrap a message from the client •  Generate & send signature block for received message Slide 33 / 39 © Copyright 2012 yaSSL
The Future What's happening next? Slide 34 / 39 © Copyright 2012 yaSSL
The Future Look to the Community. Availability •  Code will be linked from both MIT and yaSSL websites Slide 35 / 39 © Copyright 2012 yaSSL
The Future Look to the Community. PR Activity / Visibility •  Blog posts •  Forum posts •  Press releases •  GitHub •  Mailing lists •  etc... Slide 36 / 39 © Copyright 2012 yaSSL
The Future Other ideas or thoughts? Slide 37 / 39 © Copyright 2012 yaSSL
References Statistics •  http://ansonalex.com/infographics/smartphone-usage-statistics-2012-infographic/ •  http://www.go-gulf.com/blog/smartphone •  http://blog.nielsen.com/nielsenwire/online_mobile/40-percent-of-u-s-mobile-users-own-smartphones-40- percent-are-android/ •  Google I/O 2011: http://www.google.com/events/io/2011 Project Locations Kerberos: http://web.mit.edu/kerberos/ CyaSSL: http://www.yassl.com/ •  Android NDK App: https://github.com/cconlon/kerberos-android-ndk •  GSS-API Java Wrapper: https://github.com/cconlon/kerberos-java-gssapi Slide 38 / 39 © Copyright 2012 yaSSL
Thanks! www.yassl.com Slide 39 / 39 © Copyright 2012 yaSSL

Recomendados

Mobile trends and impressions
Mobile trends and impressionsMobile trends and impressions
Mobile trends and impressionsShafaq Abdullah
 
Advocate Consulting - Tangoe Summit Keynote Presentation 2012
Advocate Consulting - Tangoe Summit Keynote Presentation 2012Advocate Consulting - Tangoe Summit Keynote Presentation 2012
Advocate Consulting - Tangoe Summit Keynote Presentation 2012Advocate Consulting
 
2011 VMI DEMO Conference Highlights
2011 VMI DEMO Conference Highlights2011 VMI DEMO Conference Highlights
2011 VMI DEMO Conference HighlightsJulie_Vasquez
 
Enhancing the User Experience Through the Sense of Touch
Enhancing the User Experience Through the Sense of TouchEnhancing the User Experience Through the Sense of Touch
Enhancing the User Experience Through the Sense of TouchFITC
 
A to z of open mobile
A to z of open mobileA to z of open mobile
A to z of open mobileAndrew Savory
 
Productivity Gains Using Open Source products
Productivity Gains Using Open Source productsProductivity Gains Using Open Source products
Productivity Gains Using Open Source productsMadhusudan Rao
 
Management events 18 sept 2012
Management events 18 sept 2012Management events 18 sept 2012
Management events 18 sept 2012MichelvanHeiningen
 
Enhancing the User Experience Through the Sense of Touch with Bob Heubel
Enhancing the User Experience Through the Sense of Touch with Bob HeubelEnhancing the User Experience Through the Sense of Touch with Bob Heubel
Enhancing the User Experience Through the Sense of Touch with Bob HeubelFITC
 

Recomendados

Mobile trends and impressions
Mobile trends and impressionsMobile trends and impressions
Mobile trends and impressionsShafaq Abdullah
 
Advocate Consulting - Tangoe Summit Keynote Presentation 2012
Advocate Consulting - Tangoe Summit Keynote Presentation 2012Advocate Consulting - Tangoe Summit Keynote Presentation 2012
Advocate Consulting - Tangoe Summit Keynote Presentation 2012Advocate Consulting
 
2011 VMI DEMO Conference Highlights
2011 VMI DEMO Conference Highlights2011 VMI DEMO Conference Highlights
2011 VMI DEMO Conference HighlightsJulie_Vasquez
 
Enhancing the User Experience Through the Sense of Touch
Enhancing the User Experience Through the Sense of TouchEnhancing the User Experience Through the Sense of Touch
Enhancing the User Experience Through the Sense of TouchFITC
 
A to z of open mobile
A to z of open mobileA to z of open mobile
A to z of open mobileAndrew Savory
 
Productivity Gains Using Open Source products
Productivity Gains Using Open Source productsProductivity Gains Using Open Source products
Productivity Gains Using Open Source productsMadhusudan Rao
 
Management events 18 sept 2012
Management events 18 sept 2012Management events 18 sept 2012
Management events 18 sept 2012MichelvanHeiningen
 
Enhancing the User Experience Through the Sense of Touch with Bob Heubel
Enhancing the User Experience Through the Sense of Touch with Bob HeubelEnhancing the User Experience Through the Sense of Touch with Bob Heubel
Enhancing the User Experience Through the Sense of Touch with Bob HeubelFITC
 
Gsma mwc roberto de la mora feb 27 2012
Gsma mwc roberto de la mora feb 27 2012Gsma mwc roberto de la mora feb 27 2012
Gsma mwc roberto de la mora feb 27 2012Cisco Collaboration
 
Kill the Laptop!
Kill the Laptop!Kill the Laptop!
Kill the Laptop!Motorola Mobility - MOTODEV
 
Google Android @ AlphaCSP's JavaEdge
Google Android @ AlphaCSP's JavaEdgeGoogle Android @ AlphaCSP's JavaEdge
Google Android @ AlphaCSP's JavaEdgeyuvalb
 
Responsive Web Design in Oracle Application Express
Responsive Web Design in Oracle Application ExpressResponsive Web Design in Oracle Application Express
Responsive Web Design in Oracle Application ExpressShakeeb Rahman
 
New Trends in Hostel Software Technology - ASSD Hostel Software
New Trends in Hostel Software Technology - ASSD Hostel SoftwareNew Trends in Hostel Software Technology - ASSD Hostel Software
New Trends in Hostel Software Technology - ASSD Hostel SoftwareGoMio.com
 
Collaborative Development for the future of Mobile
Collaborative Development for the future of MobileCollaborative Development for the future of Mobile
Collaborative Development for the future of MobileAndrew Savory
 
Gigigo Workshop - iOS Extensions
Gigigo Workshop - iOS ExtensionsGigigo Workshop - iOS Extensions
Gigigo Workshop - iOS ExtensionsAlex Rupérez
 
Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?
Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?
Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?Alex Rupérez
 
NSCoder Keynote - Multipeer Connectivity Framework
NSCoder Keynote - Multipeer Connectivity FrameworkNSCoder Keynote - Multipeer Connectivity Framework
NSCoder Keynote - Multipeer Connectivity FrameworkAlex Rupérez
 
Gigigo Keynote - Geofences & iBeacons
Gigigo Keynote - Geofences & iBeaconsGigigo Keynote - Geofences & iBeacons
Gigigo Keynote - Geofences & iBeaconsAlex Rupérez
 
Gigigo Workshop - Create an iOS Framework, document it and not die trying
Gigigo Workshop - Create an iOS Framework, document it and not die tryingGigigo Workshop - Create an iOS Framework, document it and not die trying
Gigigo Workshop - Create an iOS Framework, document it and not die tryingAlex Rupérez
 
MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)
MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)
MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)Alex Rupérez
 
Introduction to Android by Demian Neidetcher
Introduction to Android by Demian NeidetcherIntroduction to Android by Demian Neidetcher
Introduction to Android by Demian NeidetcherMatthew McCullough
 
Koneki @ Eclipse Day Toulouse 2012
Koneki @ Eclipse Day Toulouse 2012Koneki @ Eclipse Day Toulouse 2012
Koneki @ Eclipse Day Toulouse 2012Benjamin Cabé
 
Mobiele sites en applicatie op Drupal
Mobiele sites en applicatie op DrupalMobiele sites en applicatie op Drupal
Mobiele sites en applicatie op DrupalCrossLang / CrossCheck / CrossCast
 
All about android
All about androidAll about android
All about androidInimitable Harish
 
Protecting Software: Agencies Respond
Protecting Software: Agencies RespondProtecting Software: Agencies Respond
Protecting Software: Agencies Respondasauers
 
Android the future
Android the futureAndroid the future
Android the futureSanjeev Kumar Jaiswal
 
Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15
Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15
Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15drumulonimbus
 
2011 android
2011 android2011 android
2011 androidvpedapolu
 
Dynamic DataCenter Converged London 2012 - Nebula CEO Chris Kemp
Dynamic DataCenter Converged London 2012 - Nebula CEO Chris KempDynamic DataCenter Converged London 2012 - Nebula CEO Chris Kemp
Dynamic DataCenter Converged London 2012 - Nebula CEO Chris KempNebula
 
Keynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark Little
Keynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark LittleKeynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark Little
Keynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark LittleJAX London
 

Más contenido relacionado

La actualidad más candente

Gsma mwc roberto de la mora feb 27 2012
Gsma mwc roberto de la mora feb 27 2012Gsma mwc roberto de la mora feb 27 2012
Gsma mwc roberto de la mora feb 27 2012Cisco Collaboration
 
Google Android @ AlphaCSP's JavaEdge
Google Android @ AlphaCSP's JavaEdgeGoogle Android @ AlphaCSP's JavaEdge
Google Android @ AlphaCSP's JavaEdgeyuvalb
 
Responsive Web Design in Oracle Application Express
Responsive Web Design in Oracle Application ExpressResponsive Web Design in Oracle Application Express
Responsive Web Design in Oracle Application ExpressShakeeb Rahman
 
New Trends in Hostel Software Technology - ASSD Hostel Software
New Trends in Hostel Software Technology - ASSD Hostel SoftwareNew Trends in Hostel Software Technology - ASSD Hostel Software
New Trends in Hostel Software Technology - ASSD Hostel SoftwareGoMio.com
 
Collaborative Development for the future of Mobile
Collaborative Development for the future of MobileCollaborative Development for the future of Mobile
Collaborative Development for the future of MobileAndrew Savory
 

La actualidad más candente (6)

Gsma mwc roberto de la mora feb 27 2012
Gsma mwc roberto de la mora feb 27 2012Gsma mwc roberto de la mora feb 27 2012
Gsma mwc roberto de la mora feb 27 2012
 
Kill the Laptop!
Kill the Laptop!Kill the Laptop!
Kill the Laptop!
 
Google Android @ AlphaCSP's JavaEdge
Google Android @ AlphaCSP's JavaEdgeGoogle Android @ AlphaCSP's JavaEdge
Google Android @ AlphaCSP's JavaEdge
 
Responsive Web Design in Oracle Application Express
Responsive Web Design in Oracle Application ExpressResponsive Web Design in Oracle Application Express
Responsive Web Design in Oracle Application Express
 
New Trends in Hostel Software Technology - ASSD Hostel Software
New Trends in Hostel Software Technology - ASSD Hostel SoftwareNew Trends in Hostel Software Technology - ASSD Hostel Software
New Trends in Hostel Software Technology - ASSD Hostel Software
 
Collaborative Development for the future of Mobile
Collaborative Development for the future of MobileCollaborative Development for the future of Mobile
Collaborative Development for the future of Mobile
 

Destacado

Gigigo Workshop - iOS Extensions
Gigigo Workshop - iOS ExtensionsGigigo Workshop - iOS Extensions
Gigigo Workshop - iOS ExtensionsAlex Rupérez
 
Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?
Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?
Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?Alex Rupérez
 
NSCoder Keynote - Multipeer Connectivity Framework
NSCoder Keynote - Multipeer Connectivity FrameworkNSCoder Keynote - Multipeer Connectivity Framework
NSCoder Keynote - Multipeer Connectivity FrameworkAlex Rupérez
 
Gigigo Keynote - Geofences & iBeacons
Gigigo Keynote - Geofences & iBeaconsGigigo Keynote - Geofences & iBeacons
Gigigo Keynote - Geofences & iBeaconsAlex Rupérez
 
Gigigo Workshop - Create an iOS Framework, document it and not die trying
Gigigo Workshop - Create an iOS Framework, document it and not die tryingGigigo Workshop - Create an iOS Framework, document it and not die trying
Gigigo Workshop - Create an iOS Framework, document it and not die tryingAlex Rupérez
 
MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)
MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)
MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)Alex Rupérez
 

Destacado (6)

Gigigo Workshop - iOS Extensions
Gigigo Workshop - iOS ExtensionsGigigo Workshop - iOS Extensions
Gigigo Workshop - iOS Extensions
 
Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?
Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?
Desarrollando mogollón de apps a la vez... ¿en qué lío me he metido?
 
NSCoder Keynote - Multipeer Connectivity Framework
NSCoder Keynote - Multipeer Connectivity FrameworkNSCoder Keynote - Multipeer Connectivity Framework
NSCoder Keynote - Multipeer Connectivity Framework
 
Gigigo Keynote - Geofences & iBeacons
Gigigo Keynote - Geofences & iBeaconsGigigo Keynote - Geofences & iBeacons
Gigigo Keynote - Geofences & iBeacons
 
Gigigo Workshop - Create an iOS Framework, document it and not die trying
Gigigo Workshop - Create an iOS Framework, document it and not die tryingGigigo Workshop - Create an iOS Framework, document it and not die trying
Gigigo Workshop - Create an iOS Framework, document it and not die trying
 
MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)
MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)
MADBike – Destapando la seguridad de BiciMAD (T3chFest 2017)
 

Similar a Kerberos + Android: A Tale of Opportunity

Introduction to Android by Demian Neidetcher
Introduction to Android by Demian NeidetcherIntroduction to Android by Demian Neidetcher
Introduction to Android by Demian NeidetcherMatthew McCullough
 
Koneki @ Eclipse Day Toulouse 2012
Koneki @ Eclipse Day Toulouse 2012Koneki @ Eclipse Day Toulouse 2012
Koneki @ Eclipse Day Toulouse 2012Benjamin Cabé
 
Protecting Software: Agencies Respond
Protecting Software: Agencies RespondProtecting Software: Agencies Respond
Protecting Software: Agencies Respondasauers
 
Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15
Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15
Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15drumulonimbus
 
2011 android
2011 android2011 android
2011 androidvpedapolu
 
Dynamic DataCenter Converged London 2012 - Nebula CEO Chris Kemp
Dynamic DataCenter Converged London 2012 - Nebula CEO Chris KempDynamic DataCenter Converged London 2012 - Nebula CEO Chris Kemp
Dynamic DataCenter Converged London 2012 - Nebula CEO Chris KempNebula
 
Keynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark Little
Keynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark LittleKeynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark Little
Keynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark LittleJAX London
 
Technology Trends 2013-2014 at HUI
Technology Trends 2013-2014 at HUITechnology Trends 2013-2014 at HUI
Technology Trends 2013-2014 at HUIKMS Technology
 
Slides bootcamp21
Slides bootcamp21Slides bootcamp21
Slides bootcamp21dxsaki
 
Challenges EPs Face Going Mobile
Challenges EPs Face Going MobileChallenges EPs Face Going Mobile
Challenges EPs Face Going MobileEDR
 
Bring Your Own Device at Cambridgeshire County Council
Bring Your Own Device at Cambridgeshire County CouncilBring Your Own Device at Cambridgeshire County Council
Bring Your Own Device at Cambridgeshire County CouncilBCS East Anglia
 
Owasp App Sec Ireland Windows Phone 7 Security
Owasp App Sec Ireland Windows Phone 7 SecurityOwasp App Sec Ireland Windows Phone 7 Security
Owasp App Sec Ireland Windows Phone 7 SecuritySecurity Ninja
 
Rightscale Webinar: Designing Private & Hybrid Clouds (Hosted by Citrix)
Rightscale Webinar: Designing Private & Hybrid Clouds (Hosted by Citrix)Rightscale Webinar: Designing Private & Hybrid Clouds (Hosted by Citrix)
Rightscale Webinar: Designing Private & Hybrid Clouds (Hosted by Citrix)RightScale
 
Getting Started Developing with Platform as a Service
Getting Started Developing with Platform as a ServiceGetting Started Developing with Platform as a Service
Getting Started Developing with Platform as a ServiceCloudBees
 
MobiCloud: Towards Cloud Mobile Hybrid Application Generation using Semantica...
MobiCloud: Towards Cloud Mobile Hybrid Application Generation using Semantica...MobiCloud: Towards Cloud Mobile Hybrid Application Generation using Semantica...
MobiCloud: Towards Cloud Mobile Hybrid Application Generation using Semantica...Amit Sheth
 

Similar a Kerberos + Android: A Tale of Opportunity (20)

Introduction to Android by Demian Neidetcher
Introduction to Android by Demian NeidetcherIntroduction to Android by Demian Neidetcher
Introduction to Android by Demian Neidetcher
 
Koneki @ Eclipse Day Toulouse 2012
Koneki @ Eclipse Day Toulouse 2012Koneki @ Eclipse Day Toulouse 2012
Koneki @ Eclipse Day Toulouse 2012
 
Mobiele sites en applicatie op Drupal
Mobiele sites en applicatie op DrupalMobiele sites en applicatie op Drupal
Mobiele sites en applicatie op Drupal
 
All about android
All about androidAll about android
All about android
 
Protecting Software: Agencies Respond
Protecting Software: Agencies RespondProtecting Software: Agencies Respond
Protecting Software: Agencies Respond
 
Android the future
Android the futureAndroid the future
Android the future
 
Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15
Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15
Open stack summit spring 2014 hybrid cloud landmines - 2014-05-15
 
2011 android
2011 android2011 android
2011 android
 
Dynamic DataCenter Converged London 2012 - Nebula CEO Chris Kemp
Dynamic DataCenter Converged London 2012 - Nebula CEO Chris KempDynamic DataCenter Converged London 2012 - Nebula CEO Chris Kemp
Dynamic DataCenter Converged London 2012 - Nebula CEO Chris Kemp
 
Keynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark Little
Keynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark LittleKeynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark Little
Keynote | Middleware Everywhere - Ready for Mobile and Cloud | Dr. Mark Little
 
Gl android platform
Gl android platformGl android platform
Gl android platform
 
Technology Trends 2013-2014 at HUI
Technology Trends 2013-2014 at HUITechnology Trends 2013-2014 at HUI
Technology Trends 2013-2014 at HUI
 
Slides bootcamp21
Slides bootcamp21Slides bootcamp21
Slides bootcamp21
 
Challenges EPs Face Going Mobile
Challenges EPs Face Going MobileChallenges EPs Face Going Mobile
Challenges EPs Face Going Mobile
 
Bring Your Own Device at Cambridgeshire County Council
Bring Your Own Device at Cambridgeshire County CouncilBring Your Own Device at Cambridgeshire County Council
Bring Your Own Device at Cambridgeshire County Council
 
Cloudify 10m
Cloudify 10mCloudify 10m
Cloudify 10m
 
Owasp App Sec Ireland Windows Phone 7 Security
Owasp App Sec Ireland Windows Phone 7 SecurityOwasp App Sec Ireland Windows Phone 7 Security
Owasp App Sec Ireland Windows Phone 7 Security
 
Rightscale Webinar: Designing Private & Hybrid Clouds (Hosted by Citrix)
Rightscale Webinar: Designing Private & Hybrid Clouds (Hosted by Citrix)Rightscale Webinar: Designing Private & Hybrid Clouds (Hosted by Citrix)
Rightscale Webinar: Designing Private & Hybrid Clouds (Hosted by Citrix)
 
Getting Started Developing with Platform as a Service
Getting Started Developing with Platform as a ServiceGetting Started Developing with Platform as a Service
Getting Started Developing with Platform as a Service
 
MobiCloud: Towards Cloud Mobile Hybrid Application Generation using Semantica...
MobiCloud: Towards Cloud Mobile Hybrid Application Generation using Semantica...MobiCloud: Towards Cloud Mobile Hybrid Application Generation using Semantica...
MobiCloud: Towards Cloud Mobile Hybrid Application Generation using Semantica...
 

Más de wolfSSL

FIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure EnclaveFIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure EnclavewolfSSL
 
wolfSSL TLS 1.3 Support in 2018
wolfSSL TLS 1.3 Support in 2018wolfSSL TLS 1.3 Support in 2018
wolfSSL TLS 1.3 Support in 2018wolfSSL
 
wolfSSL Performance Improvements 2018
wolfSSL Performance Improvements 2018wolfSSL Performance Improvements 2018
wolfSSL Performance Improvements 2018wolfSSL
 
wolfSSL and TLS 1.3
wolfSSL and TLS 1.3wolfSSL and TLS 1.3
wolfSSL and TLS 1.3wolfSSL
 
Securing Data in Transit -
Securing Data in Transit - Securing Data in Transit -
Securing Data in Transit - wolfSSL
 
wolfSSL Year In Review, 2013
wolfSSL Year In Review, 2013wolfSSL Year In Review, 2013
wolfSSL Year In Review, 2013wolfSSL
 
Secure Communication: Usability and Necessity of SSL/TLS
Secure Communication: Usability and Necessity of SSL/TLSSecure Communication: Usability and Necessity of SSL/TLS
Secure Communication: Usability and Necessity of SSL/TLSwolfSSL
 
yaSSL 2010-2011 Technical and Community Update
yaSSL 2010-2011 Technical and Community UpdateyaSSL 2010-2011 Technical and Community Update
yaSSL 2010-2011 Technical and Community UpdatewolfSSL
 
Securing MySQL with a Focus on SSL
Securing MySQL with a Focus on SSLSecuring MySQL with a Focus on SSL
Securing MySQL with a Focus on SSLwolfSSL
 
Securing memcache
Securing memcacheSecuring memcache
Securing memcachewolfSSL
 

Más de wolfSSL (10)

FIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure EnclaveFIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure Enclave
 
wolfSSL TLS 1.3 Support in 2018
wolfSSL TLS 1.3 Support in 2018wolfSSL TLS 1.3 Support in 2018
wolfSSL TLS 1.3 Support in 2018
 
wolfSSL Performance Improvements 2018
wolfSSL Performance Improvements 2018wolfSSL Performance Improvements 2018
wolfSSL Performance Improvements 2018
 
wolfSSL and TLS 1.3
wolfSSL and TLS 1.3wolfSSL and TLS 1.3
wolfSSL and TLS 1.3
 
Securing Data in Transit -
Securing Data in Transit - Securing Data in Transit -
Securing Data in Transit -
 
wolfSSL Year In Review, 2013
wolfSSL Year In Review, 2013wolfSSL Year In Review, 2013
wolfSSL Year In Review, 2013
 
Secure Communication: Usability and Necessity of SSL/TLS
Secure Communication: Usability and Necessity of SSL/TLSSecure Communication: Usability and Necessity of SSL/TLS
Secure Communication: Usability and Necessity of SSL/TLS
 
yaSSL 2010-2011 Technical and Community Update
yaSSL 2010-2011 Technical and Community UpdateyaSSL 2010-2011 Technical and Community Update
yaSSL 2010-2011 Technical and Community Update
 
Securing MySQL with a Focus on SSL
Securing MySQL with a Focus on SSLSecuring MySQL with a Focus on SSL
Securing MySQL with a Focus on SSL
 
Securing memcache
Securing memcacheSecuring memcache
Securing memcache
 

Último

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 

Último (20)

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 

Kerberos + Android: A Tale of Opportunity

  • 1. Kerberos + Android A Tale of Opportunity Slide 1 / 39 © Copyright 2012 yaSSL
  • 2. Platform Decisions The Statistics Slide 2 / 39 © Copyright 2012 yaSSL
  • 3. Why Go Mobile? 80% of the world's population now has a mobile phone. ( 5 Billion Phones ) Slide 3 / 39 © Copyright 2012 yaSSL
  • 4. Why Go Mobile? 21.6% Of those 80%, 1.08 Billion are smartphones. Slide 4 / 39 © Copyright 2012 yaSSL
  • 5. Why Go Mobile? In the US: 60% 40% the ratio is even higher, with smartphones making up 40% of all mobile phones. Slide 5 / 39 © Copyright 2012 yaSSL
  • 6. OK, well why Android? Slide 6 / 39 © Copyright 2012 yaSSL
  • 7. Android? Reason 1: US Market Dominance iPhone 28% U.S. Android Smartphones == 40% (40%) Blackberry 19% Windows Mobile, 7% Windows Phone 7, 1% Other, 5% Slide 7 / 39 © Copyright 2012 yaSSL
  • 8. Android? Reason 2: Consumer Popularity •  100 million activated Android devices (now 400,000 / day) •  200,000 apps in Android Market (4.5 billion activations to date) •  310 devices available to consumers (112 countries) Slide 8 / 39 © Copyright 2012 yaSSL
  • 9. Android? Reason 3: Developer Popularity •  450,000 developers building for the platform! Slide 9 / 39 © Copyright 2012 yaSSL
  • 10. Android. Meaning? •  Opportunity for increased Kerberos visibility •  Useful for Android and Kerberos developers •  Fun to see where the community takes it Slide 10 / 39 © Copyright 2012 yaSSL
  • 11. Our Plan What we wanted to do. Slide 11 / 39 © Copyright 2012 yaSSL
  • 12. Goals We wanted to fill a missing gap. 1.  Port Kerberos libraries to Android 2.  Port some C-based Kerberos client apps to Android kinit klist kvno kdestroy Slide 12 / 39 © Copyright 2012 yaSSL
  • 13. Goals We wanted to spark community involvement. 3.  Build a sample Android NDK App (with a simple GUI) 4.  Give changes back to community Slide 13 / 39 © Copyright 2012 yaSSL
  • 14. Action! What we did. Slide 14 / 39 © Copyright 2012 yaSSL
  • 15. 1. Crypto Implementation Slide 15 / 39 © Copyright 2012 yaSSL
  • 16. Crypto Added new CyaSSL crypto implementation •  Kerberos crypto options: CyaSSL, OpenSSL, NSS, built-in Slide 16 / 39 © Copyright 2012 yaSSL
  • 17. Crypto Added new CyaSSL crypto implementation •  CyaSSL is very portable Slide 17 / 39 © Copyright 2012 yaSSL
  • 18. 2. Porting Slide 18 / 39 © Copyright 2012 yaSSL
  • 19. Android Port Kerberos Libraries + CyaSSL Android. •  Cross-compiled libraries for Android •  Created shell script for easy reproduction by developers Slide 19 / 39 © Copyright 2012 yaSSL
  • 20. 3. Android Application Slide 20 / 39 © Copyright 2012 yaSSL
  • 21. Android App Simple sample NDK project Home Screen •  Single screen •  Uses JNI •  Wrapper around native client apps Slide 21 / 39 © Copyright 2012 yaSSL
  • 22. Android App Simple sample NDK project kinit •  Gets a ticket using specified principal Slide 22 / 39 © Copyright 2012 yaSSL
  • 23. Android App Simple sample NDK project klist •  Lists our tickets Slide 23 / 39 © Copyright 2012 yaSSL
  • 24. Android App Simple sample NDK project kvno •  Gets a service ticket for the entered principal Slide 24 / 39 © Copyright 2012 yaSSL
  • 25. Android App Simple sample NDK project klist after kvno •  Verify that we got a ticket Slide 25 / 39 © Copyright 2012 yaSSL
  • 26. Android App Simple sample NDK project kdestroy •  Clear our ticket cache Slide 26 / 39 © Copyright 2012 yaSSL
  • 27. Android App Notes •  Uses a keytab instead of passwords •  Storage locations have been chosen for convenience Can be easily modified to what the developer needs Currently at /data/local/kerberos Slide 27 / 39 © Copyright 2012 yaSSL
  • 28. Android App License Type •  Application code will remain under the MIT license Slide 28 / 39 © Copyright 2012 yaSSL
  • 29. 4. GSS-API Wrapper Slide 29 / 39 © Copyright 2012 yaSSL
  • 30. GSS-API Java Wrapper •  Provide Java bindings for developers to use •  Uses framework •  Wrapper around native Kerberos GSS-API library (Contains functionality found in gssapi.h) Slide 30 / 39 © Copyright 2012 yaSSL
  • 31. GSS-API Java Wrapper 2 example clients: •  Android client functionality •  Stand-alone Java app for desktop use Slide 31 / 39 © Copyright 2012 yaSSL
  • 32. GSS-API Integrated into sample app. Example Client •  Est. context with example server •  Send wrapped message, verify returned sig. block (gss_wrap, gss_verify_mic) •  Repeat #2, but with gss_seal, gss_verify •  Misc. API tests and exit. Slide 32 / 39 © Copyright 2012 yaSSL
  • 33. GSS-API Integrated into sample app. Example Server •  Est. context with client •  Receive and unwrap a message from the client •  Generate & send signature block for received message Slide 33 / 39 © Copyright 2012 yaSSL
  • 34. The Future What's happening next? Slide 34 / 39 © Copyright 2012 yaSSL
  • 35. The Future Look to the Community. Availability •  Code will be linked from both MIT and yaSSL websites Slide 35 / 39 © Copyright 2012 yaSSL
  • 36. The Future Look to the Community. PR Activity / Visibility •  Blog posts •  Forum posts •  Press releases •  GitHub •  Mailing lists •  etc... Slide 36 / 39 © Copyright 2012 yaSSL
  • 37. The Future Other ideas or thoughts? Slide 37 / 39 © Copyright 2012 yaSSL
  • 38. References Statistics •  http://ansonalex.com/infographics/smartphone-usage-statistics-2012-infographic/ •  http://www.go-gulf.com/blog/smartphone •  http://blog.nielsen.com/nielsenwire/online_mobile/40-percent-of-u-s-mobile-users-own-smartphones-40- percent-are-android/ •  Google I/O 2011: http://www.google.com/events/io/2011 Project Locations Kerberos: http://web.mit.edu/kerberos/ CyaSSL: http://www.yassl.com/ •  Android NDK App: https://github.com/cconlon/kerberos-android-ndk •  GSS-API Java Wrapper: https://github.com/cconlon/kerberos-java-gssapi Slide 38 / 39 © Copyright 2012 yaSSL
  • 39. Thanks! www.yassl.com Slide 39 / 39 © Copyright 2012 yaSSL