Top Banner
Samsung Knox Tizen Wearable v2.0 Introduction for app vendors Sep. 2016 Samsung Electronics Co., Ltd.
15

Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

Jun 04, 2018

Download

Documents

hathien
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

Samsung Knox Tizen Wearable v2.0

Introduction for app vendors

Sep. 2016

Samsung Electronics Co., Ltd.

Page 2: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

What is Samsung Knox Tizen Wearable?

2

HARDWARE-BASED, BUILT-IN PLATFORM THAT EXISTS IN MOST SAMSUNG MOBILE DEVICES, OUT OF BOX

+ CUSTOMIZABILITY+ PRODUCTIVITY+ MANAGEABILITY+ SECURITY

TIZEN WEARABLE

ANDROIDSMARTPHONE

ANDROIDTABLET

Page 3: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

What is Knox Tizen Wearable SDK? (1/2)

For the first time ever on a smart watch, the Knox Tizen Wearable SDK will be available to third-parties, enabling the development of Knox-enabled applications for Samsung’s wearable ecosystem

3

2015.Sep 2016.Sep

OS Ver. Tizen 2.3.1 Tizen 2.3.2

Knox Ver. Knox Tizen Wearable v1.0 Knox Tizen Wearable v2.0

Knox SDK N/AKnox Tizen

Wearable SDK v1.0

※ Gear S2 is planned for OS update to Tizen v2.3.2 and Knox Tizen v2.0 respectively

Page 4: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

What is Knox Tizen Wearable SDK? (2/2)

Knox Tizen Wearable SDK enables developers to leverage the Knox Tizen APIs on Gear for enhanced features

4

Knox Tizen v1.0Tizen appDeveloper

Knox Tizen v2.0

Knox Tizen Wearable SDK v1.0

EMM Server

Knox APIs

Build

Build

DL, Install

DL, Install

Knox APIs

manage

Standalone or Companion: Apps integrated with Knox Wearable SDK can communicate directly with its server

Companion onlyPairing required

No Knox enhancement

Page 5: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

Why Knox Tizen Wearable v2.0? (1) Directly manage Gear devices (1/2)

5

A. Directly managing Gear devices with EMM: Once the EMM agent is installed via deeplink, IT manager can use hundreds of APIs to manage Gear devices

Enterprise IT Manager

Employee Device

Directly manage

Device Management App Management

Enterprise Asset Protection Network Management

- Call/SMS/data management

- Mic/GPS/Ringtone control

- BT/WiFi/NFC control and more

- Install/Remove application

- Allow/Disallow app installation

- Start/Stop application and more

- Lock device

- Wipe device data

- Set password and more

- APN / WiFi configuration

- Firewall settings

- Roaming control and more

Page 6: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

Why Knox Tizen Wearable v2.0? (1) Directly manage Gear devices (2/2)

6

B. Pushing apps into employee devices: Given Tizen doesn’t allow sideloading of an app onto the device, every app needs to be downloaded from the Tizen appstore. Knox Tizen Wearable supports Deeplink feature, enabling IT managers to easily distribute apps

Tizen WearableApp Store

SEAP* Siteseap.samsung.com

① Download SDK

③ get “Deeplink” for app

④ Pass Deeplink ⑤ Pass Deeplink via

1) SMS2) EMM console3) Knox Mobile Enrollment

⑥ Download appusing Deeplink

App Vendor EnterpriseIT Manager

EmployeeDevice

② Register app & check Yes to “Hide App”

* SEAP : Samsung Enterprise Alliance Program

Page 7: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

Why Knox Tizen Wearable v2.0? (2) Build purpose-built appliances

The customization APIs in the SDK allow app vendors to tailor Gear devices to their unique needs

7

Lock Gear device to a single app

(Kiosk Mode)

HW Key Re-mapping

Settings Manager

Prevent from exiting out from the app by pressing the Home button

e.g. Long-press the Home button for device to open the app

Enables the app to turn on/off settings

e.g. App enforces to turn on GPS + B/T but off Mobile Data or Roaming

Page 8: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

Why Knox Tizen Wearable v2.0? (3) Secure work data

Developers can build apps leveraging Knox platform to enhance security of the service offered to customers

8

SE for Tizen: Permission mgmt. for apps and data

Trusted Boot: Check if booting components have been tampered with

Kernel Protection: Real-time kernel monitoring and protection (default-on)

HW Root of Trust: Keys securely stored in TrustZone

Security hardening of Tizen, out-of-box Integrate Knox security feature to the app

Tizen app

Enhancement made using Knox Tizen Wearable SDK

TIMA* Attestation: Pings a device if it has properly loaded boot components and firmware. In other words, an app can check if the device has been tampered with.

Knox Tizen APIs

* TIMA : TrustZone-based Integrity Measurement Architecture

Page 9: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

Access to Knox Tizen Wearable SDK

9

① Visit https://seap.samsung.com

② Enroll or Sign-in SEAP Samsung account

③ Click DEVELOP Tizen SDK Knox Tizen Wearable SDK

④ Click

①②

③One SDK

※ Beta ver. is available as of 5th sep, Commercial ver. will be released in Oct.

Page 10: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

Licensing Scheme

10

Tizen StoreSEAP* Site

seap.samsung.com

① Download Knox Tizen Wearable SDK

App Vendor User Device

GSBN*

v3.samsunggsbn.comKnox License Servers

(A) ELM* License Key (B) KLM * License Key

④ Fetch License Key(A) or (A)+(B)

② Register App

③ DL app ⑤ Verify Knox license

Key Accessible Features Source Knox Product Price

(A) ELM Key Manage device/apps/network, Attestation SEAP N/A(platform-level features)

Free

(B) KLM Key Customization (Kiosk, HW-key remapping, …) GSBN Knox Customization Toolkit(works on Android and Tizen Wearable)

$3.00 / device

※ Please contact a Knox reseller or your Samsung counterpart to purchase a KLM license key

* one-time fee, Invoice Price

License request & generation

* SEAP : Samsung Enterprise Alliance Program* GSBN : Global Samsung Business Network

* ELM : Enterprise License Management* KLM : Knox License Management

Page 11: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

11

To find out more information on Samsung Knox Tizen Wearable,

please visit: http://samsungknox.com

http://seap.samsung.com

Page 12: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

12

Appendix

Page 13: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

Comparison against v1.0

13

NOIndirect control of Gear through a paired

Samsung Android

YESIn addition to paired mode, direct control of Gear

by an external server is available

Secure/Trusted boot,PKM*, SE for Tizen

v1.0 + RKP*, DM-verity*, Attestation

Individual DLfrom Tizen Store

A simple linkto easily download from Tizen Store

No Wearable SDK (W-MDM, 39 API)No Customization API

Knox Wearable SDKOne SDK : MDM+Customization+Attestation

STANDALONE

SDK

APP INSTALLATION

PLATFORM SECURITY

Knox Tizen Wearable v1.0 Knox Tizen Wearable v2.0

(300+ API) (28 API)

* PKM : Periodic Kernel Measurerment* RKP : Real-time Kernel Protection* DM-verity : Device-Mapper-verity

Page 14: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

Comparison against Knox Android

APIs for Andoroid Smartphone/Tablet

14

Hardware Root of Trust

Trusted Boot

TIMA*

SE for Android

Knox Container

Hardware Root of Trust

Trusted Boot

TIMA*

SE for Tizen

SECURITY MANAGEABILITY/PRODUCTIVITY

Knox Android

Knox Tizen Wearable

1100+

300+

| Android Specialization: Google Account, S-Beam..

| Smart/Tab Specialization: Browser, E-mail, EAS*, Dual SIM, External Memory..

| Tizen Wearable Feature: Call/SMS/Data Management,BT/WiFi/NFC Control,Manage Application,ProKiosk Mode,System Manager..

Based on the same security platform architecture with Knox Android, Knox Tizen supports manageability to B2B customer by providing APIs to meet wearable use case.

APIs for Tizen WearableKnox ContainerX

* TIMA : TrustZone-based Integrity Measurement Architecture * EAS : Microsoft Exchange Active Sync

Page 15: Samsung Knox Tizen Wearable v2 - SEAP Tizen Wearable Intro... · - BT/WiFi/NFC control and more ... APN / WiFi configuration - Firewall settings ... To find out more information on

Key features

15

| Manage Apps

∙ Install/Remove application

∙ Allow/Disallow app installation

∙ Start/Stop application

| Manage Device

∙ Call/SMS/data management

∙ Mic/GPS/Ringtone control

∙ BT/WiFi/NFC control

| Manage Network

∙ APN /Wifi configuration

∙ Firewall

∙ Roaming control

| Enterprise Asset Protection

∙ Lock device

∙ Wipe data

∙ Set password| Settings Manager

∙ Hide/Show setting menu

∙ Bluetooth on/off

∙ GPS on/off

∙ Data Roaming on/off

∙ Mobile data on/off

∙ WiFi on/off

| ProKiosk Mode

∙ Enhanced Kiosk mode

∙ Set pass code

∙ Set home activity

∙ Hide notification messages

| System Manager

∙ H/W Key remapping

∙ Set Power Saving mode

∙ Bluetooth HID for Barcode scanner

| Enhanced Security

∙ Attestation

MDM features

Security features

Customization features