Secure Mobile Complete mobile security October 2013 Introducing a new patent pending Introducing a new patent pending security methodology security methodology Secure Communications Secure Communications Situation Awareness Situation Awareness Private Mobile Networking Private Mobile Networking
Secure Communications Situation Awareness Private Mobile Networking. Secure Mobile Complete mobile security. October 2013. Introducing a new patent pending security methodology. Complete mobile security. SECURE COMMUNICATIONS. SITUATIONAL AWARENESS. SECURED, MOBILE, PRIVATE - PowerPoint PPT Presentation
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Secure MobileComplete mobile security
October 2013
Introducing a new patent pending security Introducing a new patent pending security methodologymethodology
Industry Leading Authentication andKey Management.
Trusted Application Validation – Encryption is Validated On Each Launch. Is it the right app? Is it the right size? Is it one correct hardware? Is it the correct license? Is the correct user launching it? ….1
Encryption Keys Are Highly Protected
Never put in-the-air.Never put on-the-wire.Never saved on the endpoint.Never saved on a server.Used once and then destroyed. Each Communication Type (e.g.
voice, chat, transfer, etc.) Uses a Unique Encryption Key.
Feature / Capability Our product Other available products
Uses SRTP. No Yes
AES 256 bit encryption. Yes No – SRTP defaults to AES-128 bit encryption.
Implemented through RTP with unique header . No – Attack surfaces are not allowed. Yes – Allows and implements attack surface.
Intermediary ZRTP devices . No – This creates an attack surface, and, attack surfaces are not allowed.
Yes – Allows for intermediary eavesdropping devices between endpoints.
Allow unencrypted communications if the other endpoint is not validated.
No Yes – by default, SRTP allows the call goes through unencrypted.
True endpoint-to-endpoint (no servers) audio security.
Yes – Audio packets traverse between endpoints, not servers, and only decrypt at the endpoint.
No – SRTP decrypts packets at the Session Boarder Controller(s) and SIP Server.
Direct Endpoint-to-Endpoint Audio Yes – Audio travels endpoint to endpoint. No – Audio travels through SBC(s) and SIP servers.
Execution with program trust validation Yes – Uses 5 factors of authentication at time of start up to establish trust verification.
No
User must enter the shared secret within a period of time.
No – Uses 5 factors of authentication at time of start up to establish trust verification.
Yes
Require user to re-authenticate on each call . Yes – trust is not assumed based on the last communication, but on validated trust verification. Each session validates trust.
No
Unique key for each communication session. Yes No
Keys shared over-the-air or over-the-wire. No Yes
Private address book Yes No
Maintains history of calls, chat, file transfers, photos, video, etc.
No Yes
Integrated conference calling Yes No
No security servers Yes No
Private mobile network ready Yes No
End-to-end Security. Is It Real?
Feature / Capability Our product Other available products
Use standard SIP/RTP protocols delivering lightweight traffic and operates in low bandwidth global environments.
Yes No
Use any server on any network. Yes No – requires specific vendor dependent servers available on the internet.
Supports 2G networks. Yes No – server and decryption frequency does not support low 2G throughput without 5+ seconds of latency .
Supports rapidly deployable private MANET tactical deployments. Yes No
Supports multiple accounts enabling a dedicated persona. Yes No
Dedicated contacts defined by active account persona. Yes No
Supports both Secret and SBU profile deployments. Yes No
Supports and fully interoperates on Windows, Blackberry & Android Yes No
Remote deployment – purchase of local endpoints, local SIMs, & deploy on cell, internet, secure network or mobile 3G or MANET in less than 5 minutes.
Yes No
Remote provisioning – supports dedicated hardware/person implementation within 1 minute, with dedicate MDM controls.
Yes No
Situational awareness – panic button with hidden panic feature. Yes No
Situational awareness – GPS locator. Yes No
Situational awareness – integrated standalone mission Blue Force Tracking with optional FalconView & ESRI integration
Yes No
Situational awareness – C2 controls Yes No
Tactical Mission Deployment SupportComplete mobile security
August 2013
Complete mobile security
Unique encryption key for each chat session, even if an additional chat session is to the same person.
Execute multiple chat sessions simultaneously. Execute chat while in a secure call, file transfer, secure
camera execution and secure file transfer. Add & delete contacts to chat sessions on the fly. From within a chat, whisper to a member of a chat via a
private chat. This chat will utilize unique private key. From within a chat, secure call to a member of a chat
session while remaining in the session. This call will utilize unique private key.
Send individual or group secured text chat messages to members of your contact list.
Secure Chat Text Messaging
August 2013
Complete mobile security
Take and send individual or group secured pictures with the GSS integrated secure camera.
Touch ‘n Send securely within 5 seconds. Simply select a contact, press the camera button, and shoot. If you like the preview of what was taken, press share.
Touch ‘n Store – take your secure picture saving it to secure onboard storage for later transmission.
Individual or mass distribution – share to one or more individual with a single Touch ‘n Send or Touch ‘n Send action.
Configurable for photo self destruct after sharing completes. Share other photos, or any file, on your Android with secure
file sharing.
Secure Camera Capture & Transfer
August 2013
Complete mobile security
Controlling a 12 man team from a safe house, or in garrison overseeing multiple squadrons, you need SITUATIONAL AWARENESS!
Turn on MicrophoneTurn on MicrophoneDisable SpeakerDisable SpeakerWipe User DataWipe User Data
Disable Application Disable Application
Without user knowledge
Panic Alert is endpoint initiated through the Panic Button or Hidden Alert. C2 provides centrally controlled functions for team leaders & administrators.
CONTROL, OBTAIN INTELLIGNCE, RECOVER, & DESTROY!
August 2013
Complete Mobile Security
Private telecommunications server
Specifically designed for our server . Scalable from 100-10,000 users. Management system. Deployed in private networks, the Internet or public or private clouds. Integrates with other servers in other private networks, on the Internet or in other
public or private clouds. Warm/hot failover models available.
kryptofonServerkryptofonServer
August 2013
Complete Mobile Security
OmniTrack – Blue Force Tracking
kryptofonServer
OMNITrack
Encrypted commsEncrypted comms
Track location and panic alerts of team members within seconds. All communications encrypted. Physical server implemented locally, regionally or
globally. Private network or Internet deployed.
Administration
August 2013
Complete mobile security
Kryptofon Server & OMNITrack
Cascade Kryptofon Server and OMNITrack Servers Allowing Multi-Level Monitoring and Oversight.
OMNITrack
kryptofonServer
OMNITrack
kryptofonServer
OMNITrack
kryptofonServer
Team Alpha
Team Gamma
Team Zed
Administration
Administration
Administration
OMNITrack
kryptofonServerHQ
NOC1 or Cloud1
NOC2 or Cloud2
NOC3 or Cloud3E
ncry
pted
com
ms
Enc
rypt
ed c
omm
s
Encrypted com
ms
Encrypted com
ms
Encrypted comms
August 2013
Team Alpha Cloud
Anti-Triangulation, Cascaded Kryptofon Server & OmniTrack in Secure Multi- Vendor Cloud Deployments
Team Alpha in Field
HQ Monitoring
Team Leader
Team Zed Cloud Team Zed in Field
IP1
IP2
IP3
IP4
IP11
IP12
IP13
IP14
Regional N Cloud
Team Leader
Regional Leader
IP111
Regional S Cloud
Regional E Cloud
Regional W Cloud
Global CloudIP121
IP131
IP141
IP211
Secure VPN+ Container
kryptofonServer + OmniTrack
Cloud Providers
VPN Connections
Global FieldLocalRegional
An
ti-T
rian
gu
lati
on
Dep
loym
en
t
August 2013
The Tower provides the capability of deploying a remote, mobile tactical 3G/4G network in global locations where local providers are not available
The Mes provides a network of both base and repeater nodes which disseminate and propagate network traffic in a dynamic, self-healing fashion.
Remote and Hidden Secure Deployments
GSS Global Security Solutions
MIMO Repeater
Field HQ
Tracking
WiFi
kryptofon
End-End Secured Communications
•From the Field With kryptofon on Android.
•To Field HQ.
•To Global HQ.
•On Self-Healing High Speed Repeating Network.
•Uniquely Encrypted with Every Communication.
•Without the Need of a Global Secure Network.
10mi MIMOMobile Vehicle Bubble2 8mi MIMO Vest Bubble