Prepaid cheap international calling cards. Save up to 60% on long distance cheap phone card. You can buy phone card online in 5 minutes on our site. Select place where you want call: Europe
• Asia
• North America
• South America
• Africa
• Australia
• Middle East
Today Acer has both revealed the Acer CloudMobile smartphone and shown it to be a winner of the iF design award 2012. This award is given to ...
March 04, 2012, 7:42 AM — America's intelligence agency, the National Security Agency (NSA), today disclosed how it's going to handle mobile security.
The NSA has come up with a security design that currently depends on Google Android smartphones, though the NSA contends it doesn't want to be wedded to any particular smartphone operating system. But its current "Fishbowl" phones, as they are called, are beefed-up highly secured Motorola Android smartphones that use double-encryption for voice traffic and a unique routing scheme for 3G network traffic back to the NSA first for security purposes. This design makes them suitable for classified information sharing with other like smartphones, according to Margaret Salter, technical director at NSA's information assurance directorate, who spoke about the so-called "Fishbowl" project, which today focuses on voice use of smartphones, at a session here today at the RSA Conference.
More: What's hot at RSA 2012
"We wanted to use the commercial standards that are out there," said Margaret Salter, technical director in NSA's information assurance directorate. "We wanted plug and play — but that was hard." The NSA also wants interoperability in order not to be trapped in vendor ok-in, but this is turning out to be hard to achieve.
The NSA looked at SSL VPN as a standard and left no stone unturned in exploring commercial SSL VPN for mobile, but found utter lack of interoperability across vendor products. Salter said NSA also was frustrated with the lack of interoperability in Unified Communications Systems (UCS) products, noting that buying one piece often meant buying several others, there being little evidence of multi-vendor interoperability. So with some frustration, NSA changed to go with an open-source Session Initiation Protocol (SIP) server for the present.
NSA also switched its mobile security strategy toward IPSec VPN, where things looked better in terms of interoperability than SSL VPN, and selected the Secure Real-Time Transport Protocol for Voice App and Transport Layer Security (TLS) with keys. This all means "the voice call is doubly encrypted," Salter said. "There's VoIP encryption and IPsec encryption."
The NSA is relying on a alphabet soup of standards for its Fishbowl smartphones: Suite B IPSec, IKE v.2, Elliptic Curve Diffie-Hellman, Elliptic Curve DSA, the SHA2 hash, all well-known in security circles. The NSA contracted to build some elements of its Fishbowl smartphone prototypes on Motorola Android since what it wants isn't commercially available. But NSA wants it to be, and to that end is releasing the basic architecture with the hope the high-tech industry will get on board in software design. The NSA also has included a so-called "police app" to make sure everything is in place on the smartphone as it should be, said Salter. She noted a number of the NSA employees in the room were now carrying their Fishbowl phones with them, which she said showed surprisingly little voice delay, even with double encryption processes.
In publishing all its Fishbowl standards on the NSA website, "our hope is someone will show this to the vendors and say 'I want that,'" said Salter.
The NSA plans to propose its mobile security design as an internationally-oriented Common Criteria standard, with the idea that products would start to make it through the NIAP labs. The Defense Information Systems Agency (DISA), which is responsible for large-scale practical networking deployments for the military, "is looking at copying this on a large scale," said Salter. She added: "We'll be standing up an enterprise app market," noting that today there are a large number of people already writing apps for military purposes.
The mobile operating system question
Although NSA doesn't want to be wedded to one mobile operating system platform, its investigations into suitable choices have so far led it to Google Android mainly because with it you can change the underlying OS, and with Apple iOS for example, you can't, Salter noted. One change was made so digital certificates would be stored in a way NSA thinks is better.