The Experts below are selected from a list of 6 Experts worldwide ranked by ideXlab platform
Niszl Michael - One of the best experts on this subject based on the ideXlab platform.
-
A cryptographic concept for the secure storage and transmission of medical images on iOS Devices
'Universidad Norbert Wiener', 2016Co-Authors: Niszl MichaelAbstract:Zusammenfassung in deutscher SpracheSmartphones sind nicht nur ein unabkoemmlicher Alltagsgegenstand geworden, sondern entwickeln sich auch zu einem wertvollen Bestandteil im medizinischen Sektor. In Anbetracht der Sensitivitaet von medizinischen Daten sind die Sicherheit und die korrekte Integration von mobilen Geraeten ein wichtiger Faktor von mHealth. Der Fokus dieser Diplomarbeit liegt auf dem Design und der Implementierung eines kryptographischen Konzepts, um medizinische Bilder sicher zu speichern und zu uebertragen. Die Referenzapplikation ist Teil einer Hautanalyse-Software, welche in klinischen Studien bei Radiodermatitis-Patienten eingesetzt wird. Das Ziel ist es, eine Verschluesselungsarchitektur zu implementieren, welche sensible Daten selbst dann schuetzt, wenn die nativen Sicherheitsmechanismen des Betriebssystems ausser Kraft gesetzt werden. Zu Beginn werden Gesetze und medizinische Richtlinien, wie Integrating the Healthcare Enterprise (IHE)-Profile, ueberprueft und grundlegende Sicherheitsstandards abgeleitet. Dann werden die aktuellen iOS-Sicherheitsmechanismen evaluiert und Best Practice-Methoden erfasst. Im naechsten Schritt wird ein Gefahrenmodell erstellt. Anhand des gewonnenen Wissens wird die Verschluesselungsarchitektur konstruiert und der implementierte Prototyp analysiert. Zuerst werden theoretische Bedrohungen identifiziert und entsprechende Empfehlungen spezifiziert. Darauf folgend werden Sicherheitsanalyse-Tools verwendet, um den implementierten Prototypen zu evaluieren. Zuletzt werden die Ergebnisse genuetzt, um das Konzept zu verbessern. Die Analyse zeigte, dass die Mehrzahl der nativen Sicherheitsmechanismen des Betriebssystems mittels erhoehten Systemrechten umgangen werden koennen. Nur die iOS Data Protection-Funktionalitaet konnte auf einem mit Passcode gesperrten Geraet nicht umgangen werden. Weiters erlaubten die angehobenen Systemrechte auch das unbemerkte Abhoeren des Uebertragungskanals. Durch die zusaetzlich implementierte Verschluesselungsschicht waren die Daten allerdings weiterhin kryptographisch unzugaenglich. Die Laufzeitanalyse offenbarte jedoch, dass selbst Methodenaufrufe auf einem Geraet mit angehobenen Systemrechten protokolliert werden koennen. Das erlaubte die Aufzeichnung des Passworts als Teil der Password Based Key Derivation Function (PBKDF). Aktuelle Bestrebungen, Verschluesselungsmechanismen mittels gesetzlichem Beschluss zu umgehen, bekraeftigen die Ergebnisse der Analyse, dass native Sicherheitsmechanismen nicht ausreichend sind, um empfindliche Daten auf einem mobilen Geraet zu schuetzen. Weiters ist es auch nicht empfehlenswert, sich ausschließlich auf Spezifikationen, welche durch Gesetze und medizinische Richtlinien vorgeschrieben werden, zu verlassen. Algorithmen und Methoden nach dem aktuellen Stand der Technik muessen verwendet, evaluiert und regelmaessig aktualisiert werden, um ein adaequates Sicherheitsniveau zu gewaehrleisten. Mobile Device Management-Systeme helfen dabei, Risiken wie eine Laufzeitmanipulation zu entschaerfen. Eine zusaetzlich implementierte Sicherheitsschicht und Komponenten, die die Laufzeitumgebung der Applikation absichern, sind ausschlaggebend für die Sicherheit von sensitiven medizinischen Daten.Smartphones have not only become indispensable in people's lives - they are also progressing into valuable assets in the medical sector. Considering the sensitivity of medical data, security and proper integration are major factors regarding an ubiquitous use of mobile health (mHealth). This thesis focuses on the design and implementation of a cryptographic concept for secure storage and transmission of medical images. The used reference application is part of a medical skin imaging and analysis software, which is employed during clinical trials, targeting patients suffering from radiation induced dermatitis (RID). The goal of this thesis is to create and implement an encryption architecture, which protects sensitive data even if an attacker breaks the security features of the native Operating System (OS). At first, Austrian laws and medical guidelines like Integrating the Healthcare Enterprise (IHE) profiles are reviewed and security ground rules are derived. Then the current native iOS security mechanisms are evaluated and best practice methods are gathered. As a next step, a threat model, based on the reference application-s specification, is created and the gained knowledge is used to design the encryption architecture. After the implementation of the cryptographic concept, using the iOS Software Development Kit (SDK), the prototype is analyzed. At first, theoretical threats are identified and recommendations are specified. Following this, mobile penetration testing frameworks and security assessment tools are utilized to analyze the prototype. At last, the results and exposed weaknesses are used to improve the designed concept. The analysis showed that the majority of the native OS security mechanisms can be bypassed with elevated privileges on a Jailbroken iOS Device. Only the iOS Data Protection mechanism could not be bypassed on the passcode locked Device. The raised privileges also allowed to annul the implemented certificate pinning mechanism, which furthermore enabled the undetected interception of the transmitted network traffic. Due to the additionally implemented security layer, the transmitted data was still cryptographically inaccessible. However, the runtime analysis disclosed that even method calls can be traced on a Jailbroken Device. This allowed the recording of the password as part of the Password Based Key Derivation Function (PBKDF). Recent aspirations to legally bypass encryption mechanisms fortify the results that native OS security mechanisms are not sufficient to protect sensitive data on a mobile Device. It is also not recommended to solely rely on basic specifications required by law or medical guidelines. State of the art algorithms and methods need to be utilized, evaluated and updated on a regular basis to provide an adequate level of security. Mobile Device Management (MDM) systems are a valuable asset to detect runtime manipulation. An additional layer of security, utilizing state of the art cryptographic mechanisms, and components securing the runtime are crucial for the safety of sensitive medical data and help to mitigate or even prevent threats.11
Varenkamp Peter - One of the best experts on this subject based on the ideXlab platform.
-
iPhone Acquisition Using Jailbreaking Techniques
'Norwegian University of Science and Technology (NTNU) Library', 2019Co-Authors: Varenkamp PeterAbstract:Abstract Varenkamp Digital Devices are a part of most peoples lives today. Using digital Devices leaves traces. These traces can be urgent to solve a criminal case. Knowing this, forensic work has the goal to get as much data from a Device as possible. Only physical image from a data storage is a 100% copy and can make sure that all data has been secured. Forensic work with digital evidence was in the first time done with opening a personal computer, removing the hard disk and secure with write protection. It was not so difficult to connect directly to the interface of the hard drive and performing a physical image. That changed with the first smart phones that were not produced with data storage that could be removed without a high technical effort. The smart phones used data storage that had not their own interface and were soldered with the logic board. In computer forensic investigations the fast technological changes make it more difficult to get all or most digital data in the same way we did before. One reason is that manufacturers produce more secured Devices as the customer demands it. Another reason may be to make the system more stable. On the other hand, we will always search how we can get all digital information from the Device as possible, especial erased data that may be urgent for the case. Apples iPhone is one of the most popular smart phones and has about 14 percent market share in first quarter of 2018. Only Samsung sells more smartphones with 20 percent market share at the same time. The most sold smart phones work with different distributions of Android and had actually a market share up to 85 percent (BusinessReport, 2018). Apple has continued improving the security mechanism of its products. This fact makes it more difficult or impossible to get access to the iPhones and extract all information that were stored on it. Commercial Forensic Software work sometimes with own programs that use security breaches to get deeper access to a Device. Jailbreaking is not offered from commercial vendors. But they describe their programs are able to extract more data from a Jailbroken Device. The aim of my master thesis is to answer the question if iPhones acquisition using jailbreak techniques can be a forensic way? To answer the research question, five depending sub question were answered. At the time I began working at the master thesis in middle 2018, I have first to answer if there is a way for jailbreaking with a current iOS (apples operating system), that was 10 and 11? Otherwise, it wouldn’t have any sense to continue with my research. Fortunately, the answer to this question was yes. During writing this master thesis, I have to change and revise some parts multiple times to be up to date. Reasons have been that new jailbreaks, new iOS-versions and new iPhones released in this time