Securing the Smart Grid > Chapter 10. Mobile Applications and Devices > Securing Mobile Devices

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Search

Table of Contents

Front Cover

Securing the Smart Grid

Table of Contents

Acknowledgments (Tony Flick)

Acknowledgments (Justin Morehouse)

About the Authors

About the Technical Editor

Introduction

Chapter 1. Smart Grid: What Is It?

Chapter 2. Threats and Impacts: Consumers

Chapter 3. Threats and Impacts: Utility Companies and Beyond

Chapter 4. Federal Effort to Secure Smart Grids

Chapter 5. State and Local Security Initiatives

Chapter 6. Public and Private Companies

Chapter 7. Attacking the Utility Companies

Chapter 8. Securing the Utility Companies

Chapter 9. Third-Party Services

Chapter 10. Mobile Applications and Devices

Why Mobile Applications?

Platforms

Trust

Attacks

Securing Mobile Devices

Secure Mobile Applications

Summary

Endnotes

Chapter 11. Social Networking and the Smart Grid

Chapter 12. Attacking Smart Meters

Chapter 13. Attacking Smart Devices

Chapter 14. What's Next?

Index

186 CHAPTER 10 Mobile Applications and Devices Table 10.1 Sample secure deletion resources 12 Tool Dariks boot and nuke (DBAN www.dban.org/) Roadkill's datawipe (www.roadkil.net/) Secure erase 4.0 http://cmrr.ucsd.edu/ people/Hughes/SecureErase.shtml) Wireless recycling (www.recellular.com/ recycling/data_eraser/) Device support ATA/IDE, SATA ATA/IDE, SATA Flash Solid-state drives (SSD) Cell phones License type Free Free Free Free contain sensitive information from their previous owners, including corporations and government agencies. 10 In 2009, data for a U.S. missile air defense system were discovered on a hard drive bought on eBay. 11 TIP The process to securely erase flash memory is different than erasing traditional storage devices and will most likely require different applications. 12 Alternatively, degaussing or physically destroying the device memory can also achieve the same goal. See Table 10.1 for a list of several examples of secure deletion tools. SECURING MOBILE DEVICES Mobile applications will mainly be developed to support access through two mediums: a mobile Web site and a client application installed on the mobile device. In either case, the mobile device will need to be protected to prevent unauthorized access to the mobile application. Traditional security controls can be extended to protect many mobile devices; however, new issues that arise from mobile devices will need to be addressed by additional security controls. The following best-practice guides and tips have been developed for mobile device security: · · · · · US-CERT Cyber Security Tip ST06-007: Defending Cell Phones and PDAs Against Attack www.us-cert.gov/cas/tips/ST06-007.html US-CERT Cyber Security Tip ST05-017: Cybersecurity for Electronic Devices www.us-cert.gov/cas/tips/ST05-017.html US-CERT Cyber Security Tip ST04-020: Protecting Portable Devices: Data Security www.us-cert.gov/cas/tips/ST04-020.html NIST SP 800-124: Guidelines on Cell Phone and PDA Security http://csrc. nist.gov/publications/nistpubs/800-124/SP800-124.pdf NIST SP 800-101: Guidelines on Cell Phone Forensics http://csrc.nist.gov/ publications/nistpubs/800-101/SP800-101.pdf

Download Safari Books Online apps: Apple iOS | Android

This Book

Search

Contents

Chapter 10. Mobile Applications and Devices > Securing Mobile Devices - Pg. 186