Mocana’s Device Security Framework is an extensible software framework that secures all aspects of device data and enterprise communications, for any connected device. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance.
The Device Security Framework includes device-resident security software as well as security capabilities delivered across the network. The device-resident software is embedded into devices at the time of manufacture and (optionally) interfaces with the operating system, the CPU, any available cryptographic accelerator and provides modular support for different open-standards-based device security protocols.
The Device Security Framework provides a common architecture for all of Mocana’s solutions to carry out the following functions:
- Secure remote access to/for devices
- Secure data communications between devices
- Device identity management
- Leveraging multi-core processors & crypto accelerators
- Authentication of devices/applications to the network
- Secure support for wired and wireless networks
- Simplified key management
- Advanced connection handling
- Use of 3rd-party validated crypto libraries
Mocana products included in the Device Security Framework include (among others):
DSF for Android™:
Provides essential security features for Google’s revolutionary open
mobile platform, helps developers manage their memory footprint, maximize secure application
throughput and still stay extremely portable.
NanoCert ™:
Mocana NanoCert has implemented the SCEP protocol developing an Embedded
Certificate Management Server and an Embedded Certificate Management Client.
NanoDefender™:
Advanced malware protection without the possibility of false positives.
Instead of relying on an attack database for defense, Mocana NanoDefender tracks the function
flow within an application.
NanoDTLS™:
Uniquely architected with an asynchronous core to fully leverage hardware
acceleration, is portable and small footprint. It is ideally suited to securing voice and video,
is RFC compliant and easy to use.
NanoEAP ™:
Includes 14 different authentication methods and supports stand alone and
pass thru authentication modes and acts as a framework and transport mechanism for AAA
(Authentication, Authorization, and Accounting) protocols.
NanoGame™:
Easy-to-use, high-performance G2S-compliant gaming security suite which
enables the “agile house” to dynamically and remotely change, update and verify software on
the floor protecting your house network, your customers and your games.
NanoRADIUS™:
An open standards based, full featured, RFC compliant easy to use, high
performance embedded RADIUS client. Communicates with a RADIUS server over the
network that centrally stores user names and passwords and authorizes a user’s access to
applications or systems.
NanoSEC™:
Designed from the ground up for use with IP connected devices, it also includes
support for IKEv2. IPsec is a standard for securing (IP) Internet Protocol communications by
encrypting and/or authenticating all packets at the network layer.
NanoSSH™:
Designed for logging into and executing commands on a networked computer and
provides secure encrypted communications between two untrusted hosts over an insecure
network. The SSH Client is used to connect into an SSH Server.
NanoSSL™:
Provides endpoint authentication, protecting against eavesdropping, message
forgery and interference. The Client initiates connection to the Server. Both are commonly used
for securing remote device management via a web browser.
NanoWireless™:
Provides all the functions necessary to create an 802.11i-compliant station
management entity (SME). Uniquely architected with an asynchronous core to fully leverage
hardware acceleration, is portable and has a small footprint.
By applying Mocana’s Device Security Framework, your solutions minimize memory footprint, maximize cryptographic throughout and stay extremely portable. Designed for device manufacturers and service providers, this unified, comprehensive approach to device management secures remote device access, communication between devices and user authorization requests. The DSF also defines secure firmware updates that expand device functionality and protects connected devices against malware or viruses. Applications and tools in the Device Security Framework feature:
Asynchronous Architecture
Component software solutions of Mocana’s DSF are asynchronous throughout. An asynchronous, event driven architecture makes possible the performance and scalability demanded by the latest class of IP connected devices supporting low-latency IP services, like VoIP and IP Video. Performance of Device Security Framework components is further enhanced by code which fully leverages the latest generation of multi-core processors and cryptographic hardware acceleration. Competing device security architectures are synchronous, which severely limits the number of cryptography jobs that can be offloaded to silicon at any one time. Synchronous architectures also severely limit the way that completed cryptography jobs can be propagated back up the stack. Mocana’s Device Security Framework features an asynchronous, event-driven architecture that allows cryptographic jobs to be easily offloaded to different CPU cores or silicon channels, fully enabling today’s multi-core processors and distributed “cloud” computing models.
Portability
Mocana’s Device Security Framework is extremely portable. It has been designed with simplicity and ease of integration in mind. All components of Mocana’s Device Security Framework leverage a common abstraction layer that has two integration axes, one for OS integration (abstraction), and the other for CPU integration. What this means is that if chips X, Y and Z are supported, along with OS #1... then a port to OS #2 will inherit support for chips X, Y and Z automatically just only modifying the OS abstraction axis. Conversely if OS #1, 2 and 3 are supported, along with chip X, then a port to chip Y will immediately inherit support for this chip on all three OS1s
by only modifying the CPU abstraction axis. This approach provides maximum coverage of OS and CPU combinations and maximum flexibility for device designers to make OS
and CPU decisions independent of Mocana’s Device Security Framework. The various components of Mocana’s Device Security Framework are available now on over 100 different silicon/OS combinations, and ports to new platforms can be completed in under two hours.
High Performance
The components of the Device Security Framework all feature an extremely low memory utilization per connected client, as well as a high-performance, zero-threaded
architecture. Components of the DSF are designed for easy integration with hardware accelerators, and are “multi-core aware” to take full advantage of the latest generation of multicore CPUs.
Ease of Use
Elements of the Device Security Framework are each and collectively highly portable, with no OS required. The DSF supports over 100 OS/CPU combinations and can be ported
to new environments at will in a matter of hours. DSF components are therefore CPU—and network-independent. Your developers don’t need to be crypto experts, either-
Mocana’s Device Security Framework shields your engineers from crypto complexity and automatically protects your designers from the most common security implementation
errors that can create security “holes” later. Finally, Mocana’s documentation is the best in the business. You won’t find a better documented, better supported device
security API anywhere else.
|
|