Skip to content

Latest commit

 

History

History
268 lines (261 loc) · 13.6 KB

README.md

File metadata and controls

268 lines (261 loc) · 13.6 KB

Mobile Application Management (MAM) Security Checklist

The following checklist is intended to be used as a baseline for assessing, designing, and testing the security of a MAM solution and is thus aptly suited to assist three major stakeholders in the BYOD space: buyers, builders, and breakers. This list was constructed from our experience and research assessing a variety of MAM solutions in the marketplace today. This research was presented at Blackhat USA 2014 and the slides can be downloaded here and the published whitepaper can be downloaded here. This should not be considered an exhaustive list, but rather a compilation of major test cases that can be used to determine the security posture of a MAM solution. As always, contributions/recommendations from the community are welcome in an effort to further expand this checklist. It should be noted that several of the test cases require significant reverse engineering and advanced mobile application testing skills. Therefore, it is recommended that organizations consult skilled security professionals to perform/verify the test cases.

Implementation of MAM Secure Container Authentication
1 Stored encrypted data should be protected using key material that is only accessible upon successful offline or online authentication
2 Online authentication should aim to retrieve the key material from the MAM admin server. This provides the ability to enforce passcode lockout attempts
3 Online key material or any Content Encryption Key (CEK) derived from the online key material should never persist on the disk
4 If the policy is configured to only allow online authentication, the MAM agents or managed apps should not be susceptible to any offline attacks due to storing offline authentication hashes
5 Key material must be deleted from memory upon entering an unauthenticated state (server initiated application lock, session timeouts, sign off, etc.)
6 Incorrect passcode attempts beyond the configured threshold should result in the deletion of all device key material and stored application data
7 Strict incorrect passcode attempts policy should be configured by default
8 Offline authentication must utilize a strong key derivation function (e.g. PBKDF2) that is configured with sufficient work factor (e.g. 20,000 minimum) to generate the Key Encryption Key (KEK). The work factor should be increased over time to account for hardware advancements
9 Ensure a secure random salt of sufficient length is used by the key derivation function to prevent attacks involving pre-computed keys
10 Offline authentication passcode should not be the same password as the employee's primary Active Directory or SSO password
11 Offline passcode complexity policies should be sufficiently strong in order to mitigate offline passcode brute force attempts (Minimum of five characters with numbers and special characters recommended)
12 The key derivation routines used for offline passcode validation and symmetric key derivation should be the same. A malicious user should not be able to perform a faster brute force on one routine over the other
13 MAM agent and wrapped applications should have a reasonably short session timeout in order to force the user to re-authenticate
14 Validate that the offline/online authentication routines within the wrapped applications match that of the MAM agent
15 If MAM server authentication tokens and/or client certificates must be stored, they should be encrypted using the CEK and made available to the application only after the user successfully enters their passcode
16 If an application requires online access to function, the organization should consider enforcing online authentication policies for the application
Implementation of MAM Secure Container Cryptography
17 Identify the secure random number generator library and routine used throughout the solution and ensure it is not vulnerable to known issues
18 Validate that the cryptography used to protect any sensitive data is utilizing FIPS compliant library (if solution claims they are FIPS compliant)
19 The solution should not utilize an insecure mode of encryption
20 Solution should utilize secure random IV/nonce of sufficient length when encrypting data. IVs and nonces should not be derived from deterministic data and must never be reused
21 Ensure encrypted data stored is not susceptible to tampering by performing an HMAC of the ciphertext and validating the value prior to decryption
22 Beware of using string objects to hold sensitive binary data (Cryptographic Keys, IVs, Salts) as it could lead to unexpected charset encoding and a loss of entropy
23 The solution should avoid utilizing database encryption solutions such as SQLCipher to encrypt/decrypt application data as it will cause the symmetric key to be stored as a string
24 The solution should avoid storing passcode or cryptography keys on the heap as it will cause the key to persist in memory for an extended period of time. The data will only be removed from memory once the garbage collection is performed.
25 Verify third party cryptography library is not out of date and susceptible to any vulnerabilities that apply to the MAM solution
Completeness of MAM Wrapping
26 Verify that common APIs that persist data on the file system will be adequately wrapped and encrypted by the solution. The recommended way to perform file system wrapping is by hooking system calls in order to ensure coverage across APIs provided by higher level code.
27 If the solution claims to be FIPS compliant, ensure that the FIPS compliant library is used consistently across the solution to protect enterprise data.
28 Wrapped application should not be utilizing device level data protection as the primary form of encryption since it requires a passcode being set on the device
29 If data written to external storage undergoes path based analysis in order to determine if the file should be encrypted, the solution must take symbolic links into consideration. Android devices contain several symbolic links to the external storage that may not be taken into consideration by the solution
30 Ensure data stored within Webviews are adequately wrapped and data will be encrypted by the solution (HTML5 storage, Cached Pages, Cookies, etc)
31 Custom URL schemes rendered within Webviews (e.g. tel, mailto, sms, etc.) should contain security controls to prevent leakage (e.g. telephone numbers, email addresses, etc.) to unmanaged applications
32 Verify that native or low level APIs (NDK, C functions) are also wrapped and data will be encrypted by the solution
33 Files opened by a wrapped application should not lead to unencrypted storage of cached documents
34 Cached HTTP response data should not be written to the file system unencrypted
35 Persistent HTTP cookies should not be written to the file system unencrypted
36 Data written to the system pasteboard by a wrapped application should be encrypted
37 Data written using cloud based APIs should be encrypted (iCloud, Backup API, etc)
38 Snapshot Caching when sending applications to the background should be actively prevented within wrapped applications
39 Verify that notifications from any wrapped applications do not appear on the home screen. This includes unencrypted filenames, sensitive app data, etc.
40 Filenames should be encrypted by the applications
41 Files opened by a wrapped applications (Open-in) should remove any plaintext copies made into its application container
42 Any application APis that rely on device level policies (e.g. iOS Keychain) should not be used to store sensitive data within the MAM agent or wrapped applications
43 The wrapping solution should be able to handle language specific introspection/reflection if used on a wrapped API
44 The MAM agent should try to encrypt all data except values that would be required prior to authentication.
45 Solution should restrict wrapped apps from sending data to other systems via exposed system APIs (e.g. AirDrop APIs)
Implementation of the MAM Inter-Process Communication
46 IPC entry points within the MAM agents and wrapped applications should validate the calling application to ensure it is trusted
47 IPC messages should not be susceptible to forgery by third party applications
48 Data passed through IPC between the MAM agent and wrapped applications should not be readable by third party applications
49 Verify how keys are exchanged or generated within managed/wrapped apps if encryption is performed (e.g. URL Schemes, Content Providers, Intents, etc.). The key exchange process should contain authorization checks to ensure it cannot be invoked or sniffed by third party applications
Effectiveness of Client Side Security Controls
50 Security policies sent from the MAM server to the MAM mobile agent should be digitally signed to prevent trivial modification over the network by a malicious user
51 Security policies should not be stored in plaintext on the device to prevent trivial modification by a malicious user
52 Solution should provide restrictions on any IPC calls wrapped apps can make into an unmanaged application
53 Solution should incorporate obfuscation of client-side code to increase the difficulty in reverse engineering.
54 Jailbreak/Root detection should not be susceptible to trivial bypasses. For example, using the xCon Cydia application or by simply writing a hook for a “isJailbroken” method. It is recommended that jailbreak detection be written in low level code and placed inline across various methods in the application.
Effectiveness of Remote Lock and Wipes
55 Server invoked data wipes should cause all data to be removed from the MAM Agent (This includes encrypted documents, encrypted key material, offline passcode validation data, etc)
56 Server invoked data wipes should cause all data to be removed from the Wrapped Applications (This includes encrypted documents, encrypted key material, offline passcode validation data, etc)
57 Server invoked security commands should be invoked on the device immediately. The user should not need to interact with the application in order to invoke a polling request

License

Creative Commons License
MAM Security Checklist by Gotham Digital Science is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.