Hardening the smartphone at the kernel layer creates a purer and completely segmented system with multiple personas for both personal and business use.
Beavercreek, Ohio (PRWEB) October 24, 2017
Redwall Technologies, the leading ISV for multi-modal endpoint device security, today announced it has been granted patent number 9,514,300 from the United States Patent and Trademark Office for communications systems and methods for enhanced security across wireless devices. The patented nomenclature is for Redwall’s Trusted Execution Environment, or TEE, that operates as a security buffer between mobile device hardware and the mobile device application stack. TEE is a key component of Redwall Mobile® and secures smartphones and IoT devices below the application stack at the kernel layer.
“This patent is the culmination of years of research and collaboration with the U.S. Government and leading subject matter experts in mobile and government security, many of them within the Redwall organization,” said John Rosenstengel, president and CEO of Redwall Technologies. “We worked extensively with the government exploiting multiple vulnerabilities on a multitude of devices and found that even the most basic software-based attacks could penetrate them. It was a natural progression for our dev team to look at securing the device as close to the hardware layer as possible to eliminate the software-based attack, yet still provide all the device functionality needed for use in the field.”
Securing devices at the kernel, the intermediary code between device hardware and software, is a departure from many competing security tools that operate at the application layer using a “sandbox” methodology to isolate applications and data within the operating system. A secure sandbox, or container, is created where corporate (or government) data and apps reside, while personal data and apps remain intact and unchanged. This dual-persona smartphone security method allows one smartphone to be used for both personal and business use.
The issue with the container method is the data left in memory on the device that is still accessible in both sandbox and personal-use mode. In this instance, true app/data isolation is not achieved because of the memory leakage.
The Redwall Mobile® method of hardening the smartphone at the kernel layer creates a purer and completely segmented system with multiple personas for both personal and business use. Redwall Mobile® uses cryptographic keys to isolate data and apps for each persona so that when the user changes from one persona to the next, there is no data leakage to memory; it is removed when the user leaves that persona.
“Our experience with customers and the marketplace in general has led us towards the multi-modal persona direction,” said Redwall Chief Technology Office Eric Üner. “We typically find when onboarding a customer that they need five or more personas – several for both personal and business use. The days of dual-persona mobile security are fleeting.”
About Redwall Mobile®
More than just a container or simple switch between work and home profiles, Redwall Mobile® features multi-modal personas, each with its own unique apps, data, settings, and encryption keys. The multi-modal feature of Redwall Mobile® delivers a cleaner operating environment because it secures the device at the kernel layer, below the application stack. This security architecture allows Redwall to provide customers with any mode of persona that their security policy requires, whereby one BYOD user can have any number of device personas. Each persona can be built with its own securely isolated apps, data, settings, and authentication requirements that define which processes can access which system features, drivers, files, and networks.
With this unique approach, Redwall Mobile® puts client organizations in a more proactive posture limiting malicious user and virus activity by halting access to sensitive corporate (or personal) data below the application stack. Because Redwall operates below the application layer, it thwarts even highly-sophisticated kernel and driver exploits. Furthermore, Android devices hardened with Redwall are immune to threats like TowelRoot and KingRoot without the need for patches or updates of any kind, and will defend against future zero-day attacks without the need to push an update. No emergency patching is required in this set-and-forget mode of securing access to data and sensitive IP.
Because this technology is firmware-based, it can also be applied to IoT components such as medical instruments, smart appliances, SCADA devices, sensors, and other smart devices.
About Redwall Technologies, LLC
Redwall Technologies was founded in 2013 by a group of defense and intelligence practitioners who had a common desire to secure mobile points of intrusion into government datacenters. Rather than looking at signatures of viruses already in circulation, Redwall founders developed their product on the premise of what would keep us from hacking into a device? Redwall founders took to the offensive searching for a means to prevent their own “white-hat” hacker team from compromising a mobile device. This led to their development team building device-hardening tools for smartphones, tablets, and other connected devices such as those in SCADA, CANBus, and similar networks.
Redwall's unique, patented technology is typically installed at organizations whose users rely heavily on the highest levels of device performance and availability, while ensuring military-grade security. The prototypical Redwall Technology user is a first responder in a disaster zone or member of a military operations team engaging in matters of national security whose field communications require adapting to fast-changing environments and threat landscapes. For more information on Redwall Technologies, please visit http://www.redwall.us.