Abstract image of a woman sitting on books and studying on a laptop

Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World

C
Codiax

The document discusses hardware security in the connected world. It notes that with 25+ billion endpoints expected by 2020 and the rise of 5G, IoT, and AI, security is more important than ever as devices have increased attack surfaces. It advocates for a comprehensive security strategy including validated hardware and firmware, secure networks, and security management infrastructure. The importance of hardware-based security is discussed, noting that truly secure computing requires addressing security at the hardware, firmware/OS, and application layers. Samsung's Knox platform is highlighted as an example of building and maintaining trust from manufacturing through runtime with features like hardware root keys, verified boot, encryption, and real-time kernel protection.

Technology
1 of 17
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Hardware Security in Connected World Jakub Bartoszek Head of Solutions Architects, B2B Presales support Samsung R&D Institute Poland □
What is the Connected World?
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
The Fourth Industrial Revolution
Trends: Convergence & Risk Mobility is where these trends converge. At Samsung we are applying the lessons learned from the first wave of mobility to these evolutions. • Speed • Near-zero latency • Unknown, untrusted networks5G IoT AI • 25+ billion endpoints by 2020 • Increased attack surfaces • Different endpoints to support • Beyond personal digital assistants • Cognitive decision making • Do you trust the apps and the algorithms? • Tampering can have catastrophic downstream effects.
Every network-connected endpoint must be inherently secure. Mobile security has never been a more urgent concern than it is today.
Risk Mitigation
Risk Mitigation in Connected World Comprehensive security strategy • Validated, proven hardware • Validated, secure firmware • Secure transport/networks • Security management infrastructure: • Unified Endpoint Management • Mobile Threat Defense (AI is your friend) • Buy into an open-standards ecosystem (plug, play, swap as needed)
The Importance of hardware-based Security Truly secure computing must address all layers of your devices Hardware • Warranty Bit • Device Unique Root Key • Samsung Secure Boot Key Application Layer • Knox Workspace Container • Sensitive Data Protection (during runtime) • On Disk Encryption • SE Android • Client Certificate Management • Keystore Management • Device Attestation • Realtime Kernel Protection Firmware / Operating System • Firmware Rollback Prevention • Trusted and Verified Boot • Secure Boot
Knox Security: The long story of securing your world There are critical steps to ensure the integrity of any device. Hardware Root of Trust • Irretrievable device unique hardware keys are built in  only accessible via TrustZone Build Trust • Verifies all booting components using TrustZone • If compromised, Workspace container gets locked Maintain Trust • Prevent unauthorized Kernel access or code modification • Sensitive data are kept encrypted even after powered on • Verify the integrity of device security using EMM  Measurements guaranteed per device Building trust Manufacturing time Booting time Run time Maintaining trust
Why Real-time Protection It is critical to protect the device and its data while in use, as people do not power down devices often. • All data encrypted • Integrity check at boot-up • All data decrypted • No kernel protection • All data encrypted • Integrity check at boot-up • Personal data decrypted, but important work data stays encrypted  decrypted when Knox container is unlocked • The kernel is protected in run-time Power ON AOSP Samsung Knox Power OFF
Trusted by Experts and Government Bodies of Any Mobile Security Platform by Meets stringent government security standards worldwide including MDFPP of NIAP Most “Strong” Ratings Mobile Device Security: A Comparison of Platforms 2019
Securing the Next Mobile Economy
Intelligence into Security & Management
Introducing Knox Analytics “Adaptive” and “Automated” Security and Management for 5G / IoT
“Adaptive” and “Automated” Security and Management for 5G / IoT
Thank You Jakub Bartoszek j.bartoszek@samsung.com

More Related Content

PPTX
Building a Hacker Resistant Network
Sentry Global Technologies, LLC
 
PDF
2012 12-04 --ncc_group_-_mobile_threat_war_room
NCC Group
 
PPTX
Mobile device security using transient authentication
Paulo Martins
 
PDF
Maemo 6 Platform Security
Peter Schneider
 
PDF
What we learned from MISA Ontario 2020 Infosec
GENIANS, INC.
 
PDF
Genian NAC Overview
GENIANS, INC.
 
PDF
Operating System Support for Run-Time Security with a Trusted Execution Envir...
Javier González
 
PPTX
Security challenges in d2d communication by ajithkumar vyasarao
Cysinfo Cyber Security Community
 
Building a Hacker Resistant Network
Sentry Global Technologies, LLC
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
NCC Group
 
Mobile device security using transient authentication
Paulo Martins
 
Maemo 6 Platform Security
Peter Schneider
 
What we learned from MISA Ontario 2020 Infosec
GENIANS, INC.
 
Genian NAC Overview
GENIANS, INC.
 
Operating System Support for Run-Time Security with a Trusted Execution Envir...
Javier González
 
Security challenges in d2d communication by ajithkumar vyasarao
Cysinfo Cyber Security Community
 

What's hot (20)

PPT
Why Go Beyond Encryption
guest990c6c
 
PPTX
​Understanding the Internet of Things
David Strom
 
PPTX
Cincinnati window shade technology overview
rippea
 
PPTX
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
Digital Bond
 
PDF
Genian NAC Datasheet
GENIANS, INC.
 
PPT
Final project
rippea
 
PDF
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2
 
PPTX
UniQ-ID Identity and Access Management
Frans Bolk
 
PDF
Lecture 5 software to control network
Tanveer Malik
 
DOCX
kali linix
Mirza Baig
 
PDF
Track 5 session 2 - st dev con 2016 - security iot best practices
ST_World
 
PDF
z/OS Authorized Code Scanner
Luigi Perrone
 
PPTX
Security architecture design patterns iltam 2018 - ofer rivlin
Ofer Rivlin, CISSP
 
PDF
Preventing Stealthy Threats with Next Generation Endpoint Security
Intel IT Center
 
PPTX
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Jim Gilsinn
 
PPTX
TGT#10 - IAST (Short talk) - Eugene Nosenko
Trójmiejska Grupa Testerska
 
PDF
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
NCC Group
 
PDF
Panda Security - Endpoint Protection Plus
Panda Security
 
PDF
Blackhat USA Mobile Security Panel 2011
Tyler Shields
 
PPT
Understanding Technology Stakeholders
John Gilligan
 
Why Go Beyond Encryption
guest990c6c
 
​Understanding the Internet of Things
David Strom
 
Cincinnati window shade technology overview
rippea
 
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
Digital Bond
 
Genian NAC Datasheet
GENIANS, INC.
 
Final project
rippea
 
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2
 
UniQ-ID Identity and Access Management
Frans Bolk
 
Lecture 5 software to control network
Tanveer Malik
 
kali linix
Mirza Baig
 
Track 5 session 2 - st dev con 2016 - security iot best practices
ST_World
 
z/OS Authorized Code Scanner
Luigi Perrone
 
Security architecture design patterns iltam 2018 - ofer rivlin
Ofer Rivlin, CISSP
 
Preventing Stealthy Threats with Next Generation Endpoint Security
Intel IT Center
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Jim Gilsinn
 
TGT#10 - IAST (Short talk) - Eugene Nosenko
Trójmiejska Grupa Testerska
 
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
NCC Group
 
Panda Security - Endpoint Protection Plus
Panda Security
 
Blackhat USA Mobile Security Panel 2011
Tyler Shields
 
Understanding Technology Stakeholders
John Gilligan
 
Ad

Similar to Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World (20)

PDF
Samsung knox security_solution_v1_10_0
Javier Gonzalez
 
PDF
Samsung beyond basic android online 0
Javier Gonzalez
 
PDF
Android security maximized by samsung knox
Javier Gonzalez
 
PDF
Secure enterprise mobility
DATA SECURITY SOLUTIONS
 
PDF
Enterprise innovation in an ever-expanding mobile world
Samsung Business USA
 
PDF
The samsung knox platform 0
Javier Gonzalez
 
PDF
The Evolution of Mobile Security
Samsung Business USA
 
PDF
An overview of the samsung knox platform v1 14
Javier Gonzalez
 
PPTX
Automotive security (cvta)
Alan Tatourian
 
PPTX
Security for io t apr 29th mentor embedded hangout
mentoresd
 
PDF
The new era of mega trends securtity
Ahmed Sallam
 
PPTX
Will future vehicles be secure?
Alan Tatourian
 
PDF
Android Security Maximized by Samsung KNOX
Samsung Biz Mobile
 
PPTX
Hacking your Connected Car: What you need to know NOW
Kapil Kanugo
 
PDF
Mobile Security: How Secure Is Your Basement?
Samsung Business USA
 
PPTX
200:1 - Do You Trust Your Mobile Security Odds?
Blueboxer2014
 
PPT
Track f evolving trusted platforms - arm
chiportal
 
PDF
Mobile Security Qualcom mr. patrick tsie - qualcomm
Tien Hoang
 
PPTX
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Linaro
 
PDF
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
Linaro
 
Samsung knox security_solution_v1_10_0
Javier Gonzalez
 
Samsung beyond basic android online 0
Javier Gonzalez
 
Android security maximized by samsung knox
Javier Gonzalez
 
Secure enterprise mobility
DATA SECURITY SOLUTIONS
 
Enterprise innovation in an ever-expanding mobile world
Samsung Business USA
 
The samsung knox platform 0
Javier Gonzalez
 
The Evolution of Mobile Security
Samsung Business USA
 
An overview of the samsung knox platform v1 14
Javier Gonzalez
 
Automotive security (cvta)
Alan Tatourian
 
Security for io t apr 29th mentor embedded hangout
mentoresd
 
The new era of mega trends securtity
Ahmed Sallam
 
Will future vehicles be secure?
Alan Tatourian
 
Android Security Maximized by Samsung KNOX
Samsung Biz Mobile
 
Hacking your Connected Car: What you need to know NOW
Kapil Kanugo
 
Mobile Security: How Secure Is Your Basement?
Samsung Business USA
 
200:1 - Do You Trust Your Mobile Security Odds?
Blueboxer2014
 
Track f evolving trusted platforms - arm
chiportal
 
Mobile Security Qualcom mr. patrick tsie - qualcomm
Tien Hoang
 
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Linaro
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
Linaro
 
Ad

More from Codiax (20)

PDF
Dr. Laura Kerber (NASA’s Jet Propulsion Laboratory) – Exploring Caves on the ...
Codiax
 
PDF
Costas Voliotis (CodeWeTrust) – An AI-driven approach to source code evaluation
Codiax
 
PDF
Dr. Lobna Karoui (Fortune 500) – Disruption, empathy & Trust for sustainable ...
Codiax
 
PDF
Luka Postružin (Superbet) – ‘From zero to hero’ in early life customer segmen...
Codiax
 
PDF
Gema Parreno Piqueras (Apium Hub) – Videogames and Interactive Narrative Cont...
Codiax
 
PDF
Janos Puskas (Accenture) – Azure IoT Reference Architecture for enterprise Io...
Codiax
 
PDF
Adria Recasens, DeepMind – Multi-modal self-supervised learning from videos
Codiax
 
PDF
Roelof Pieters (Overstory) – Tackling Forest Fires and Deforestation with Sat...
Codiax
 
PDF
Javier Fuentes Alonso (Uizard) – Using machine learning to turn you into a de...
Codiax
 
PDF
Emeli Dral (Evidently AI) – Analyze it: production monitoring for machine lea...
Codiax
 
PDF
Matthias Feys (ML6) – Bias in ML: A Technical Intro
Codiax
 
PDF
Christophe Tallec, Hello Tomorrow – Solving our next decade challenges throug...
Codiax
 
PDF
Sean Holden (University of Cambridge) - Proving Theorems_ Still A Major Test ...
Codiax
 
PDF
Olga Afanasjeva (GoodAI) - Towards general artificial intelligence for common...
Codiax
 
PDF
Maciej Marek (Philip Morris International) - The Tools of The Trade
Codiax
 
PDF
Joanna Bryson (University of Bath) - Intelligence by Design_ Systems engineer...
Codiax
 
PDF
Jakub Langr (University of Oxford) - Overview of Generative Adversarial Netwo...
Codiax
 
PDF
Jair Ribeiro - Defining a Successful Artificial Intelligence Strategy for you...
Codiax
 
PDF
Cindy Spelt (Zoom In Zoom Out) - How to beat the face recognition challenges?
Codiax
 
PDF
Alexey Borisenko (Cisco) - Creating IoT solution using LoRaWAN Network Server
Codiax
 
Dr. Laura Kerber (NASA’s Jet Propulsion Laboratory) – Exploring Caves on the ...
Codiax
 
Costas Voliotis (CodeWeTrust) – An AI-driven approach to source code evaluation
Codiax
 
Dr. Lobna Karoui (Fortune 500) – Disruption, empathy & Trust for sustainable ...
Codiax
 
Luka Postružin (Superbet) – ‘From zero to hero’ in early life customer segmen...
Codiax
 
Gema Parreno Piqueras (Apium Hub) – Videogames and Interactive Narrative Cont...
Codiax
 
Janos Puskas (Accenture) – Azure IoT Reference Architecture for enterprise Io...
Codiax
 
Adria Recasens, DeepMind – Multi-modal self-supervised learning from videos
Codiax
 
Roelof Pieters (Overstory) – Tackling Forest Fires and Deforestation with Sat...
Codiax
 
Javier Fuentes Alonso (Uizard) – Using machine learning to turn you into a de...
Codiax
 
Emeli Dral (Evidently AI) – Analyze it: production monitoring for machine lea...
Codiax
 
Matthias Feys (ML6) – Bias in ML: A Technical Intro
Codiax
 
Christophe Tallec, Hello Tomorrow – Solving our next decade challenges throug...
Codiax
 
Sean Holden (University of Cambridge) - Proving Theorems_ Still A Major Test ...
Codiax
 
Olga Afanasjeva (GoodAI) - Towards general artificial intelligence for common...
Codiax
 
Maciej Marek (Philip Morris International) - The Tools of The Trade
Codiax
 
Joanna Bryson (University of Bath) - Intelligence by Design_ Systems engineer...
Codiax
 
Jakub Langr (University of Oxford) - Overview of Generative Adversarial Netwo...
Codiax
 
Jair Ribeiro - Defining a Successful Artificial Intelligence Strategy for you...
Codiax
 
Cindy Spelt (Zoom In Zoom Out) - How to beat the face recognition challenges?
Codiax
 
Alexey Borisenko (Cisco) - Creating IoT solution using LoRaWAN Network Server
Codiax
 

Recently uploaded (20)

PPTX
GROUP4NURSINGINFORMATICSREPORT-2 PRESENTATION
ClarisejaneSartillo1
 
PPTX
Microsoft User Copilot Training Slide Deck
zohoron1
 
PPTX
Internet of Everything -Basic concepts details
sendilkumar66
 
PDF
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
PDF
LMS bot: enhanced learning management systems for improved student learning e...
IAESIJAI
 
PDF
Introduction to MCP and A2A Protocols: Enabling Agent Communication
Maxim Salnikov
 
PDF
Improvisation in detection of pomegranate leaf disease using transfer learni...
IAESIJAI
 
PDF
Co-training pseudo-labeling for text classification with support vector machi...
IAESIJAI
 
PDF
The-Future-of-Automotive-Quality-is-Here-AI-Driven-Engineering.pdf
Kalilur Rahman
 
PDF
Planning-an-Audit-A-How-To-Guide-Checklist-WP.pdf
DROK2
 
PDF
AI.gov: A Trojan Horse in the Age of Artificial Intelligence
Michael Weaver
 
PDF
EIS-Webinar-Regulated-Industries-2025-08.pdf
Earley Information Science
 
PDF
Comparative analysis of machine learning models for fake news detection in so...
IAESIJAI
 
PDF
Accessing-Finance-in-Jordan-MENA 2024 2025.pdf
Mustafa Kuğu
 
PDF
Transform-Your-Streaming-Platform-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
PDF
5-Ways-AI-is-Revolutionizing-Telecom-Quality-Engineering.pdf
Kalilur Rahman
 
PDF
A symptom-driven medical diagnosis support model based on machine learning te...
IAESIJAI
 
PDF
Early detection and classification of bone marrow changes in lumbar vertebrae...
IAESIJAI
 
PDF
Lung cancer patients survival prediction using outlier detection and optimize...
IAESIJAI
 
PPTX
agenticai-neweraofintelligence-250529192801-1b5e6870.pptx
sakibulsmccpg
 
GROUP4NURSINGINFORMATICSREPORT-2 PRESENTATION
ClarisejaneSartillo1
 
Microsoft User Copilot Training Slide Deck
zohoron1
 
Internet of Everything -Basic concepts details
sendilkumar66
 
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
LMS bot: enhanced learning management systems for improved student learning e...
IAESIJAI
 
Introduction to MCP and A2A Protocols: Enabling Agent Communication
Maxim Salnikov
 
Improvisation in detection of pomegranate leaf disease using transfer learni...
IAESIJAI
 
Co-training pseudo-labeling for text classification with support vector machi...
IAESIJAI
 
The-Future-of-Automotive-Quality-is-Here-AI-Driven-Engineering.pdf
Kalilur Rahman
 
Planning-an-Audit-A-How-To-Guide-Checklist-WP.pdf
DROK2
 
AI.gov: A Trojan Horse in the Age of Artificial Intelligence
Michael Weaver
 
EIS-Webinar-Regulated-Industries-2025-08.pdf
Earley Information Science
 
Comparative analysis of machine learning models for fake news detection in so...
IAESIJAI
 
Accessing-Finance-in-Jordan-MENA 2024 2025.pdf
Mustafa Kuğu
 
Transform-Your-Streaming-Platform-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
5-Ways-AI-is-Revolutionizing-Telecom-Quality-Engineering.pdf
Kalilur Rahman
 
A symptom-driven medical diagnosis support model based on machine learning te...
IAESIJAI
 
Early detection and classification of bone marrow changes in lumbar vertebrae...
IAESIJAI
 
Lung cancer patients survival prediction using outlier detection and optimize...
IAESIJAI
 
agenticai-neweraofintelligence-250529192801-1b5e6870.pptx
sakibulsmccpg
 

Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World

  • 1. Hardware Security in Connected World Jakub Bartoszek Head of Solutions Architects, B2B Presales support Samsung R&D Institute Poland □
  • 2. What is the Connected World?
  • 5. Trends: Convergence & Risk Mobility is where these trends converge. At Samsung we are applying the lessons learned from the first wave of mobility to these evolutions. • Speed • Near-zero latency • Unknown, untrusted networks5G IoT AI • 25+ billion endpoints by 2020 • Increased attack surfaces • Different endpoints to support • Beyond personal digital assistants • Cognitive decision making • Do you trust the apps and the algorithms? • Tampering can have catastrophic downstream effects.
  • 6. Every network-connected endpoint must be inherently secure. Mobile security has never been a more urgent concern than it is today.
  • 8. Risk Mitigation in Connected World Comprehensive security strategy • Validated, proven hardware • Validated, secure firmware • Secure transport/networks • Security management infrastructure: • Unified Endpoint Management • Mobile Threat Defense (AI is your friend) • Buy into an open-standards ecosystem (plug, play, swap as needed)
  • 9. The Importance of hardware-based Security Truly secure computing must address all layers of your devices Hardware • Warranty Bit • Device Unique Root Key • Samsung Secure Boot Key Application Layer • Knox Workspace Container • Sensitive Data Protection (during runtime) • On Disk Encryption • SE Android • Client Certificate Management • Keystore Management • Device Attestation • Realtime Kernel Protection Firmware / Operating System • Firmware Rollback Prevention • Trusted and Verified Boot • Secure Boot
  • 10. Knox Security: The long story of securing your world There are critical steps to ensure the integrity of any device. Hardware Root of Trust • Irretrievable device unique hardware keys are built in  only accessible via TrustZone Build Trust • Verifies all booting components using TrustZone • If compromised, Workspace container gets locked Maintain Trust • Prevent unauthorized Kernel access or code modification • Sensitive data are kept encrypted even after powered on • Verify the integrity of device security using EMM  Measurements guaranteed per device Building trust Manufacturing time Booting time Run time Maintaining trust
  • 11. Why Real-time Protection It is critical to protect the device and its data while in use, as people do not power down devices often. • All data encrypted • Integrity check at boot-up • All data decrypted • No kernel protection • All data encrypted • Integrity check at boot-up • Personal data decrypted, but important work data stays encrypted  decrypted when Knox container is unlocked • The kernel is protected in run-time Power ON AOSP Samsung Knox Power OFF
  • 12. Trusted by Experts and Government Bodies of Any Mobile Security Platform by Meets stringent government security standards worldwide including MDFPP of NIAP Most “Strong” Ratings Mobile Device Security: A Comparison of Platforms 2019
  • 13. Securing the Next Mobile Economy
  • 15. Introducing Knox Analytics “Adaptive” and “Automated” Security and Management for 5G / IoT
  • 16. “Adaptive” and “Automated” Security and Management for 5G / IoT