The Mil & Aero Blog
Wednesday, September 28, 2011
  One phone to rule them all - robust data isolation for two personas on a single mobile device
By Ernesto Burden

We have entered an age where two trends are running smack into each other in increasingly painful ways - the blending of personal and professional lives on our devices, and an era of highly public hacking. In the age of WikiLeaks, an age when government leaders' (and high profile political candidates') private communications and official correspondences have been hacked and exposed on front pages of Web sites, data security on mobile devices is increasingly crucial. At the same time, we've come to expect our mobile devices to be all things, professional and personal.

Do you carry more than one mobile device - phones, tablets, etc.? When we travel for business, many of us do. This may be partly for convenience, partly for security. And while corporate data security is deeply important - what about the security of sensitive government and military data? That's life and death. Do commanders want troops in the field checking Facebook or sending personal email on the same mobile devices they are using for sensitive operations. Not likely. So to insure data isolation between the persona persona and the IT-managed persona, you end up with two phones, two tablets, two laptops, etc.

Imagine that hardware bloat expanded across, say, a whole army. At the Embedded Systems Conference in Boston on Tuesday I chatted with Brad Jackson, a senior field applications engineer at Green Hills Software, about their Integrity Multivisor platform, for which they've just rolled out updates that add support for "the latest versions of Android and other mobile operating systems." Jackson describes the system as, "software separation as secure as hardware separation."

In the example we discussed, one might install two instances of the Android operating system on top of Green Hills' INTEGRITY Multivisor mobile hypervisor, which installs directly to the hardware. One of the Android installs is for the "sensitive network" with key management, crypto and authentication applications, the other is for the "quality-of-life" network, where you might email your kids and check Twitter - "multimedia, social and Internet apps."

Anyone whose work takes him away from home and family, even for short stretches of time like days or weeks, knows how important it is to be able to maintain that connection to home. This must be infinitely more true for people who must be away for months or even years. Mobile devices and the social tools they enable are powerful ways to stay connected. It's not just a convenience; but a vital way to stay connected. "Warfighters expect to be able to email their loved ones back home," Jackson told me. Business, government and military leaders seem to be conceding to this expectation.

For warfighters, eliminating the need for multiple devices in the field for secure and non-secure data has size, weight and power (SWaP) implications, as well as cost benefits.

For business travelers, it may someday mean fewer devices and cables in the laptop bag and a faster trip through airport security. And for politicians, maybe it means one less embarrassing picture, tweet or email message offered up for scandal, scorn and joke fodder for late night talk show hosts.

Ernesto Burden is the publisher of Military & Aerospace Electronics and Avionics Intelligence. He can be reached at ernestob@pennwell.com and on Twitter @ aero_ernesto.
 
Comments:
Your blog somehow suggested that I should put my laptop in a separate bag when I fly. The big bag goes in the bin. A small bag would go under my feet with laptop, reading material, and a pencil for sudoku.
 
Post a Comment

Subscribe to Post Comments [Atom]





<< Home
The MAE editorial staff uses the Military Aerospace and Electronics Blog to share ...

Archives
November 2007 / December 2007 / January 2008 / February 2008 / March 2008 / April 2008 / May 2008 / June 2008 / July 2008 / August 2008 / September 2008 / October 2008 / November 2008 / December 2008 / January 2009 / February 2009 / March 2009 / April 2009 / May 2009 / June 2009 / July 2009 / August 2009 / September 2009 / October 2009 / November 2009 / December 2009 / January 2010 / February 2010 / March 2010 / April 2010 / May 2010 / June 2010 / July 2010 / August 2010 / September 2010 / October 2010 / November 2010 / December 2010 / January 2011 / February 2011 / March 2011 / April 2011 / May 2011 / June 2011 / July 2011 / August 2011 / September 2011 / October 2011 / November 2011 / December 2011 /


Powered by Blogger

Subscribe to
Posts [Atom]