Mocana’s Device Security Framework is an extensible software framework that secures all aspects of device data and enterprise communications, for any connected device. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. Device Security Framework also applies to Government regulations and many of Mocana's products, such as DSF for Android, NanoSSH, NanoSSL and NanoSec, feature FIPS validated cryptography.

The Device Security Framework includes device-resident security software as well as security capabilities delivered across the network. The device-resident software is embedded into devices at the time of manufacture and (optionally) interfaces with the operating system, the CPU, any available cryptographic accelerator and provides modular support for different open-standards-based device security protocols.

The Device Security Framework provides a common architecture for all of Mocana’s solutions to carry out the following functions:

Secure remote access to/for devices
Secure data communications between devices
Device identity management
Leveraging multi-core processors & crypto accelerators
Authentication of devices/applications to the network
Secure support for wired and wireless networks
Simplified key management
Advanced connection handling
Use of 3rd-party validated crypto libraries

Untitled Document

Supported processor platforms:

Awards and Certifications

Nominations
2010 Spiffy Awards Nominee

DSF (Device Security Framework) Features & Benefits

By applying Mocana’s Device Security Framework, your solutions minimize memory footprint, maximize cryptographic throughput and stay extremely portable. Designed for device manufacturers and service providers, this unified, comprehensive approach to device management secures remote device access, communication between devices and user authorization requests. The DSF also defines secure firmware updates that expand device functionality and protects connected devices against malware or viruses. Applications and tools in the Device Security Framework feature:

Asynchronous Architecture
Component software solutions of Mocana’s DSF are asynchronous throughout. An asynchronous, event driven architecture makes possible the performance and scalability demanded by the latest class of IP connected devices supporting low-latency IP services, like VoIP and IP Video. Performance of Device Security Framework components is further enhanced by code which fully leverages the latest generation of multi-core processors and cryptographic hardware acceleration. Competing device security architectures are synchronous, which severely limits the number of cryptography jobs that can be offloaded to silicon at any one time. Synchronous architectures also severely limit the way that completed cryptography jobs can be propagated back up the stack. Mocana’s Device Security Framework features an asynchronous, event-driven architecture that allows cryptographic jobs to be easily offloaded to different CPU cores or silicon channels, fully enabling today’s multi-core processors and distributed “cloud” computing models.

Portability
Mocana’s Device Security Framework is extremely portable. It has been designed with simplicity and ease of integration in mind. All components of Mocana’s Device Security Framework leverage a common abstraction layer that has two integration axes, one for OS integration (abstraction), and the other for CPU integration. What this means is that if chips X, Y and Z are supported, along with OS #1... then a port to OS #2 will inherit support for chips X, Y and Z automatically just only modifying the OS abstraction axis. Conversely if OS #1, 2 and 3 are supported, along with chip X, then a port to chip Y will immediately inherit support for this chip on all three OS1s by only modifying the CPU abstraction axis. This approach provides maximum coverage of OS and CPU combinations and maximum flexibility for device designers to make OS and CPU decisions independent of Mocana’s Device Security Framework. The various components of Mocana’s Device Security Framework are available now on over 100 different silicon/OS combinations, and ports to new platforms can be completed in under two hours.

High Performance
The components of the Device Security Framework all feature an extremely low memory utilization per connected client, as well as a high-performance, zero-threaded architecture. Components of the DSF are designed for easy integration with hardware accelerators, and are “multi-core aware” to take full advantage of the latest generation of multicore CPUs.

Ease of Use
Elements of the Device Security Framework are each and collectively highly portable, with no OS required. The DSF supports over 100 OS/CPU combinations and can be ported to new environments at will in a matter of hours. DSF components are therefore CPU—and network-independent. Your developers don’t need to be crypto experts, either- Mocana’s Device Security Framework shields your engineers from crypto complexity and automatically protects your designers from the most common security implementation errors that can create security “holes” later. Finally, Mocana’s documentation is the best in the business. You won’t find a better documented, better supported device security API anywhere else.
Untitled Document

Supported processor platforms:

Awards and Certifications

Nominations
2010 Spiffy Awards Nominee

DSF (Device Security Framework) Components

Mocana products included in the Device Security Framework include (among others):

DSF for Android™: Provides essential security features for Google’s revolutionary open mobile platform, helps developers manage their memory footprint, maximize secure application throughput and still stay extremely portable.

DSF for Freescale™: To ensure wired and wireless devices, networks and services perform and scale with the utmost security Freescale and Mocana developed the Device Security Framework (DSF) Software for Freescale PowerQUICC® encryption-enabled processors.

NanoCert™: Mocana NanoCert has implemented the SCEP protocol developing an Embedded Certificate Management Server and an Embedded Certificate Management Client.

NanoCrypto™: Mocana NanoCrypto is a sophisticated, government-certified cryptographic engine purpose built for difficult and resource-constrained embedded systems environments.

NanoDefender™: Advanced malware protection without the possibility of false positives. Instead of relying on an attack database for defense, Mocana NanoDefender tracks the function flow within an application.

NanoSEC™: Designed from the ground up for use with IP connected devices, it also includes support for IKEv2. IPsec is a standard for securing (IP) Internet Protocol communications by encrypting and/or authenticating all packets at the network layer.

NanoSSH™: Designed for logging into and executing commands on a networked computer and provides secure encrypted communications between two untrusted hosts over an insecure network. The SSH Client is used to connect into an SSH Server.

NanoSSL™: Provides endpoint authentication, protecting against eavesdropping, message forgery and interference. The Client initiates connection to the Server. Both are commonly used for securing remote device management via a web browser.

NanoVOIP™: Mocana’s NanoVOIP Developers’ Suite is a comprehensive security solution for application developers and device designers trying to build secure VOIP products.

NanoWireless™: Provides all the functions necessary to create an 802.11i-compliant station management entity (SME). Uniquely architected with an asynchronous core to fully leverage hardware acceleration, is portable and has a small footprint. Untitled Document

Supported processor platforms:

Awards and Certifications

Nominations
2010 Spiffy Awards Nominee