samsung knox tizen wearable v2 - seap tizen wearable intro... · - bt/wifi/nfc control and more ......
TRANSCRIPT
Samsung Knox Tizen Wearable v2.0
Introduction for app vendors
Sep. 2016
Samsung Electronics Co., Ltd.
What is Samsung Knox Tizen Wearable?
2
HARDWARE-BASED, BUILT-IN PLATFORM THAT EXISTS IN MOST SAMSUNG MOBILE DEVICES, OUT OF BOX
+ CUSTOMIZABILITY+ PRODUCTIVITY+ MANAGEABILITY+ SECURITY
TIZEN WEARABLE
ANDROIDSMARTPHONE
ANDROIDTABLET
What is Knox Tizen Wearable SDK? (1/2)
For the first time ever on a smart watch, the Knox Tizen Wearable SDK will be available to third-parties, enabling the development of Knox-enabled applications for Samsung’s wearable ecosystem
3
2015.Sep 2016.Sep
OS Ver. Tizen 2.3.1 Tizen 2.3.2
Knox Ver. Knox Tizen Wearable v1.0 Knox Tizen Wearable v2.0
Knox SDK N/AKnox Tizen
Wearable SDK v1.0
※ Gear S2 is planned for OS update to Tizen v2.3.2 and Knox Tizen v2.0 respectively
What is Knox Tizen Wearable SDK? (2/2)
Knox Tizen Wearable SDK enables developers to leverage the Knox Tizen APIs on Gear for enhanced features
4
Knox Tizen v1.0Tizen appDeveloper
Knox Tizen v2.0
Knox Tizen Wearable SDK v1.0
EMM Server
Knox APIs
Build
Build
DL, Install
DL, Install
Knox APIs
manage
Standalone or Companion: Apps integrated with Knox Wearable SDK can communicate directly with its server
Companion onlyPairing required
No Knox enhancement
Why Knox Tizen Wearable v2.0? (1) Directly manage Gear devices (1/2)
5
A. Directly managing Gear devices with EMM: Once the EMM agent is installed via deeplink, IT manager can use hundreds of APIs to manage Gear devices
Enterprise IT Manager
Employee Device
Directly manage
Device Management App Management
Enterprise Asset Protection Network Management
- Call/SMS/data management
- Mic/GPS/Ringtone control
- BT/WiFi/NFC control and more
- Install/Remove application
- Allow/Disallow app installation
- Start/Stop application and more
- Lock device
- Wipe device data
- Set password and more
- APN / WiFi configuration
- Firewall settings
- Roaming control and more
Why Knox Tizen Wearable v2.0? (1) Directly manage Gear devices (2/2)
6
B. Pushing apps into employee devices: Given Tizen doesn’t allow sideloading of an app onto the device, every app needs to be downloaded from the Tizen appstore. Knox Tizen Wearable supports Deeplink feature, enabling IT managers to easily distribute apps
Tizen WearableApp Store
SEAP* Siteseap.samsung.com
① Download SDK
③ get “Deeplink” for app
④ Pass Deeplink ⑤ Pass Deeplink via
1) SMS2) EMM console3) Knox Mobile Enrollment
⑥ Download appusing Deeplink
App Vendor EnterpriseIT Manager
EmployeeDevice
② Register app & check Yes to “Hide App”
* SEAP : Samsung Enterprise Alliance Program
Why Knox Tizen Wearable v2.0? (2) Build purpose-built appliances
The customization APIs in the SDK allow app vendors to tailor Gear devices to their unique needs
7
Lock Gear device to a single app
(Kiosk Mode)
HW Key Re-mapping
Settings Manager
Prevent from exiting out from the app by pressing the Home button
e.g. Long-press the Home button for device to open the app
Enables the app to turn on/off settings
e.g. App enforces to turn on GPS + B/T but off Mobile Data or Roaming
…
Why Knox Tizen Wearable v2.0? (3) Secure work data
Developers can build apps leveraging Knox platform to enhance security of the service offered to customers
8
SE for Tizen: Permission mgmt. for apps and data
Trusted Boot: Check if booting components have been tampered with
Kernel Protection: Real-time kernel monitoring and protection (default-on)
HW Root of Trust: Keys securely stored in TrustZone
Security hardening of Tizen, out-of-box Integrate Knox security feature to the app
Tizen app
Enhancement made using Knox Tizen Wearable SDK
TIMA* Attestation: Pings a device if it has properly loaded boot components and firmware. In other words, an app can check if the device has been tampered with.
Knox Tizen APIs
* TIMA : TrustZone-based Integrity Measurement Architecture
Access to Knox Tizen Wearable SDK
9
① Visit https://seap.samsung.com
② Enroll or Sign-in SEAP Samsung account
③ Click DEVELOP Tizen SDK Knox Tizen Wearable SDK
④ Click
①②
③One SDK
※ Beta ver. is available as of 5th sep, Commercial ver. will be released in Oct.
④
Licensing Scheme
10
Tizen StoreSEAP* Site
seap.samsung.com
① Download Knox Tizen Wearable SDK
App Vendor User Device
GSBN*
v3.samsunggsbn.comKnox License Servers
(A) ELM* License Key (B) KLM * License Key
④ Fetch License Key(A) or (A)+(B)
② Register App
③ DL app ⑤ Verify Knox license
Key Accessible Features Source Knox Product Price
(A) ELM Key Manage device/apps/network, Attestation SEAP N/A(platform-level features)
Free
(B) KLM Key Customization (Kiosk, HW-key remapping, …) GSBN Knox Customization Toolkit(works on Android and Tizen Wearable)
$3.00 / device
※ Please contact a Knox reseller or your Samsung counterpart to purchase a KLM license key
* one-time fee, Invoice Price
License request & generation
* SEAP : Samsung Enterprise Alliance Program* GSBN : Global Samsung Business Network
* ELM : Enterprise License Management* KLM : Knox License Management
11
To find out more information on Samsung Knox Tizen Wearable,
please visit: http://samsungknox.com
http://seap.samsung.com
Comparison against v1.0
13
NOIndirect control of Gear through a paired
Samsung Android
YESIn addition to paired mode, direct control of Gear
by an external server is available
Secure/Trusted boot,PKM*, SE for Tizen
v1.0 + RKP*, DM-verity*, Attestation
Individual DLfrom Tizen Store
A simple linkto easily download from Tizen Store
No Wearable SDK (W-MDM, 39 API)No Customization API
Knox Wearable SDKOne SDK : MDM+Customization+Attestation
STANDALONE
SDK
APP INSTALLATION
PLATFORM SECURITY
Knox Tizen Wearable v1.0 Knox Tizen Wearable v2.0
(300+ API) (28 API)
* PKM : Periodic Kernel Measurerment* RKP : Real-time Kernel Protection* DM-verity : Device-Mapper-verity
Comparison against Knox Android
APIs for Andoroid Smartphone/Tablet
14
Hardware Root of Trust
Trusted Boot
TIMA*
SE for Android
Knox Container
Hardware Root of Trust
Trusted Boot
TIMA*
SE for Tizen
SECURITY MANAGEABILITY/PRODUCTIVITY
Knox Android
Knox Tizen Wearable
1100+
300+
| Android Specialization: Google Account, S-Beam..
| Smart/Tab Specialization: Browser, E-mail, EAS*, Dual SIM, External Memory..
| Tizen Wearable Feature: Call/SMS/Data Management,BT/WiFi/NFC Control,Manage Application,ProKiosk Mode,System Manager..
Based on the same security platform architecture with Knox Android, Knox Tizen supports manageability to B2B customer by providing APIs to meet wearable use case.
APIs for Tizen WearableKnox ContainerX
* TIMA : TrustZone-based Integrity Measurement Architecture * EAS : Microsoft Exchange Active Sync
Key features
15
| Manage Apps
∙ Install/Remove application
∙ Allow/Disallow app installation
∙ Start/Stop application
| Manage Device
∙ Call/SMS/data management
∙ Mic/GPS/Ringtone control
∙ BT/WiFi/NFC control
| Manage Network
∙ APN /Wifi configuration
∙ Firewall
∙ Roaming control
| Enterprise Asset Protection
∙ Lock device
∙ Wipe data
∙ Set password| Settings Manager
∙ Hide/Show setting menu
∙ Bluetooth on/off
∙ GPS on/off
∙ Data Roaming on/off
∙ Mobile data on/off
∙ WiFi on/off
| ProKiosk Mode
∙ Enhanced Kiosk mode
∙ Set pass code
∙ Set home activity
∙ Hide notification messages
| System Manager
∙ H/W Key remapping
∙ Set Power Saving mode
∙ Bluetooth HID for Barcode scanner
| Enhanced Security
∙ Attestation
MDM features
Security features
Customization features