Pocket PC Magazine, November '03
Page 13
Fig. 1 (above): LockBox provides a single, secure repository for credit cards, bank accounts, passwords, and other sensitive information.
Backing up
One aspect of security policy is so important that it gets its own section. Ironically, this aspect is also the most often overlooked, but don't make that mistake with your PDAs or you will indeed be sorry. I'm talking about data backups. Backing up data on a device might not sound like it belongs in the security policy, but it does—under what is typically referred to as the service availability assurance section.
PDAs are at a much greater risk of data loss than traditional desktop systems because they have no hard disks. Data is stored in a form of volatile memory that does not get cleared across resets or suspends because battery power is kept flowing through the memory at all times. The one exception to this is a hard reset, which interrupts power to the PDA's main memory and wipes everything except system files clean. The data lost would include any third-party software you had installed, all data stored on the device, any customized settings, the network configuration, and much more.
What's worse, most devices allow hard resets to be performed without any authentication. This is why most security policies should require a full backup of the device every seven to thirty days.
It is important to realize that backing up your Pocket PC requires more than just ActiveSyncing all applications. Many Pocket PC devices have a built-in backup program in the Programs pane under the Start menu usually called "Backup" or "SD Backup." If your device does not have a built-in solution, SunnySoft, Inc. provides a good low-cost solution called Backup Manager (www.sunnysoft.cz/en_clanek.php?clanekid=51) (see Fig. 2).
Fig. 2 (above): Using a backup application like Backup Manager is the only way to guarantee that you will be able to recover your valuable data after a security incident.
ActiveSync is a great way to avoid lots of data entry into your Pocket PC, but it lacks the basic security mechanisms needed to operate safely over the Internet. This is why you should only use ActiveSync over a serial or USB connection to your desktop. Do not synchronize your device with your desktop over an Internet connection if security is important to you. The only way to possibly get around this is to use ActiveSync over a VPN connection, such as the one provided by Microsoft's PPTP. But even with encryption, I don't recommend it.
Keeping out intruders
What about protecting the device from theft or prying styluses? Some of the newer iPAQs have biometric fingerprinting. By setting the device to respond to your fingerprint only, someone who steals the device will need to hard reset the device in order to use it, ensuring that he or she will never access any sensitive data stored in memory. Biometrics aren't perfect, and will not protect your data from a sophisticated attacker who is prepared to disassemble the device to get at the data, but it should stop a nosy co-worker. Combining encryption with biometrics should allow you to leave your device in most environments without having to worry about any of the data on the device.
Without biometrics to protect physical access, the Pocket PC has a standard password lock feature. This can be accessed through the Settings screen under the Start menu. By clicking the password icon, you can set a required password which must be entered before the device can be used (Fig. 3). This is a useful feature but it has a number of drawbacks. For one, the password lock doesn't turn on automatically after the device suspends. Instead, it locks after a certain number of minutes of inactivity, the default being 60 minutes. This is much too long a period of inactivity and provides a good chance of someone getting ahold of the device long before the password lock even turns on. Another issue is the choice between a four-digit or alphanumeric password. The four-digit password allows for only 10,000 combinations and may discourage your children but won't stop a sufficiently motivated attacker. The alphanumeric password is still stronger, but can also be "brute forced" using software over an ActiveSync connection. The bottom line: Use the password feature, but don't rely on it too much.
Fig. 3 (above): Be sure to use a strong password. Note that the idle time has been set to 5 minutes; the default setting of 1 hour is far too lax.
Some Pocket PC OEMs have introduced anti-brute forcing features into their recent Pocket PCs. This includes a login delay of five or more minutes after three failed password entries. Disappointingly, these features do not come standard with either Pocket PC 2002 or Windows Mobile 2003. Microsoft should add this feature to the core Pocket PC OS rather than relying on OEMs.
Consider installing an intrusion prevention solution on your device. Intrusion prevention solutions monitor external and internal communications and stop anything that might be an attack. It is especially important to install this kind of software if you regularly visit Web site provided by a search engine, or go online over an unencrypted Wi-Fi network. The MobileGuard intrusion prevention system from MobileSecure will protect your Pocket PC device from unwanted attacks and intrusions (Fig. 4.).
Fig. 4 (above): Use MobileGuard to protect your device from hackers, Trojan horses, and viruses.
In conclusion, the security risks surrounding Pocket PCs are significant, but in each case a workable solution exists. Individuals and corporations can leverage the great benefits of these devices while not exposing themselves to any additional security risk beyond what exists for traditional desktop systems.
* * *
Josh Daymont is the CTO for MobileSecure, the world's leading provider of information security solutions for mobile devices. Josh has worked for a number of security companies previous to MobileSecure in roles spanning in-house research to consulting management to product management. His work and information security research has been widely publicized and has led to the closure of numerous Internet-wide security vulnerabilities. Josh can be reached at joshd@mobile-secure.com.
Mobile Access Control with a Pocket PC
A Facility Entrance System
by Ramzi Labban
A staggering task
As a senior systems analyst for a major construction company, I am often involved with mega-projects such as gas and oil plants and pipelines, large resort complexes, bridges, and highways. During one such project, which totaled a few hundred million dollars, we were called upon to solve a major access control problem that arose on the construction site of a large hotel/resort complex in Egypt.
Access control can become a very taxing experience when it involves the entry or exit of approximately eight thousand construction workers through four gates inside of fifteen minutes. Add to it that on a weekly basis the gates to be controlled move along the perimeter of the construction area based on construction activity and logistics. Each person coming in had to be identified, checked against a list of personae non gratae, and his or her time of entry recorded for payroll purposes. Workers exiting the area at end of working hours also had to be processed for time of exit. The same entry/exit routine was also done during the lunch break and any other time a worker/staff member needed to enter or exit the control area. And, if that were not enough, the turnover of workers was very high—between 50 and 100 workers were fired, released, or hired on a daily basis.
In trying to carry out all those tasks manually, a lot of problems arose. Bad handwriting on the forms where in/out data was recorded were the least of concerns. Workers who were previously fired would try to sneak in with malicious intent, and there was no realistic way of catching them. Time of entry and exit for each worker was not recorded properly, which meant that workers often got overpaid for time not actually spent on the construction site. It took too long to process all the workers rushing in at the same time, which led to a lot of workers being marked as late when actually they had been standing in line waiting for their turn.
Mobile access control
Management of the project decided that something had to be done to automate the process and make it more efficient; hence, I was called upon to research a system with which we could apply proper access control, k
eep track of who entered and exited and when, and make sure to notify security of anyone not allowed to enter. All that had to be done with a totally mobile system that could easily travel with the gates when they moved.
After researching the different possibilities, we decided to use handheld computers and develop an in-house software application for the handhelds to automate the process. The handheld of choice was the Symbol PPT-2800 Pocket PC-based handheld computer with built-in barcode scanner (Fig. 1).
Figure 1 (above): Symbol PPT-2800 Pocket PC
To identify workers properly, new badges were designed and distributed. The badge carried the worker's picture, along with his ID number (barcoded and big enough to be scanned from around two feet), his department, and his position. When a new employee was hired, a badge was printed and given to the person immediately; his data got synchronized immediately with the lookup database for the handhelds.
Each gate was made into a multi-lane crossing for entry and exit. In total there were thirty-two lanes distributed over the four gates. Each lane was manned by a gateman. Each gateman was equipped with a Symbol PPT-2800 running the software we built for this project. The software allows the user to select an activity: "Log In" workers or "Log Out" workers (Fig.2). Once the activity has been selected, the handheld is ready to start processing workers. Workers standing in line at the gate would proceed one by one. The gate man would scan the barcode on the badge of the worker next in line waiting to enter.
Fig. 2 (above): Gateman may choose to log in workers entering or log out workers exiting the facility.
The scanned barcode was first compared to a database of all current employees and then to a "blacklist" of personae non gratae. If the barcode was found in the database of current employees, data about the person was displayed onscreen (Fig. 3); if the barcode was also found in the blacklist then an alert was displayed onscreen (Fig. 4) notifying the gateman to contact security and management.
Fig. 3 (above): Employee record is displayed after barcode is identified.
Fig. 4 (above): Security alert when scanned badge number is found on a blacklist.
In case the barcode was not found in either of the two lists, an alert was displayed (Fig. 5) to inform the gateman that the badge number was invalid. This could mean one of two things: either the badge was a forgery, which is the case in the great majority of the instances of when this happens, or this was a new employee whose data hadn't gone through all the synchronization process properly—very unlikely. The process continued until all workers had been processed.
Fig. 5 (above): Notification indicates badge not identified as either a current or blacklisted employee.
At end of day, the handhelds are taken back to the main office where they are synchronized with the database on the server. All databases are refreshed, and data collected for the day is downloaded to the server. The data collected consists of the worker's badge number, and all the times that worker entered and exited the construction area. For example, if a worker arrived in the morning and didn't leave until end of working hours, then that worker would have two entries in the database for that day. One entry would carry a date/time stamp to indicate the time he or she entered; the other entry would be for the time of exit. A worker who came in in the morning, left for lunch, came back, then left at the end of the day would have four entries, one corresponding to each transaction (entry or exit).
ROI
Once operational, the system was very rewarding. On the data side, reports on daily attendance were produced very quickly. Payroll data on hours spent onsite was available immediately with no data entry steps involved in acquiring this data from paper forms. Security improved as all attempts at gaining entry into the construction site by previous employees via forged or old unreturned ID cards was totally under control. Moreover, time spent processing workers coming in or leaving the construction area during rush hours was greatly reduced.
Adaptability to other types of environments
Such a system can be implemented in a multitude of other environments aside from the construction industry. One such environment may be conferences and exhibits. Customarily, attendees at conferences and exhibits are given badges which carry their name, title, and company. If those badges carry a barcode of the ID of the attendee, then security officers and ushers manning gates of exhibits and seminar rooms can make use of Pocket PCs (either Wi-Fi-enabled or offline) to control access to the event rooms, and to get statistics automatically of all attendance at the different seminars offered. Also, exhibitors can collect data on the fly about visitors to their booth. If Pocket PCs are used for this task, no permanent installations or bulky systems need to be put in place to offer this functionality both to security personnel and ushers at gates and to exhibitors at their booths.
* * *
Ramzi Labban is a Computer and Communications Engineer and currently a Senior Systems Analyst at Consolidated Contractors International Company (CCIC). As part of his main duties, which include developing core applications for CCIC, Ramzi specializes in all research and development activities on mobile computing, wireless, and GPS technologies. He has been involved in developing applications for handheld devices since 1995. You can reach Ramzi at rlabban@dm.net.lb. The system discussed in this article was developed by Computers and Communication Technology (CCT) under the full direction and supervision of Ramzi Labban. CCT can be contacted at www.cctintl.com.
Two-Dimensional Barcodes and Pocket PCs for Asset and Inventory Management
by Ken Mattern
They're ubiquitous. They're advertised in this magazine. In fact, close the book and look at the lower left of the front cover and you'll see one. Barcodes are everywhere and they come in all different shapes and sizes.
As a Pocket PC enthusiast you have, I'm sure, seen barcode scanners that will fit into a CF slot, or you have seen the Symbol or Intermec barcode scanners. If you work in retail you may have used a barcode scanner, and, of course, if you do any shopping at all your purchases have been scanned at the checkout line.
This article is not a tutorial on barcodes or barcode scanning. Instead it is intended to discuss a newer type of barcode and a new type of scanner. Along with that I'll discuss a software package I wrote for reading barcodes and maintaining inventories. These aren't your average supermarket inventories, but asset inventories, such as office equipment and furniture, or server farms and peripherals, or even the fielding of entire aircraft.
The 2D barcode
But first let's talk about this new type of barcode, called the "Data Matrix CC 200 two-dimensional barcode." That's a mouthful, so from here on we'll refer to it as a "2D tag." The interesting thing about 2D tags is that they can hold significantly more data than a standard one-dimensional barcode, such as the IPC on the front of this magazine. Another interesting thing about 2D tags is that they contain redundant data. This means that a portion of the tag (up to 60%) can be destroyed without damaging the integrity of the data.
Figure 1 depicts a number of 2D tags. The upper-left tag is one that I generated for our internal office inventory. If you scan it from this page you will find that it contains data that says, "KI0000." The larger tag beneath it contains the following sentence. "Hal Goldstein is a really nice guy. You should read his magazine." The larger image on the right is a sheet of thirty-five InfoDot 2D tags (see sidebar).
Fig. 1 (above): 2D tags. Left: laser printer. Right, InfoDot acrylate laser-etched 7 mil pixel, 3/8 inch tags.
A significant amount of data can be placed into a single 2D tag. As a test I placed about four kilobytes of text into a tag and was able to read it with no trouble at all. The resulting tag ended up being close to two inches on a side, and that appeared to be close to the maximum physical size that my tag reader could handle. But usually a smaller tag will do just fine for inventory management.
Asset and inventory management
The proper management of assets and inventory is important in just about every sector, both public
and private. My company's office building consists of approximately fifteen offices, two conference rooms, and an area for cubicles. In each of these rooms are found company assets: desks, chairs, fax machines, tables, computers, and all the other things you will find in a typical office. Each item must be inventoried for insurance and other business purposes. Each item must be identified as to location, user (where appropriate), and, in our case, whether the company or the government owns it, as we contract to the Department of Defense. That inventory could be kept on paper, or in an Excel spreadsheet or Access database.
My company writes software and maintains Web sites for the military. If we manufactured electronic assemblies and sub-assemblies we would find ourselves in need of an asset management tool. Again, the 2D tag would be the perfect tool for the job. However, we might find ourselves in need of creating relationships between assemblies of components, i.e., parent/child relationships.
Now let's get down to real cases of asset and inventory management using 2D tags, Pocket PCs, and Bluetooth. That's what my company has been doing since the beginning of 2003. It is named Kottmann, Inc., and so we call our product KIMS (Kottmann Inventory Management System). The package is two-tiered—a desktop software package and a Pocket PC package. We have worked carefully to duplicate functionality as much as possible on both platforms to insure ease of use. At the same time we have made the package as versatile as possible to address both asset and inventory management.