Additional Security Requirements for a Mobile and Cloud Architecture
In order to derive a more complete list of requirements, please return to the list of requirements from the assessment in Chapter 9. Most, if not all, of those requirements will be relevant to this architecture, as well. The following comprise the additional requirements that must be added to those for an endpoint anti-malware application.
for all devices. A better design generates a private signing key for each customer, although consumers who individually purchase protection may all have their certificates signed by the same private key.
- • The private key used to sign the device certificate must be stored in an HSM or equivalent. The network must be configured such that the HSM will only accept cryptographic operations from the enrollment and management service.
- • All data (commands, reputations, policies, configurations, etc.) and all binaries downloaded to devices must be hashed and signed. The device software will validate the signature and the hash before any further processing.
-  Discussions about Public Key Infrastructure (PKI) in general and certificate revocation inparticular have been avoided purposely. Issuing private signing keys would require a robustPKI. When using X509 certificates, certificate revocation must be designed.