In recent years, with the continuous development and extension of mobile intelligent network applications, mobile intelligent terminals have gradually replaced traditional PC tools. The number will reach about 2.8 billion, and the mobile terminal security problems caused by this have also become more and more serious in recent years. The main position of network information security has also begun to gradually transition from the PC field to the current mobile security field.
There is demand for development. As consumers rely more and more on the mobile Internet, many companies have also entered the mobile Internet+. With the help of mobile application technology, many of their business services have been moved to the "handheld business hall", and a series of businesses can be carried out through APP. , under the stimulation of new security requirements, many security manufacturers have also launched a variety of security protection solutions for mobile terminals.
For a time, the reinforcement scheme, encryption scheme, anti-cracking scheme, etc. for the security of mobile terminal applications got an opportunity for rapid development, and a mature system scheme was quickly formed, and the security problems of mobile terminal applications were effectively solved. However, there is a security gap in the security defense of the mobile application server at the back end!
At present, there are still gaps in the security defense technology of mobile servers
However, the mobile service system is not only composed of mobile terminals, but also composed of the brain of data processing - mobile APP server, and data communication link, which is what we often call communication network. The front-end mobile terminal, the middle communication network, and the back-end mobile application server constitute a complete mobile service system. At present, most of the security manufacturers focus on the security of mobile terminal devices and applications themselves, such as environmental clearance technology, reinforcement technology, anti-reverse technology, etc., but they often ignore the effective protection of mobile APP servers.
Due to the difference in system composition and business scenarios, the security problems faced by mobile application servers are different from those of traditional web servers. The common risk threats are as follows:
What is the difference between the two? At present, the security of mobile APP servers is often protected by traditional Web Application Firewall (WAF) or Intrusion Prevention Equipment (IPS), but there is a lack of linkage protection for front-end mobile terminal security and communication network security, and only traditional servers are provided. The security function cannot completely and effectively defend the entire mobile business system.
The current threats to mobile terminals are as follows:
It is mainly about a series of risk threats generated by APP cracking and hijacking, such as interface hijacking, decompilation, memory injection and so on.
At present, mobile business security threats mainly include theft of assets, the use of false identities to extract resources, the use of business loopholes to steal, and fraudulent behaviors such as "shearing wool" and the use of plug-in tools.
Filling the market gap: Haiyunan launched the first mobile application firewall system (iMAF) in China
In response to this demand pain point, Hai Yunan, with years of technological innovation and accumulation in the field of mobile information security technology, combined with actual security needs, launched the first set of intelligent mobile application server firewall products in China - iMAF, iMAF products are based on traditional firewall products. In the above, combined with the overall security protection requirements of the current mobile business system, the security protection for mobile terminals and communication networks has been increased, and integrated linkage defense has been realized, which can effectively ensure the safe operation of the entire mobile business system!
How does the mobile application firewall iMAF realize integrated defense?
1. Integrated security defense of "device, pipe and cloud"
The iMAF system solution includes three major systems of protection ideas, namely the Trusted Base SDK for client security, the cloud security chain for network communication encryption and security, and the cloud security shield for server protection.
In view of the single protection status of traditional firewall products, Haiyun's iMAF system effectively increases the protection of mobile clients, and realizes anti-cracking debugging, anti-agent, anti-simulator, anti-interface hijacking, repackaging detection, and illegal outreach monitoring. In addition to the encryption protection of network communication data and the in-depth protection for the back-end server sector, the three-in-one, coordinated defense effectively improves the ability to respond to a series of business risks such as wool party, business fraud, and sensitive business information leakage. It realizes the in-depth protection of the business system in the entire mobile scenario, and ensures the smooth and orderly development of related businesses.
Mobile application client SDK: Haiyun'an realizes the joint control defense of the front and back ends of the mobile business system through the Trusted Base SDK tool, and effectively strengthens and protects the mobile applications, and can monitor the attacks and attacks of the front-end mobile applications in time. Crack threats and performance glitches.
Communication network security: The private encryption algorithm of Yunan Chain can effectively encrypt and protect communication data, prevent attacks such as data packet capture, and ensure the safety and reliability of data transmission.
Server-side security defense: Compared with the traditional WAF firewall, Haiyun An Yun An shield product has added many user defense functions that meet the needs of mobile systems on the basis of the original anti-SQL injection, cross-site attack, cookie injection and other functions. For example, business security functions such as anti-shearing and anti-fraud have also added performance monitoring services for clients through linkage functions, such as crash monitoring, interactive monitoring, network request monitoring, error monitoring, and ANR monitoring.
2. Highly convenient integration features
Using the iMAF system can realize a very convenient system integration effect in one-stop, for example, by integrating the APP-side SDK, a one-key SDK integration solution can be realized, and complete development documents are attached to support Android and iOS. For communication network encryption, automatic link encryption can be realized, and a high-strength one-time pad Token encryption scheme can be obtained without additional configuration.
Back-end automatic protection: Automatically protect WEB programs of various back-end architectures, and can easily achieve high-security WEB protection without modifying the code.
3. Real-time monitoring support for security risk + operational performance
The iMAF system provides a complete real-time monitoring function of malicious attack behavior and operating performance, and accurately records the attacked information, covering both the mobile client and the server. Let information security personnel know the security status of client applications and servers anytime, anywhere, and understand the operating performance status. Through analysis, it can help to timely warn and locate security attack behaviors, and find attack vulnerabilities, etc., and it is convenient to formulate corresponding security policies or strategies. Feedback to developers to modify the corresponding security vulnerabilities.
iMAF can also display defense statistics in the form of charts, providing operation and maintenance personnel or managers with website security and business status.
Conclusion:
The emergence of iMAF is in line with the security requirements brought by the rapid application of mobile service systems in various industries, and is in line with the current mobile security development trend. At present, some industries that rely heavily on the mobile APP system, such as: mobile finance, government mobile government, mobile medical, mobile OA of large enterprises, etc., are the core demand customers of iMAF products, which effectively protect the security of core data and business. , it can also greatly reduce the investment of manpower and resources in security operation and maintenance, and integrate the security defense of the entire mobile business system.
It is believed that with the further improvement of the security requirements for mobile services in the future, the mobile server security defense products represented by iMAF will become the mainstream trend in the field of mobile security. It is the top priority of the entire enterprise security strategy!