BlackBerry phones were previously the only allowed devices for the armed services, thanks to BlackBerry’s server-based security, so the Android approval could vastly widen choice for service members. The BBC also reported that other gadgets will soon be available as well: approval for other Android devices and Apple phones and tablets is expected later in the month.
DoD spokesman Lt Col Damien Pickart told the news agency that this move is “the first step of a strategy that would let soldiers use many different types of devices, both smartphones and tablets, during their tours of duty.”
It could be a serious windfall for Samsung: right now, the DoD supports around 600,000 smartphone users, 470,000 of whom were using Blackberry handsets. The other 130,000 are part of a trial initiative to test iPhones and other Android devices for security approaches.
Federal News Radio also reported that the DoD is assessing commercial bids for a secure mobility management system to accompany a big overall smartphone push: the military plans to more than double the number of secure mobile devices deployed, by 2014.
Samsung’s hardened version of Android, appropriately called “Knox,” was developed to meet military and enterprise standards for security. The Customizable Secure Boot ensures that only verified and authorized software can run on the device. TrustZone-based Integrity Measurement Architecture (TIMA) provides continuous integrity monitoring of the Linux kernel. When TIMA detects that the integrity of the kernel or the boot loader is violated, it takes a policy-driven action in response. One of these policy actions disables the kernel and powers down the device.
In addition, Android security enhancements provide an enhanced mechanism to enforce the separation of information based on confidentiality and integrity requirements. It isolates applications and data into different domains so that threats of tampering and bypassing of application security mechanisms are reduced, while the amount of damage that can be caused by malicious or flawed applications is minimized.