3
COPYRIGHT @ 2007, Credant Technologies, Inc. All Rights Reserved.
"Credant", "Credant Mobile Guardian" and all Credant logos are registered trademarks of
Credant Technologies Corporation. This document may be copied without the author's
permission provided that it is copied in its entirety without modification.
1. Introduction
Companies are increasingly using diverse mobile devices to store critical business
information, improve productivity and enhance customer relationships. These mobile
devices represent one of the most severe and often overlooked security threats to the
enterprise. Frequently left unmanaged and with little to no enforced security, these
devices are an open door to corporate applications, networks and databases and represent
potentially significant financial, legal and regulatory liabilities. Without sufficient
management tools and enforced security policies, companies have no way to prevent
mobile security breaches, know if information is misused, or trace the source of mobile
security incidents.
Architected to protect the mobile enterprise, Credant Mobile Guardian (CMG) is the first
security solution that addresses an organization's mobile security issues with centrally
managed policy administration and strong on-device user authentication and policy
enforcement. This cost-effective solution enables organizations with a growing mobile
population to take full advantage of the benefits of today's mobile workplace and remain
confident that business critical information is secure.
The Credant Cryptographic Kernel (CCK) is the library of cryptographic functions used
by the Credant Mobile Guardian (CMG) Suite of mobile security solutions. The CCK
takes the form of a dynamic link software library (or a shared library on Palm for version
1.5) which provides an API to cryptographic functions, including AES, Triple DES,
SHA-1, HMAC(SHA-1), and an ANSI X9.31compliant pseudorandom number generator.
CMG Suite comprises the CMG Server, CMG Gatekeeper, and CMG Shield software
products. These three components work together to ensure the security of data on mobile
devices. The CMG Shield installs on the mobile device and protects its data from
unauthorized access. The CMG Gatekeeper receives policy information from the Server
and communicates it to the devices running the Shield. An administrator sets company
policies via CMG Server software, and the Server forwards these settings to the instances
of the CMG Gatekeeper. When a device synchronizes with its host PC, the Gatekeeper
communicates these policies to the device.
Note that the Credant Technologies cryptographic library has changed names from
Credant Cryptographic Kernel (or CCK) in version 1.5 to CmgCryptoLib in version 1.7.
The names CmgCryptoLib, Credant Cryptographic Kernel, and CCK are synonymous
throughout this document.