Ensuring network connection security between a wrapped app and a remote server

摘要

A network connection between an app on a mobile device and a remote server is either enabled or denied based on whether a security wrapped app can verify that the connection is with a known and trusted server. The wrapped app uses a socket interception layer injected into the app code along with a trust store, also part of the wrapped app to determine whether a network connection attempted by the app should be allowed. The layer buffers relevant function calls from the app by intercepting them before they reach the device operating system. If the layer determines that a network connection is attempted, then it snoops the negotiation phase data stream to discern when the server sends a certificate to the app. It obtains this certificate and compares it to data in the trust store and makes a determination of whether the server is known and trusted.

主权项

1. A method of enabling a network connection between an app on a remote device and a remote server, the method comprising:
during execution of an application on the remote device, attempting to open the network connection with the remote server; intercepting relevant function calls to and from the application, said intercepting done by a sockets interception layer on top of an IP stack specifically for the application, wherein said relevant function calls are re-directed to the sockets interception layer and selected based on socket characteristics; correlating said relevant function calls with a particular network connection; discerning a certificate by observing data stream between the application and the remote server; comparing the certificate with a trust store in the application; determining whether the certificate can be trusted; and allowing the network connection if the certificate is authenticated and trusted, the network connection between the application and the remote server.