I've been given a school final year project but I can't think of what kind of healthcare app I should build with a server needed. Just a prototype. Please suggest.
The objective of this work is to design and implement a prototype mobile healthcare system that uses Android mobile devices. The system should consist of three parts: A mobile application, secure channels and a centralized server application.
The mobile application should gather healthcare information from the suer and forward it to a centralized server for processing. The secure channel is used to transmit client private information to the server. Finally the server stores the information into a database and prepares some feedback to the client.
1) What apps would it be?
2) What is the easiest secure channel to be used yet safe?
Thanks
Make an app to support caring for the elderly.
Each nurse has an android devices, stores patient data, complaints, medical issues on the device, which gets forwarded to the server.
The next nurse on the shift can retreive the same information from the server again and work with the same data.
Options would be auto patient detection depending on gps coordinates etc.
Patient data could be forwarded or looked at (pictures with device camera?) by a doctor etc...
Good enough?
Related
I work in IT at an educational institution and I've recently been placed in charge of a new 'mobile' initiative with the goal of making our campus mobile device friendly for students and staff. At this point I'm investigating Device Management software and would like to hear from anyone who has experience in this area.
Google lead me to some promising looking open source software by Funambol. Can anyone provide some feedback about this or any similar solution?
Requirements:
1) Must be hosted in house. We cannot store any data on third party servers.
2) Must support multiple platforms (Android, iOS and BB are a must... windows not so much).
3) Must adhere to industry standards, such as the Open Mobile Alliance.
I would love to hear about your experience with implementing Device Management solutions. If you have information that you cannot share on a public forum, please PM me so I can send you my email address.
just wondering if you got any of your questions answered? I am in similar situation as you are for my company...
Have not heard anything yet, but I did spend a bit of time playing with Funambol before getting sidetracked with another project. Looks like it might do the trick, but it seems to lack the 'polish' that is expected of enterprise solutions. Being a proponent of open source I really want to give Funambol a serious run, but since my company is in bed with Dell I suspect we'll end up using their MDM solutions.
It'll be a few months before I have the cycles to get back on this project, but I'll try to keep this thread updated.
Device Management (DM) is one way to provision a device. Provisioning is updating the device after manufacture. This may or may not include bootstrapping a device. When an OEM or Operator bootstraps a device after manufacture, or makes any other update (except a firmware update) it is provisioning the device. When an OEM bootstraps a device during manufacture it is not provisioning.
Funambol DM not ready for Enterprise
I've had a bit more time to look into Funambol as a Device Management (DM) solution and determined that it is not going to work. They have a Device Sync (DS) solution that works well for backing up contacts/files/etc., but their DM system is incomplete. You have to compile the client software yourself and even then many of the key features are not yet implemented, such as remote lock and wipe. Funambol is something I plan to try at home, but cannot recommend it for business.
Take a look at this MDM report from Gartner. It is a very thorough examination of several of the top MDM solutions available today and might help you make a choice based on your requirements.
I'm in a similar situation and just evaluated Sybase Afaria.
http://www.sybase.com/products/mobileenterprise/afaria
It has a lot of features and as I've tested it, everything worked as it should - but the management website is just horrible. Afaik Sybase is aware of this issue and is working on a new management site.
Best Features: Working with Samsung and Motorola - means deep integration into its Systems, Touchdown integration.
MDM Solution
DeviceMax MDM can be a on-site solution where the hardware can be installed at the client’s server or a cloud based solution where the hardware is on the Kochar cloud and minimal integration with the client's network is required. It is a customized solution that can be either used as a licensed software or a managed service by the Enterprise. For managed service configurations, we can remotely support device diagnostics and even provide the end user service desk support for Enterprise.
MDM Solutions
We started using the Meraki MDM for our enterprise wide solution, but I highly recommend checking out Prey Project for personal or small scale use.
Question about Prey project
In reference to your recommendation of prey project, I see how they help with security of devices but how does it install the image of the tablet after a user uses it? I am looking for an MDM solution for an academic setting. Thanks.
Re: Question about Prey project
snpohrte said:
In reference to your recommendation of prey project, I see how they help with security of devices but how does it install the image of the tablet after a user uses it? I am looking for an MDM solution for an academic setting. Thanks.
Click to expand...
Click to collapse
I'm not sure if I understand what you mean by "install the image of the tablet"... do you mean install the PreyProject client application on a user's device after they have taken it outside of your physical control? As far as I know, all MDM solutions require the client to be installed before any remote administration can be done on the device. You could email your users a link to the app with instructions on how to install/configure it?
I'm not sure if PreyProject is the best solution for deployments of more than a few devices. It might work if each user wants to administer their own devices, but if you are in a scenario where a few IT people need to manage/maintain a fleet of mobile devices then something like the Meraki MDM solution is more suitable.
Hope this answers your question... if not then please clarify your query.
Regards,
Mobile Device Management
With increasing number of Smartphone’s and smart devices used within the organizations, Mobile device management (MDM) has become a vital discipline for IT departments. IT people are putting their focus towards mobile device management support where they will manage the mobile devices. Mobile device management solutions offer the security to the enterprises with full control on them. With mobile device management solutions you can configure your devices over the air, implement the corporate policies, wipe or lock the whole device etc. Nowadays organizations need MDM solutions that fully manage and organize all the devices and applications. It helps to give the whole picture of the mobile environment. It also analyzes the whole report and find out the gaps to resolve it. It also helps to get the critical device information.
Originally Posted by timothyon Saturday October 20, @08:27AM
from the that's-why-they-buy-guns dept.
Trailrunner7 writes "There are thousands of apps in the Google Play mobile market that contain serious mistakes in the way that SSL/TLS is implemented, leaving them vulnerable to man-in-the-middle attacks that could compromise sensitive user data such as banking credentials, credit card numbers and other information. Researchers from a pair of German universities conducted a detailed analysis of thousands of Android apps and found that better than 15 percent of those apps had weak or bad SSL implementations. The researchers conducted a detailed study of 13,500 of the more popular free apps on Google Play, the official Android app store, looking at the SSL/TLS implementations in them and trying to determine how complete and effective those implementations are. What they found is that more than 1,000 of the apps have serious problems with their SSL implementations that make them vulnerable to MITM attacks, a common technique used by attackers to intercept wireless data traffic. In its research, the team was able to intercept sensitive user data from these apps, including credit card numbers, bank account information, PayPal credentials and social network credentials."
Refrence http://yro.slashdot.org/story/12/10...mentations-leave-many-android-apps-vulnerable
I myself have implemented them for shopping apps (SSL for anything dealing with user details, payment, etc.). When you're communicating with an external service that requires (or where you want to use) encrypted connections and that service only offers SSL (this is probably 90% of the time) you need to use it. Now the catch here is that the standard SSL handlers available to you in Android provide an "ideal" setup, where servers and certs are exactly as they "should" be. The problem is unless you are paying rediculous amounts for dedicated SSL services and high quality certs your setup will not be the "ideal", and you'll have to make exceptions by overriding code.
As an example, in the shopping system I set up there were two sets of certs, one set was signed [payment gateway] the other wasn't [user control panel]. I had to jump through a few hoops, and the app would be open for man-in-the-middle if set up right - but luckily all they'd get would be user login details, address and phone number - billing is all external and requires a separate authorization.
As spreading news about the issue among would only be able to protect privacy and crucial information of the consumers
all discussion regarding this issue are being welcomed kindly try to focus to fix this issue
Hello to everyone,
my group is specialized on network security issues.
We inform you that SlowDroid has just been release on the Google Play Store.
It is a necessary tool for testing the robustness of servers.
SlowDroid is able to execute Denial of Service (DoS) attacks directly from your mobile device.
Main characteristics:
multi-protocol (SlowDroid is able to affect HTTP, FTP, email, SSH, file sharing, etc...)
tiny amount of attack bandwidth needed
tiny CPU and RAM usage
configurable (see below; please contact us if you are interested on a pro version of the tool)
transparent to server logs during the attack execution; logs are usually updated once the attack is interrupted
it's by far better than alternatives such as LOIC or Slowloris
Detailed instructions of how SlowDroid works and detection algorithms to protect from this attack are available at the following address:
security.ge.cnr.it/projects/slowdroid/
The URL above also include download links for the tool.
SlowDroid is a work of the NetSec Group at CNR-IEIIT of Genoa, Italy.
Hoping SlowDroid may be useful to every system administrator willing to test the robustness of his own network.
Executive Summary
The future is here, and ahead of schedule. Come join us, the weather's nice.
This blog post describes the installation and configuration of a prototype of a secure, full-featured, Android telecommunications device with full Tor support, individual application firewalling, true cell network baseband isolation, and optional ZRTP encrypted voice and video support (ZRTP does run over UDP which is not yet possible to send over Tor, but we are able to send SIP account login and call setup over Tor independently).
Aside from a handful of binary blobs to manage the device firmware and graphics acceleration, the entire system can be assembled (and recompiled) using only FOSS components. However, as an added bonus, we will describe how to handle the Google Play store as well, to mitigate the two infamous Google Play Backdoors.
Introduction
Android is the most popular mobile platform in the world, with a wide variety of applications, including many applications that aid in communications security, censorship circumvention, and activist organization. Moreover, the core of the Android platform is Open Source, auditable, and modifiable by anyone.
Unfortunately though, mobile devices in general and Android devices in particular have not been designed with privacy in mind. In fact, they've seemingly been designed with nearly the opposite goal: to make it easy for third parties, telecommunications companies, sophisticated state-sized adversaries, and even random hackers to extract all manner of personal information from the user. This includes the full content of personal communications with business partners and loved ones. Worse still, by default, the user is given very little in the way of control or even informed consent about what information is being collected and how.
This post aims to address this, but we must first admit we stand on the shoulders of giants. Organizations like Cyanogen, F-Droid, the Guardian Project, and many others have done a great deal of work to try to improve this situation by restoring control of Android devices to the user, and to ensure the integrity of our personal communications. However, all of these projects have shortcomings and often leave gaps in what they provide and protect. Even in cases where proper security and privacy features exist, they typically require extensive configuration to use safely, securely, and correctly.
This blog post enumerates and documents these gaps, describes workarounds for serious shortcomings, and provides suggestions for future work.
It is also meant to serve as a HOWTO to walk interested, technically capable people through the end-to-end installation and configuration of a prototype of a secure and private Android device, where access to the network is restricted to an approved list of applications, and all traffic is routed through the Tor network.
It is our hope that this work can be replicated and eventually fully automated, given a good UI, and rolled into a single ROM or ROM addon package for ease of use. Ultimately, there is no reason why this system could not become a full fledged off the shelf product, given proper hardware support and good UI for the more technical bits.
Click to expand...
Click to collapse
https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy
Pretty much what Guardian ROM is doing. I look forward to all the new builds
Truth. Transparency. Technology
Hey developer peeps out there!
I would like to set up an Android based system for a potential new business. This is a side project and it's purpose would be partly to learn how to integrate the physical world with paying customers through automated technology. The functionallity would go something like described below. Before you tell me to JFGI, I would like to add that I'm starting to look into all the different aspect of this concept but it is a bit overwhelming. I would really appreciate som pointers on what would be the easiest and most user friendly way to approach this. If all I have today is let's say, a website, an Android tablet and a paypal account. I'm looking for input on programming languages and interfaces specifically. This would have to be a hassle free system that does exactly what it should and nothing more.
At this point any advice would probably go a long ways, so here goes:
Android device is installed in a rentable vehicle and connected to propulsion system (through Arduno Uno Board?)
Android device monitor system parameters say once per minute and logs this to a server (gps pos, battery charge etc).
A code/password is automatically generated in a simple booking system on the server and uploaded to Android device.
Same code is sent to client by email through the booking system.
Client enters code on tablet.
Android device powers on propulsion system.
In case of no data connection, the tablet will prompt for an offline code that allows for the system to be powered on. If tablet does not report to server in 15 minutes, the server will notify owner by email.
When client is done using system she presses “I’m done” on the GUI and is presented with a checklist.
Client confirms to have complied with the checklist and presses “Confirm”
Android device sends email with system status: time used, gps position, battery charge etc. to owner.
Android device notifies booking system that the vehicle is available.