Text Size

Enabling NASA’s Mobile Workforce By Securing Application Data

By Jane Maples and Kellie White, MSFC-CIMA

Do you currently use a mobile device to access applications or Web sites? Have you ever stopped to consider whether the information you are sending and accessing is secure? What if you misplaced your phone for a period of time, or worse, what if you lost it? Will unauthorized individuals be able to access those applications installed on your mobile device and initiate transactions on your behalf? NASA’s Center for Internal Mobile Applications (CIMA) has worked to ensure the security of data exchanged via any CIMA- provided mobile application. CIMA relies upon Mobile Application Management (MAM), as opposed to Mobile Device Management (MDM), to secure the mobile application. Furthermore, an in-house-developed Secure Mobile Access Point (SMAP) and secure Identity, Credential, and Access Management (ICAM) services are leveraged for authenticating and accessing all CIMA mobile applications. This multilayered security approach relies upon Launchpad for authentication and an application-level personal identification number (PIN) for accessing CIMA-hosted mobile applications. It secures or removes all data at rest and provides a secure channel between the mobile application and the protected NASA enterprise services. Developers can leverage SMAP for their applications to provide the NASA data and services they need in a secure and timely manner.

Features of SMAP:

  • Provides a secure mobile public-access point for accessing protected NASA services and data.
  • Allows mobile devices outside of NASA locations to access protected NASA services and data.
  • Offers full whitelist and blacklist filtering by user, device, application, application version, and Center.
  • Provides secure Web proxy services for the CIMA mobile application *Web wrapper, allowing wrapped Web sites to be accessed by mobile devices outside of NASA locations.

The Secure Mobile Access Point implemented by CIMA is effective in securing the mobile application, but CIMA’s efforts don’t stop there. Currently, CIMA is working with the ICAM team to further enhance the security of the installed mobile applications by implementing an ICAM certificate–based authentication for mobile devices. This additional security measure is expected to be deployed at the end of the calendar year.

While other Federal agencies are struggling with the idea of Bring Your Own Device (BYOD) and how to manage those devices, CIMA’s approach to securing your data is to manage the mobile application as opposed to the mobile device. This is referred to as Mobile Application Management (MAM). MAM is application- centric, making it easier to target the things that matter most to NASA—the mobile apps and the inherent data—while leaving the personal device and data alone.

CIMA has presented their MAM approach in various forums with participation from other Federal agencies, with very positive responses. CIMA’s MAM solution is looked upon as a viable approach for those agencies not requiring the mobile device to be locked down for security concerns, such as law enforcement agencies.

In addition to CIMA’s proven security approach, CIMA also offers a vast array of mobile app consulting, development and hosting, and distribution services. CIMA’s catalog of mobile application services and products enable an organization to extend key enterprise information and business processes anywhere, any time through any mobile device. If you would like to learn more about CIMA’s security approach and how to take advantage of this approach for your mobile applications, or would like information regarding our service offerings, please contact CIMA by email at msfc-cima@mail.nasa.gov and learn how CIMA is redefining business applications for NASA.

*A Web wrapper is used to deliver an existing Web site as a mobile application.