HOME

TheInfoList



Click Here for Items Related To - Fishbowl (secure Phone)
OR:
Fishbowl (secure Phone) on:   [Wikipedia]   [Google]   [Amazon]

Fishbowl is a
mobile phone A mobile phone, cellular phone, cell phone, cellphone, handphone, hand phone or pocket phone, sometimes shortened to simply mobile, cell, or just phone, is a portable telephone that can make and receive calls over a radio frequency link whi ...
architecture developed by the
U.S. The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territori ...
National Security Agency The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collect ...
(NSA) to provide a secure
Voice over IP Voice over Internet Protocol (VoIP), also called IP telephony, is a method and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. The terms Internet t ...
(VoIP) capability using commercial grade products that can be approved to communicate
classified information Classified information is material that a government body deems to be sensitive information that must be protected. Access is restricted by law or regulation to particular groups of people with the necessary security clearance and need to kn ...
. It is the first phase of NSA's Enterprise Mobility Architecture. According to a presentation at the 2012
RSA Conference The RSA Conference is a series of IT security conferences. Approximately 45,000 people attend one of the conferences each year. It was founded in 1991 as a small cryptography conference. RSA conferences take place in the United States, Europe, Asia ...
by Margaret Salter, a Technical Director in the Information Assurance Directorate, "The plan was to buy commercial components, layer them together and get a secure solution. It uses solely commercial infrastructure to protect classified data." Government employees were reportedly testing 100 of the phones as of the announcement. The initial version was implemented using
Google Google LLC () is an American Multinational corporation, multinational technology company focusing on Search Engine, search engine technology, online advertising, cloud computing, software, computer software, quantum computing, e-commerce, ar ...
's Android
operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also i ...
, modified to ensure central control of the phone's configuration at all times. To minimize the chance of compromise, the phones use two layers of encryption protocols,
IPsec In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...
and
Secure Real-time Transport Protocol The Secure Real-time Transport Protocol (SRTP) is a profile for Real-time Transport Protocol (RTP) intended to provide encryption, message authentication and integrity, and replay attack protection to the RTP data in both unicast and multicas ...
(SRTP), and employ NSA's
Suite B NSA Suite B Cryptography was a set of cryptographic algorithms Promulgation, promulgated by the National Security Agency as part of its Cryptographic Modernization Program. It was to serve as an interoperable cryptographic base for both unclassi ...
encryption and authentication algorithms. USMobile has implemented commercial enterprise version of Fishbowl technology via the Scrambl3 mobile apps that run on both Android and iOS platforms. The phones are locked down in many ways. While they use commercial wireless channels, all communications must be sent through an enterprise-managed server. No direct voice calls are allowed, except for 9-1-1 emergency calls. Only NSA approved applications from the NSA enterprise app store can be installed. NSA has published a 100-page overview specification for the Mobility Capability Package. In tandem with the Capability Package there are a series of Protection Profiles. These Protection Profiles list out the requirements a commercial product must meet to be used in the mobile phone architecture.


References

{{reflist Secure communication National Security Agency encryption devices Android (operating system) software Android (operating system) devices