Fishbowl (secure Phone)
   HOME

TheInfoList



Click Here for Items Related To - Fishbowl (secure Phone)
OR:
Fishbowl (secure Phone) on:   [Wikipedia]   [Google]   [Amazon]

Fishbowl is a
mobile phone A mobile phone or cell phone is a portable telephone that allows users to make and receive calls over a radio frequency link while moving within a designated telephone service area, unlike fixed-location phones ( landline phones). This rad ...
architecture developed by the
U.S. The United States of America (USA), also known as the United States (U.S.) or America, is a country primarily located in North America. It is a federal republic of 50 states and a federal capital district, Washington, D.C. The 48 contiguous ...
National Security Agency The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the director of national intelligence (DNI). The NSA is responsible for global monitoring, collection, and proces ...
(NSA) to provide a secure
Voice over IP Voice over Internet Protocol (VoIP), also known as IP telephony, is a set of technologies used primarily for voice communication sessions over Internet Protocol (IP) networks, such as the Internet. VoIP enables voice calls to be transmitted as ...
(VoIP) capability using commercial grade products that can be approved to communicate
classified information Classified information is confidential material that a government deems to be sensitive information which must be protected from unauthorized disclosure that requires special handling and dissemination controls. Access is restricted by law or ...
. It is the first phase of NSA's Enterprise Mobility Architecture. According to a presentation at the 2012
RSA Conference The RSA Conference is a series of IT security conferences. Approximately 45,000 people attend one of the conferences each year. It was founded in 1991 as a small cryptography conference. RSA conferences take place in the United States, Europe, Asia ...
by Margaret Salter, a Technical Director in the Information Assurance Directorate, "The plan was to buy commercial components, layer them together and get a secure solution. It uses solely commercial infrastructure to protect classified data." Government employees were reportedly testing 100 of the phones as of the announcement. The initial version was implemented using
Google Google LLC (, ) is an American multinational corporation and technology company focusing on online advertising, search engine technology, cloud computing, computer software, quantum computing, e-commerce, consumer electronics, and artificial ...
's Android
operating system An operating system (OS) is system software that manages computer hardware and software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ...
, modified to ensure central control of the phone's configuration at all times. To minimize the chance of compromise, the phones use two layers of encryption protocols, IPsec and
Secure Real-time Transport Protocol The Secure Real-time Transport Protocol (SRTP) is a profile for Real-time Transport Protocol (RTP) intended to provide encryption, message authentication and integrity, and replay attack protection to the RTP data in both unicast and multica ...
(SRTP), and employ NSA's Suite B encryption and authentication algorithms. The phones are locked down in many ways. While they use commercial wireless channels, all communications must be sent through an enterprise-managed server. No direct voice calls are allowed, except for
9-1-1 911, sometimes written , is an emergency telephone number for Argentina, Canada, the Dominican Republic, Fiji, Jordan, Mexico, Pakistan, Maldives, Palau, Panama, Iraq, the Philippines, Sint Maarten, the United States, and Uruguay, as well as ...
emergency calls. Only NSA approved applications from the NSA enterprise app store can be installed. NSA has published a 100-page overview specification for the Mobility Capability Package. In tandem with the Capability Package there are a series of Protection Profiles. These Protection Profiles list out the requirements a commercial product must meet to be used in the mobile phone architecture.


References

{{reflist Secure telephones National Security Agency encryption devices Android (operating system) software Android (operating system) devices