The Defense Information Systems Agency is testing whether the SafeCase, which blocks a phone’s cameras, sensors and microphones, will make the personal devices secure enough to bring into areas where classified information is processed.
Federal workers leaving their personal smartphones in a lockbox before entering a secure facility may soon become a thing of the past, thanks to a pilot program run by the Defense Information Systems Agency.
DISA is testing whether the SafeCase, which blocks a phone’s cameras, sensors and microphones, will make the personal devices secure enough to bring into areas where classified information is processed, according to Stephen Wallace, systems innovation scientist for DISA's emerging technology directorate, who spoke during an AFCEA International and George Mason University virtual event on May 19.
DISA is working on the pilot with WWT, a solutions provider, and Privoro, which focuses on mobile hardware security solutions. The SafeCase surrounds -- but is independent of -- a user’s mobile device. When the phone is inserted into the case, a physical barrier covers each of the smartphone’s cameras, which prevents intruders from observing or recording any visual data in the device’s vicinity.
The case also transmits white noise through its microphone, so the only thing emitting from the device is a radio signal, according to the company. The on-device audio masking uses advanced audio forensics to prevent a conversation or audio snippet from being successfully deciphered. That noise is truly random, microphone-specific and adaptive to the range of human speech.
With these three characteristics, a conversation’s content (the words spoken) and context (accents, tones, number of participants, etc.) will be unidentifiable to an eavesdropper, as the final audio output will be indistinguishable from a recording of noise alone, Privoro founder and CEO Mike Fong wrote.
WWT and Privoro will also work on assigning individual user attributes on a secure hardware platform to provide identity assurance and trusted mobile access. The solution will address access to sensitive information at the edge as well as security concerns that have led to smartphone bans across the government, according to a September announcement.
The pilot, in which the Air Force is already participating, is being conducted under DISA’s assured identity initiative and would start in the Pentagon once anti-coronavirus work protocols are eased.
DISA is also prototyping watch-like wearables to continuously authenticate a paired phone and permit access to a secure container on the device.
"When the wearable is removed or breaks communication with the device, that secure container on the device is locked," Wallace said.