What may have been missed amongst the announcements about the Samsung Knox 3.3 release were a couple of updates to our licensing model. With Knox 3.3, we introduced two new license types for our Knox Platform for Enterprise (KPE):
- KPE Development Limited license, to further secure access
- KPE DualDAR license, to further protect data
Our licenses serve the dual purposes of securing access to our APIs and tracking activations of paid features. Read on to find out more about the recent changes.
KPE Development Limited License
Previously, generating a KPE Development license gave everyone access to all the Android permissions needed to use all the APIs in our Knox SDK. This access was for a limited time period, on a limited number of devices.
For better security however, Developers generating a Development license now get access to only to a subset of APIs. Partners still get all permissions. Developers wanting access to all APIs during development need to upgrade to Partner status.
KPE DualDAR License
As mentioned in an earlier blog post, Knox DualDAR extends the built-in Android File Based Encryption (FBE) framework, protecting sensitive data using two layers of encryption. Both encryption layers use FIPS 140 certified cryptographic modules and encryption keys using AES-GCM 256. This redundancy mitigates risks from implementation flaws at a single layer, and meets the needs of classified deployments.
Partners implementing Knox DualDAR will need to activate the KPE DualDAR license in order to use this paid feature.
Find out more about:
- Samsung Knox licenses
- How to get started with licenses
- The permissions granted with different license types
- Knox DualDAR