Knox Container allows companies to create a highly secure container based on SE for Android. It keeps company apps and data separate from personal apps and data in a smartphone. It authorizes users and IT administrators to encrypt data in the device as well as within the Samsung KNOX container. With enhanced security and user-friendly interface, Samsung KNOX delivers all-inclusive security from the hardware level through to the application level.

Taking the basic Android system for mobiles, Samsung Knox has enhanced the system to offer a three-pronged hardware and application-level security.

The first security level for hardware is Trusted Boot. It detects the device operating system whether it is cryptographically signed by a key verified by the hardware.

Once a mobile has booted, TrustZone-based Integrity Measurement Architecture, or TIMA, runs in the secure world of TrustZone. It provides continuous integrity monitoring of the operating system by constantly checking the Android kernel.

To prevent serious damages from Hacking and Malware,
Security Enhancements for Android, or SE for Android isolates applications and data into different domains, based on confidentiality and integrity requirements. So it can prevent a security compromise in one domain from propagating to other domains, or the underlying mobile operating system, to minimize the amount of damage.

Samsung Knox offers application-level security through Samsung Android Framework and Knox Container.

Samsung Android Framework is enhanced for KNOX including Mobile Device Management, Single Sign On and FIPS Certified VPN to meet the most strict and rigorous enterprise-specific requirements.

Enabling enterprise mobility without compromising security — Samsung KNOX.

Source: Samsung Mobile YouTube
—