Developing Trusted Services for Mobile using GlobalPlatform StandardsStandards

Christophe ColasGlobalPlatform Device Committee Chairman

Our Positioning

GlobalPlatform is the standard for managing applications on secure chip technology

TrustedExecution

Environment

Secure Element

AND

Across several market sectors and in converging sec tors

Environment Element

2

Device Committee Activities

Device Committee

Christophe Colas, Trusted Logic

SE Remote Administration WG

Trusted Execution Environment (TEE) Device Services

TEE Roadmap WG

Christophe Colas, Trusted Logic

3

WG

Christophe Colas, Trusted Logic (acting)

SE Access Control WG

Erwan Louët, Orange Labs

option

TEE Spec WG

Don Felton, ARM

TEE Compliance WG

Hervé Sibert, ST-Ericsson

TEE Security WG

Hervé Sibert, ST-Ericsson

Growth of Malware Mandates a Trusted Environment

4

OMTP Security Requirements

• Trusted Environment TR0 (V1.2 – May 2009)

– Hardware unique key

– Debug port protection

– Secure boot and secure flash update

– IMEI & SIM lock protection

Reference for mobile platform security and TEE

– IMEI & SIM lock protection

• Advanced Trusted Environment TR1 (V1.1 – May 2009)

– Isolated environment from main mobile operating system (OS)� TEE

– Secure storage

– Flexible secure boot

– Secure communication with USIM and key exchanges

– Runtime integrity check

– Secure user interface

5 http://www.gsmworld.com/newsroom/document-library/omtp.htm

What is a TEE?

• TEE provides hardware-basedisolation from rich OS such as Android, Windows Phone and SymbianRich OS Application Environment Trusted Execution Environment

Trusted Trusted Trusted

Open to malware and rooting / jailbreaking

Isolation of sensitive assets

• TEE runs on the main device chipset

• TEE has privileged access to device resources (user interface, crypto accelerators, secure elements…).

6

Hardware Platform

Rich OS

Trusted CoreEnvironment

GlobalPlatformTEEInternalAPI

TrustedFunctions

Payment Corporate

Client Applications

TrustedApplication

DRM

TrustedApplication

Payment

TrustedApplicationCorporate

HW Secure Resources

GlobalPlatformTEE Internal

TEE Kernel

APIGlobalPlatform TEE Client API

Why a TEE?

Mobile Financial Services:

• mBanking

• Online payment…

Some use case examplesSome use case examples

7

Content Protection:

• IP streaming

• DRM…

• Key protection

• Content protection

• User authentication

• Transaction validationCorporate:

• Secure networking

• Secure email

• User authentication

• Data encryption

TEE Positioning

Rich OS

User

Interface

Ease of

Development

Processing

Speed

8

Trusted

Execution

Environment (TEE)

Secure

Element (SE)

Physically

Removable

Attack

Resistance

Access

Control

TEE Standardization Principles

• Overall objective: promote the TEE ecosystem– Have interoperable TEEs across silicon vendors and devices

– Have one single set of APIs for service providers whatever the silicon vendors and devices

– Have a standardized way to administrate the TEE

• Technology agnostic• Technology agnostic

• Resistant to:– any software attack (remote and local)

– basic hardware attacks (local)

• debug interface, firmware tampering…

• TEE programming environment– Native-based (C-based)

– Isolation between trusted applications

9

TEE Standardization

APIs

Compliance

Administration

Rich OS Application Environment Trusted Execution Environment

Payment CorporateClient Applications

TrustedApplication

DRM

TrustedApplication

Payment

TrustedApplicationCorporate

10

Compliance

Certification

(functional)

(security)

Hardware Platform

Rich OS

GlobalPlatformTEE Client APITrusted CoreEnvironment

GlobalPlatformTEEInternalAPI

TrustedFunctions

GlobalPlatformTEE Functional API

GlobalPlatformTEE Functional API

GlobalPlatform TEE Client API

HW Keys, Secure Storage,Trusted UI (Keypad, Screen),

Crypto accelerators,NFC controller,

Secure Element, etc.

HW SecureResources

EnvironmentTrusted Core Trusted

Functions

GlobalPlatformTEE Internal

TEE Kernel

API

APIs for TEE

Rich OS Application EnvironmentRich OS Application Environment Trusted Execution EnvironmentTrusted Execution Environment

GlobalPlatform TEE Internal API

Payment Corporate

GlobalPlatformTEE Functional API

GlobalPlatformTEE Functional API

Client ApplicationsApplications

TrustedApplication

DRM

TrustedApplication

Payment

TrustedApplicationCorporate

GlobalPlatform TEE Internal APIs����July ����

V1.0

11

Hardware Platform

Rich OS

GlobalPlatform TEE Client APITrusted CoreEnvironment

GlobalPlatform TEE Internal API

TrustedFunctions

TEE Functional APITEE Functional API

GlobalPlatform TEE Client API

HW Keys, Secure Storage,Trusted UI (Keypad, Screen),

Crypto accelerators,NFC controller,

Secure Element, etc.

HW SecureResources

EnvironmentTrusted Core Trusted

Functions

GlobalPlatform TEE Internal APIs

TEE Kernel

����

����

2010 ���� Dec 2011

Trusted User Interface: A Trusted Function Example

• Critical for mobile financial services

• Necessary for secure element-based transactions

• Enables:– The secure entry of a password / PIN

• A malware is unable to access password / PIN info

– The validation of transaction information

• A malware is unable to forge transaction information

• TEE has direct access to display / touch-screen / keypad without interacting with the rich OS.

12

Compliance Program

• Managed by the GlobalPlatform Compliance Secretariat

• UML-based Test Suite and Test Applications generation

Test Client Application

Trusted Execution Trusted Execution EnvironmentEnvironmentTrusted Execution Trusted Execution EnvironmentEnvironment

Rich OSRich OSRich OSRich OSToolToolToolTool

Test Trusted Applications

SoC

TEE Driver

GlobalPlatform TEE Client API

GlobalPlatform TEE Internal API

TEE Core

HAL

Trusted HW resources

Non-trusted HW resources

Applications

Tool scope

13

TEE

GlobalPlatform TEE Certification

GP TEE

HW

Full TEE

GlobalPlatform TEE

FIPS 140-2

Based on Common Criteria Protection Profile (not certified to start with)

HW

GP TEE

HW certification scheme

GlobalPlatform TEE Certification

EMVCo

CertificationCAS

Certification

14

start with)

TEE Roadmap

Trusted Applications

have access to

• Basic Core APIs• Secure Storage• Cryptography• Secure Date

TEE APIs v1.0 v1.1 v1.2

+ Higher services(e.g. certificate, …)

v2.x

+ Trusted User Interface

+ SE interface

+ NFC+ Network API

TEE Certification

TEE Compliance

4Q2011 2Q2012 4Q20123Q2012 2013

TrustedApplicationsManagement

Implementationdependent

Multiple Security Domains

15

Liaisons

EMVCo

Mobile and Contactless

• GSMA Pay-Buy Mobile • Mobey Forum• OMA• Payez MobileContactless

Payment• Payez Mobile• European Payments

Council (EPC)• StolPan• SIMalliance

Public Transit

IFM projectISO TC 224

Government

• National Institute of Standards and Technology (NIST)

• European Committee for Standardization (CEN)

• Next generation IC Card System Study group (NICSS)

16

TEE White Paper

• The need for security in mobile handsets

• Introducing the TEE

• Positioning of the TEE

• Use Cases– Corporate– Content management– Content management– Mobile payment– Service deployment in a TEE

• Why standardizing a TEE?

• TEE Roadmap

http://www.globalplatform.org

17

GlobalPlatform Members

Questions?

Visit us @ www.globalplatform.org