developing trusted services for mobile using ...docbox.etsi.org/workshop/2012/201201_security... ·...
TRANSCRIPT
Developing Trusted Services for Mobile using GlobalPlatform StandardsStandards
Christophe ColasGlobalPlatform Device Committee Chairman
Our Positioning
GlobalPlatform is the standard for managing applications on secure chip technology
TrustedExecution
Environment
Secure Element
AND
Across several market sectors and in converging sec tors
Environment Element
2
Device Committee Activities
Device Committee
Christophe Colas, Trusted Logic
SE Remote Administration WG
Trusted Execution Environment (TEE) Device Services
TEE Roadmap WG
Christophe Colas, Trusted Logic
3
WG
Christophe Colas, Trusted Logic (acting)
SE Access Control WG
Erwan Louët, Orange Labs
option
TEE Spec WG
Don Felton, ARM
TEE Compliance WG
Hervé Sibert, ST-Ericsson
TEE Security WG
Hervé Sibert, ST-Ericsson
Growth of Malware Mandates a Trusted Environment
4
OMTP Security Requirements
• Trusted Environment TR0 (V1.2 – May 2009)
– Hardware unique key
– Debug port protection
– Secure boot and secure flash update
– IMEI & SIM lock protection
Reference for mobile platform security and TEE
– IMEI & SIM lock protection
• Advanced Trusted Environment TR1 (V1.1 – May 2009)
– Isolated environment from main mobile operating system (OS)� TEE
– Secure storage
– Flexible secure boot
– Secure communication with USIM and key exchanges
– Runtime integrity check
– Secure user interface
5 http://www.gsmworld.com/newsroom/document-library/omtp.htm
What is a TEE?
• TEE provides hardware-basedisolation from rich OS such as Android, Windows Phone and SymbianRich OS Application Environment Trusted Execution Environment
Trusted Trusted Trusted
Open to malware and rooting / jailbreaking
Isolation of sensitive assets
• TEE runs on the main device chipset
• TEE has privileged access to device resources (user interface, crypto accelerators, secure elements…).
6
Hardware Platform
Rich OS
Trusted CoreEnvironment
GlobalPlatformTEEInternalAPI
TrustedFunctions
Payment Corporate
Client Applications
TrustedApplication
DRM
TrustedApplication
Payment
TrustedApplicationCorporate
HW Secure Resources
GlobalPlatformTEE Internal
TEE Kernel
APIGlobalPlatform TEE Client API
Why a TEE?
Mobile Financial Services:
• mBanking
• Online payment…
Some use case examplesSome use case examples
7
Content Protection:
• IP streaming
• DRM…
• Key protection
• Content protection
• User authentication
• Transaction validationCorporate:
• Secure networking
• Secure email
• User authentication
• Data encryption
TEE Positioning
Rich OS
User
Interface
Ease of
Development
Processing
Speed
8
Trusted
Execution
Environment (TEE)
Secure
Element (SE)
Physically
Removable
Attack
Resistance
Access
Control
TEE Standardization Principles
• Overall objective: promote the TEE ecosystem– Have interoperable TEEs across silicon vendors and devices
– Have one single set of APIs for service providers whatever the silicon vendors and devices
– Have a standardized way to administrate the TEE
• Technology agnostic• Technology agnostic
• Resistant to:– any software attack (remote and local)
– basic hardware attacks (local)
• debug interface, firmware tampering…
• TEE programming environment– Native-based (C-based)
– Isolation between trusted applications
9
TEE Standardization
APIs
Compliance
Administration
Rich OS Application Environment Trusted Execution Environment
Payment CorporateClient Applications
TrustedApplication
DRM
TrustedApplication
Payment
TrustedApplicationCorporate
10
Compliance
Certification
(functional)
(security)
Hardware Platform
Rich OS
GlobalPlatformTEE Client APITrusted CoreEnvironment
GlobalPlatformTEEInternalAPI
TrustedFunctions
GlobalPlatformTEE Functional API
GlobalPlatformTEE Functional API
GlobalPlatform TEE Client API
HW Keys, Secure Storage,Trusted UI (Keypad, Screen),
Crypto accelerators,NFC controller,
Secure Element, etc.
HW SecureResources
EnvironmentTrusted Core Trusted
Functions
GlobalPlatformTEE Internal
TEE Kernel
API
APIs for TEE
Rich OS Application EnvironmentRich OS Application Environment Trusted Execution EnvironmentTrusted Execution Environment
GlobalPlatform TEE Internal API
Payment Corporate
GlobalPlatformTEE Functional API
GlobalPlatformTEE Functional API
Client ApplicationsApplications
TrustedApplication
DRM
TrustedApplication
Payment
TrustedApplicationCorporate
GlobalPlatform TEE Internal APIs����July ����
V1.0
11
Hardware Platform
Rich OS
GlobalPlatform TEE Client APITrusted CoreEnvironment
GlobalPlatform TEE Internal API
TrustedFunctions
TEE Functional APITEE Functional API
GlobalPlatform TEE Client API
HW Keys, Secure Storage,Trusted UI (Keypad, Screen),
Crypto accelerators,NFC controller,
Secure Element, etc.
HW SecureResources
EnvironmentTrusted Core Trusted
Functions
GlobalPlatform TEE Internal APIs
TEE Kernel
����
����
2010 ���� Dec 2011
Trusted User Interface: A Trusted Function Example
• Critical for mobile financial services
• Necessary for secure element-based transactions
• Enables:– The secure entry of a password / PIN
• A malware is unable to access password / PIN info
– The validation of transaction information
• A malware is unable to forge transaction information
• TEE has direct access to display / touch-screen / keypad without interacting with the rich OS.
12
Compliance Program
• Managed by the GlobalPlatform Compliance Secretariat
• UML-based Test Suite and Test Applications generation
Test Client Application
Trusted Execution Trusted Execution EnvironmentEnvironmentTrusted Execution Trusted Execution EnvironmentEnvironment
Rich OSRich OSRich OSRich OSToolToolToolTool
Test Trusted Applications
SoC
TEE Driver
GlobalPlatform TEE Client API
GlobalPlatform TEE Internal API
TEE Core
HAL
Trusted HW resources
Non-trusted HW resources
Applications
Tool scope
13
TEE
GlobalPlatform TEE Certification
GP TEE
HW
Full TEE
GlobalPlatform TEE
FIPS 140-2
Based on Common Criteria Protection Profile (not certified to start with)
HW
GP TEE
HW certification scheme
GlobalPlatform TEE Certification
EMVCo
CertificationCAS
Certification
14
start with)
TEE Roadmap
Trusted Applications
have access to
• Basic Core APIs• Secure Storage• Cryptography• Secure Date
TEE APIs v1.0 v1.1 v1.2
+ Higher services(e.g. certificate, …)
v2.x
+ Trusted User Interface
+ SE interface
+ NFC+ Network API
TEE Certification
TEE Compliance
4Q2011 2Q2012 4Q20123Q2012 2013
TrustedApplicationsManagement
Implementationdependent
Multiple Security Domains
15
Liaisons
EMVCo
Mobile and Contactless
• GSMA Pay-Buy Mobile • Mobey Forum• OMA• Payez MobileContactless
Payment• Payez Mobile• European Payments
Council (EPC)• StolPan• SIMalliance
Public Transit
IFM projectISO TC 224
Government
• National Institute of Standards and Technology (NIST)
• European Committee for Standardization (CEN)
• Next generation IC Card System Study group (NICSS)
16
TEE White Paper
• The need for security in mobile handsets
• Introducing the TEE
• Positioning of the TEE
• Use Cases– Corporate– Content management– Content management– Mobile payment– Service deployment in a TEE
• Why standardizing a TEE?
• TEE Roadmap
http://www.globalplatform.org
17
GlobalPlatform Members
Questions?
Visit us @ www.globalplatform.org