Cryptography and Network Security UNIT V - SYSTEM LEVEL SECURITY.
Enhancing Trust in Mobile Services Using the Latest …€¦ · TEE Security Certification •...
Transcript of Enhancing Trust in Mobile Services Using the Latest …€¦ · TEE Security Certification •...
Enhancing Trust in Mobile Services Using
the Latest GlobalPlatform Standards
Julien DelplanckeGlobalPlatform Member Representative
8th ETSI Security Workshop
January 17th, 2013
1
©2012 @GlobalPlatform_ www.linkedin.com/company/globalplatform
GlobalPlatform Today
GlobalPlatform is the standard for managing applications on secure chip technology…
Trusted
Execution
Environment (TEE)
Secure
Element (SE)AND
… across several markets and in converging sectors
Environment (TEE)Element (SE)
What is a TEE?
• TEE provides hardware-based
isolation from rich operating
systems (OS) such as Android,
Windows Phone and Symbian
• TEE runs on the main device Rich OS Application Environment Trusted Execution Environment
Trusted Trusted Trusted
Open to malware and
rooting / jailbreaking
Isolation of sensitive
assets
• TEE runs on the main device
chipset
• TEE has privileged access to
device resources (user interface,
crypto accelerators, secure
elements…).
5
Hardware Platform
Rich OS
Trusted CoreEnvironment
GlobalPlatformTEEInternalAPI
TrustedFunctions
Payment Corporate
Client Applications
TrustedApplication
DRM
TrustedApplication
Payment
TrustedApplicationCorporate
HW Secure Resources
GlobalPlatformTEE Internal
TEE Kernel
API
GlobalPlatform TEE Client API
What is the TEE Scope in GlobalPlatform?
TEE Software Interfaces
TEE Administration
6
Functional
Compliance
Security
Certification
TEE
ConfigurationsUse cases
business requirements
GlobalPlatform TEE Compliance &
Security Certification
+TEE OS
System on Chip-based Platform Supporting GlobalPlatform TEE
Functional
GlobalPlatform-defined test
suite
GlobalPlatform-defined TEE Protection
Profile
7
+ Functional
GlobalPlatformCompliance
Security
Certification
GlobalPlatform STAMP
• Current and first focus = platform
• Final product (final smartphone, tablet…): light delta compliance and / or security
certification might be defined at a later stage
First TEE TestFestin Oct. 2012
High-Level TEE Roadmap
Rich OS Application EnvironmentRich OS Application Environment Trusted Execution EnvironmentTrusted Execution Environment
Payment CorporateClient ApplicationsApplications
TrustedApplication
DRM
Trusted
Application
Payment
Trusted
Application
Corporate
Administration
ADMINISTRATION
• Management of multiple security domains (Q1 2013)
INTERNAL APIs• Core APIs 1.0 (Q4 2011) �
8
HardwarePlatform
Rich OS
HW SecureResources
TEE Kernel and Functions
SECURITY CERTIFICATION• TEE Protection Profile (Q1 2013)
COMPLIANCE• Client & core APIs (Q4 2012) �• Additional APIs (Q2 2013)
• Core APIs 1.0 (Q4 2011) �• Trusted user interface (Q1 2013)• Debug APIs (Q1 2013)• Interface to SE (Q1 2013)• Socket API (Q2 2013)
GlobalPlatform TEE Internal APIsGlobalPlatform TEE Client API
APIs for RICH OS ENVIRONMENT
• TEE Client API (Q3 2010) �• Javascript API (Q2 2013)
TEE Security Certification
• Enabling independent entities to validate TEE security level to prove a first level of security of TEE
• Does not go up to SE / smart card level of security
• Need to prove– Isolation of TEE vs rich OS environment
– Isolation of trusted applications (TAs) between each other
– TAs are not tampering with the TEE OS
PRINCIPLES
TEE security certification scheme based on:• Common Criteria scheme • Existing lab infrastructure (ITSEF labs)
in many countries • TEE Protection Profile
– TAs are not tampering with the TEE OS
• Main attack vectors– Software attacks coming from
• Rich OS (malware, rooted device, …)
• Rogue / badly written TAs
– Few ‘easy’ hardware attacks such as
• Debug/Jtag interface
• Firmware replacement
• Not reinventing the wheel
• Use international scheme (e.g. not a country-specific scheme)
• Be lightweight to fulfill time-to-market requirements of mobile industry
9
• TEE Protection Profile• Evaluation Assurance Level (EAL)
‘TEE’: custom EAL to accommodate lightweight process