SlideShare une entreprise Scribd logo

Securing the Internet of Things - Hank Chavers

WithTheBest
WithTheBest

Hank Chavers

Technologie
1  sur  35
Télécharger pour lire hors ligne
GlobalPlatform Confidential © 2016 Securing the Internet of Things: Privacy, Authentication, and Trust for billions of things Hank Chavers Technical Program Manager IoT With the Best 29-30 October 2016
Agenda • Introduction to GlobalPlatform • IoT Security Use Cases • Introduction to the Trusted Execution Environment • Trusted Application Manager • Question and Answer (Time Permitting) 2
Agenda • Introduction to GlobalPlatform • IoT Security Use Cases • Introduction to the Trusted Execution Environment • Trusted Application Manager • Question and Answer (Time Permitting) 3
GlobalPlatform Overview • GlobalPlatform is an international standards organization that provides a comprehensive set of specifications, divided into three domains: 4 – Card Focus on the Secure Element (SE), secure chip technology. – Device Include the complete set of specifications for the Trusted Execution Environment (TEE), and technology to integrate a secure element into a device such as over-the-air management or the access control specification. – Systems (Cloud) Cover the interactions between the managing systems of Secure Element Issuers (SEIs), Service Providers (SPs), the Controlling Authority (CA) and Trusted Service Managers (TSMs).
Membership
GlobalPlatform was created in 1999 to digitalize issuers services! 1999 2000 - 2007 2007 - 2015 2015+
Value of GlobalPlatform’s Solution • GlobalPlatform’s Specifications offer: – Interoperability – Flexibility – Multi-application management – Security • GlobalPlatform is not an all-or-nothing proposition. The Specifications: – Can be used independently or all together – Work together with proprietary models – Support both single and multiple applications 7
Secure Element • A secure element (SE) is a tamper-resistant platform capable of securely hosting applications and their confidential and cryptographic data (e.g. key management) in accordance with the rules and security requirements set forth by a set of well-identified trusted authorities. From 2013 to 2015, more than 17 billionGlobalPlatform cards or SEs have been produced
• Introduction to GlobalPlatform • IoT Security Use Cases • Introduction to the Trusted Execution Environment • Trusted Application Manager • Question and Answer (Time Permitting) Agenda 9
How media portrays the IoT market today 10
GlobalPlatform Members Involved 11
IoT security requirements Device to device communication: Device identification Send message securely to cloud service: encrypt Device lifecycle and management Identity (Identification, access control, privacy): configuration, operations
Deployment Example • Some will adopt GlobalPlatform technologies (Secure Element) for security purposes – Smart Meters – Medical Equipment – Security Components 13
NXP Example of a Connected Automobile 14
Secure component in use 15 Device • State of the art Root of Trust • Simplified key injection (keys are already inside the hardware to be embedded • Cost effective crypto processor • Certified and reliable (no risk on crypto bugs from open source libraries) • Enables Unique Identification • Reliable Crypto Environment • Flexibility of services • Same platform can be customized depending on the market • Isolated environment • Crypto engine protected from other operation in the device • Provides Remote Administration • Update of IOT device security features in a multi tenant environment
Secure component in use 16 Device Security services for application Security services for device
• Introduction to GlobalPlatform • IoT Security Use Cases • Introduction to the Trusted Execution Environment • Trusted Application Manager • Question and Answer (Time Permitting) Agenda 17
GlobalPlatform TEE 18 • GlobalPlatform defines a TEE as a secure area in the main processor in a connected device • Ensures sensitive data is stored, processed, and protected in an isolated, trusted environment • Offers isolated safe execution of authorized security software, known as 'trusted applications’ which enables end-to-end security
Trusted Execution Environment Adoption • Android 6.0 requires TEE to protect biometric readers and data • FIDO Alliance and GlobalPlatform working together to ease development • oneM2M refers to GlobalPlatform TEE to provide level 2 protection 19
20 Hack Example › Waze Social Traffic hack › Attacker creates “ghost jam” › Other users diverted › Attacker clears road ahead › “Sensors” spoofed using Android dev environments › Fake user accounts made › Big Data fooled › Loss of trust in Service
The Rich Execution Environment 21 RICH OS APPLICATION ENVIRONMENT Rich OS Hardware Platform
GlobalPlatform TEE Architecture 22 RICH OS APPLICATION ENVIRONMENT GlobalPlatform Published APIs Rich OS Trusted OS Components Hardware Platform TRUSTED EXECUTION ENVIRONMENT GlobalPlatform Published APIs TEE Comm. Agent Trusted Drivers Trusted Core Framework HW Keys, Storage, TUI Peripherals (Screen and Keyboard), Secure Element HW Secure Resources
Message Passing Architecture 23 REE Application REE Application REE Application Client Application Shared Memory Public Device Drivers REE Comms. Agent TEE Client API Rich OS Components Trusted Device Drivers TEE Comms. Agent Trusted Kernel Trusted Core Framework Trusted OS Components TEE Internal Core API and extensions Shared Memory View Trusted Application REE Application REE Application Trusted Application Public Peripherals Trusted Peripherals Switchable Peripherals Messages IsolationdefinedbyTEEProtectionProfile TEE Protocols Platform Hardware
TEE Specification landscape • Architecture – TEE System Architecture v1.0 • Device TEE Access – TEE Client API Specification v1.0 • APIs for Trusted Applications – TEE Internal Core API Specification v1.1 – TEE Secure Element API Specification v1.0 – TEE Sockets API Specification v1.0 – Trusted User Interface API Specification v1.0 – TEE TA Debug Specification v1.0 • Security requirements – TEE Protection Profile v1.2 • Compliance – TEE Initial Configuration Test Suite 1.1.0.1 24 Download @ https://www.globalplatform.org/specificationsdevice.asp
Client application side 1. Create a context – Client application with TEE 2. Open a session Client application and Trusted Application 3. Exchange command/operation with a TA25 result = TEEC_InitializeContext( NULL, &context); if (result != TEEC_SUCCESS) { goto cleanup1; } result = TEEC_OpenSession( &context, &session, &cryptoTEEApp, /*UUID of the app */ TEEC_LOGIN_USER, NULL, /* No connection data */ NULL,/* No payload, no cancellation. */ NULL); result = TEEC_InvokeCommand( &session, CMD_ENCRYPT_INIT, &operation, NULL);
Trusted Application = TA Interface • TA_CreateEntryPoint – This is the Trusted Application constructor. • TA_DestroyEntryPoint – Guess what? This is the Trusted Application destructor! • TA_OpenSessionEntryPoint – This function is called whenever a client attempts to connect to the Trusted Application instance to open a new session • TA_CloseSessionEntryPoint – This function is called when the client closes a session and disconnects from the Trusted Application instance. • TA_InvokeCommandEntryPoint – This function is called whenever a client invokes a Trusted Application command.26 Each Trusted Application MUST provide the Implementation with a number of functions, collectively called the “TA interface”.
Trusted Application configuration • Each application is Identified by a UUID gpd.ta.appID • gpd.ta.singleInstance = create a single (if TRUE) TA instance for all the client sessions or create a separate instance for each client session • gpd.ta.multiSession = Whether the Trusted Application instance supports multiple sessions • gpd.ta.instanceKeepAlive = When this property is set to true, then the TA instance is terminated only when the TEE shuts down • gpd.ta.dataSize = Maximum estimated amount of dynamic data in bytes configured for the Trusted Application • gpd.ta.stackSize = Maximum stack size in bytes available to any task in the Trusted Application at any point in time • gpd.ta.version • and gpd.ta.description 27
Also • Trusted Applications are able to retrieve properties – From the client application • gpd.client.identity – From the TEE • gpd.tee.deviceID , gpd.tee.apiversion – Also the current TA • TAs are able to commit suicide – When a Trusted Application calls the TEE_Panic function, the current instance MUST be destroyed and all the resources opened by the instance MUST be reclaimed 28 TEE_GetPropertyAsString TEE_GetPropertyAsBool TEE_GetPropertyAsU32 TEE_GetPropertyAsBinaryBlock
Trusted Storage • A Trusted Storage Space contains Persistent Objects identified by an Object Identifier that can be – a Cryptographic Key Object, – a Cryptographic Key-Pair Object, – or a Data Object • gpd.tee.trustedStorage.rollbackDetection.protectionLevel gives to the application the level of protection against rollback attacks – Typically, protection level is equal to 100 for REE and 1000 with hardware assets controlled by the TEE • A TA can also allocate Transient Objects – have no identifier – Transient objects are held in memory and are automatically wiped and reclaimed when they are closed or when the TA instance is destroyed. • Multiple APIs are available to manage Persistent and Transient objects through object handles – Example : TEE_CreatePersistentObject, TEE_OpenPersistentObject, TEE_RenamePersistentObject , TEE_CloseAndDeletePersistentObject1, TEE_AllocateTransientObject 29 Trusted Storage Persistant object ID Transient object
More Internal Core APIs Crypto API • Based on Cryptographic operations - pre-allocated for a given operation type, algorithm, and key size Time API • 3 sources of Time – TA Persistent Time, a real-time source of time • The origin of this time is set individually by each Trusted Application and MUST persist across reboots. – System Time • the system time is not reset or rolled back during the life of a given TA instance • The level of trust accessible via gpd.tee.systemTime.protectionLevel • REE Time Arithmetic API • The specification offers a tool box for complex crypto functions not yet standardized – Allow to Implement missing crypto function as plug in – gives access to a Fast Modular Multiplication primitive • The “only” limit is input and output are TEE_BigInt [-2M+1, 2M-1] – M can be retrieved as the implementation property gpd.tee.arith.maxBigIntSize 30 TEE_ALG_SHA256 TEE_MODE_DIGEST Between 192 and 1024 bits, multiple of 8 bits
• Introduction to GlobalPlatform • Trusted Execution Environment (TEE) Architecture • Introduction to TEE APIs • Trusted Application Manager • Question and Answer Agenda 31
Trusted Application Manager Overview • Trusted Application Manager (TAM): – Provides a scalable and remote means to manage the • Trusted Execution Environment (TEE) • Security Domains (SD) • Trusted Applications (TA) – Enforces the security policy of TA Providers, TEE Issuers, and TEE Implementers – Ensures the security and the integrity of these entities – Enables the confidentiality of the data • Uses secure protocols and interfaces accessed either through the Client API or via extensions to the Internal Core API 32 rSD SD2 TA SD3 TA
33 How does a TAM operate? Service Provider Create Security Domain 1) Install TA 2) TA personalization Push the App and the TA on the App Store 1 App TA 5 App T A 2 6 Request installation3 Verify Device Identity4 NOTE: This is only one of many possible configurations 5
34 Trustonic Developer Tools App Store Google Play Trustonic Software Protection TEE TA Ap p Ap p SW TA Ap p SW TA Main App TEE TA SW TA Main App SW TA Trustonic TEE Protection
• Introduction to GlobalPlatform • Trusted Execution Environment (TEE) Architecture • Introduction to TEE APIs • Trusted Application Manager • Question and Answer Agenda 35

Recommandé

BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
Linaro
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
Linaro
 
LAS16-306: Exploring the Open Trusted Protocol
LAS16-306: Exploring the Open Trusted ProtocolLAS16-306: Exploring the Open Trusted Protocol
LAS16-306: Exploring the Open Trusted Protocol
Linaro
 
LCA14: LCA14-418: Testing a secure framework
LCA14: LCA14-418: Testing a secure frameworkLCA14: LCA14-418: Testing a secure framework
LCA14: LCA14-418: Testing a secure framework
Linaro
 
LAS16-300K2: Geoff Thorpe - IoT Zephyr
LAS16-300K2: Geoff Thorpe - IoT ZephyrLAS16-300K2: Geoff Thorpe - IoT Zephyr
LAS16-300K2: Geoff Thorpe - IoT Zephyr
Shovan Sargunam
 
BUD17-400: Secure Data Path with OPTEE
BUD17-400: Secure Data Path with OPTEE BUD17-400: Secure Data Path with OPTEE
BUD17-400: Secure Data Path with OPTEE
Linaro
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
Linaro
 
TEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityTEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source security
Linaro
 

Recommandé

BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
Linaro
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
Linaro
 
LAS16-306: Exploring the Open Trusted Protocol
LAS16-306: Exploring the Open Trusted ProtocolLAS16-306: Exploring the Open Trusted Protocol
LAS16-306: Exploring the Open Trusted Protocol
Linaro
 
LCA14: LCA14-418: Testing a secure framework
LCA14: LCA14-418: Testing a secure frameworkLCA14: LCA14-418: Testing a secure framework
LCA14: LCA14-418: Testing a secure framework
Linaro
 
LAS16-300K2: Geoff Thorpe - IoT Zephyr
LAS16-300K2: Geoff Thorpe - IoT ZephyrLAS16-300K2: Geoff Thorpe - IoT Zephyr
LAS16-300K2: Geoff Thorpe - IoT Zephyr
Shovan Sargunam
 
BUD17-400: Secure Data Path with OPTEE
BUD17-400: Secure Data Path with OPTEE BUD17-400: Secure Data Path with OPTEE
BUD17-400: Secure Data Path with OPTEE
Linaro
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
Linaro
 
TEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityTEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source security
Linaro
 
BUD17-416: Benchmark and profiling in OP-TEE
BUD17-416: Benchmark and profiling in OP-TEE BUD17-416: Benchmark and profiling in OP-TEE
BUD17-416: Benchmark and profiling in OP-TEE
Linaro
 
Lcu14 306 - OP-TEE Future Enhancements
Lcu14 306 - OP-TEE Future EnhancementsLcu14 306 - OP-TEE Future Enhancements
Lcu14 306 - OP-TEE Future Enhancements
Linaro
 
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CanSecWest
 
Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8
Linaro
 
Txt Introduction
Txt IntroductionTxt Introduction
Txt Introduction
Logic Solutions, Inc.
 
LAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devicesLAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devices
Linaro
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting Review
Linaro
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
Linaro
 
LAS16-300: Mini Conference 2 Cortex-M Software - Device Configuration
LAS16-300: Mini Conference 2 Cortex-M Software - Device ConfigurationLAS16-300: Mini Conference 2 Cortex-M Software - Device Configuration
LAS16-300: Mini Conference 2 Cortex-M Software - Device Configuration
Linaro
 
Demystifying Secure enclave processor
Demystifying Secure enclave processorDemystifying Secure enclave processor
Demystifying Secure enclave processor
Priyanka Aash
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted Firmware
Linaro
 
Practical Trusted Platform Module (TPM2) Programming
Practical Trusted Platform Module (TPM2) ProgrammingPractical Trusted Platform Module (TPM2) Programming
Practical Trusted Platform Module (TPM2) Programming
Brandon Arvanaghi
 
Solnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsecSolnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsec
PacSecJP
 
Csw2016 julien moinard-hardsploit
Csw2016 julien moinard-hardsploitCsw2016 julien moinard-hardsploit
Csw2016 julien moinard-hardsploit
CanSecWest
 
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updatedCsw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
CanSecWest
 
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Linaro
 
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
FFRI, Inc.
 
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CanSecWest
 
BUD17-104: Scripting Languages in IoT: Challenges and Approaches
BUD17-104: Scripting Languages in IoT: Challenges and ApproachesBUD17-104: Scripting Languages in IoT: Challenges and Approaches
BUD17-104: Scripting Languages in IoT: Challenges and Approaches
Linaro
 
Securing a Raspberry Pi and other DIY IoT devices
Securing a Raspberry Pi and other DIY IoT devicesSecuring a Raspberry Pi and other DIY IoT devices
Securing a Raspberry Pi and other DIY IoT devices
Ian Kluft
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
RISC-V International
 
Going Beyond the Device Heart Beat
Going Beyond the Device Heart BeatGoing Beyond the Device Heart Beat
Going Beyond the Device Heart Beat
Balwinder Kaur
 

Contenu connexe

Tendances

BUD17-416: Benchmark and profiling in OP-TEE
BUD17-416: Benchmark and profiling in OP-TEE BUD17-416: Benchmark and profiling in OP-TEE
BUD17-416: Benchmark and profiling in OP-TEE
Linaro
 
Lcu14 306 - OP-TEE Future Enhancements
Lcu14 306 - OP-TEE Future EnhancementsLcu14 306 - OP-TEE Future Enhancements
Lcu14 306 - OP-TEE Future Enhancements
Linaro
 
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CanSecWest
 
Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8
Linaro
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting Review
Linaro
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
Linaro
 
LAS16-300: Mini Conference 2 Cortex-M Software - Device Configuration
LAS16-300: Mini Conference 2 Cortex-M Software - Device ConfigurationLAS16-300: Mini Conference 2 Cortex-M Software - Device Configuration
LAS16-300: Mini Conference 2 Cortex-M Software - Device Configuration
Linaro
 
Demystifying Secure enclave processor
Demystifying Secure enclave processorDemystifying Secure enclave processor
Demystifying Secure enclave processor
Priyanka Aash
 
Solnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsecSolnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsec
PacSecJP
 
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updatedCsw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
CanSecWest
 
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Linaro
 
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CanSecWest
 
BUD17-104: Scripting Languages in IoT: Challenges and Approaches
BUD17-104: Scripting Languages in IoT: Challenges and ApproachesBUD17-104: Scripting Languages in IoT: Challenges and Approaches
BUD17-104: Scripting Languages in IoT: Challenges and Approaches
Linaro
 

Tendances (20)

BUD17-416: Benchmark and profiling in OP-TEE
BUD17-416: Benchmark and profiling in OP-TEE BUD17-416: Benchmark and profiling in OP-TEE
BUD17-416: Benchmark and profiling in OP-TEE
 
Lcu14 306 - OP-TEE Future Enhancements
Lcu14 306 - OP-TEE Future EnhancementsLcu14 306 - OP-TEE Future Enhancements
Lcu14 306 - OP-TEE Future Enhancements
 
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
 
Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8
 
Txt Introduction
Txt IntroductionTxt Introduction
Txt Introduction
 
LAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devicesLAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devices
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting Review
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
 
LAS16-300: Mini Conference 2 Cortex-M Software - Device Configuration
LAS16-300: Mini Conference 2 Cortex-M Software - Device ConfigurationLAS16-300: Mini Conference 2 Cortex-M Software - Device Configuration
LAS16-300: Mini Conference 2 Cortex-M Software - Device Configuration
 
Demystifying Secure enclave processor
Demystifying Secure enclave processorDemystifying Secure enclave processor
Demystifying Secure enclave processor
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted Firmware
 
Practical Trusted Platform Module (TPM2) Programming
Practical Trusted Platform Module (TPM2) ProgrammingPractical Trusted Platform Module (TPM2) Programming
Practical Trusted Platform Module (TPM2) Programming
 
Solnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsecSolnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsec
 
Csw2016 julien moinard-hardsploit
Csw2016 julien moinard-hardsploitCsw2016 julien moinard-hardsploit
Csw2016 julien moinard-hardsploit
 
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updatedCsw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
 
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
 
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
 
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
 
BUD17-104: Scripting Languages in IoT: Challenges and Approaches
BUD17-104: Scripting Languages in IoT: Challenges and ApproachesBUD17-104: Scripting Languages in IoT: Challenges and Approaches
BUD17-104: Scripting Languages in IoT: Challenges and Approaches
 
Securing a Raspberry Pi and other DIY IoT devices
Securing a Raspberry Pi and other DIY IoT devicesSecuring a Raspberry Pi and other DIY IoT devices
Securing a Raspberry Pi and other DIY IoT devices
 

Similaire à Securing the Internet of Things - Hank Chavers

Man in the Cloud Attacks
Man in the Cloud AttacksMan in the Cloud Attacks
Man in the Cloud Attacks
Imperva
 
The differing ways to monitor and instrument
The differing ways to monitor and instrumentThe differing ways to monitor and instrument
The differing ways to monitor and instrument
Jonah Kowall
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
Sumana Mehta
 
Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2
Srinivasa Addepalli
 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Norm Barber
 

Similaire à Securing the Internet of Things - Hank Chavers (20)

Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
 
Going Beyond the Device Heart Beat
Going Beyond the Device Heart BeatGoing Beyond the Device Heart Beat
Going Beyond the Device Heart Beat
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition System
 
Man in the Cloud Attacks
Man in the Cloud AttacksMan in the Cloud Attacks
Man in the Cloud Attacks
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open Standards
 
The differing ways to monitor and instrument
The differing ways to monitor and instrumentThe differing ways to monitor and instrument
The differing ways to monitor and instrument
 
CIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open StandardsCIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open Standards
 
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
 
2019 10-app gate sdp 101 09a
2019 10-app gate sdp 101 09a2019 10-app gate sdp 101 09a
2019 10-app gate sdp 101 09a
 
Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of building
 
IoT meets AI in the Clouds
IoT meets AI in the CloudsIoT meets AI in the Clouds
IoT meets AI in the Clouds
 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
 
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedMigrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
 
Platform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterPlatform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building Better
 
Augmate connect_Deck
Augmate connect_DeckAugmate connect_Deck
Augmate connect_Deck
 
Trusted computing introduction and technical overview
Trusted computing introduction and technical overviewTrusted computing introduction and technical overview
Trusted computing introduction and technical overview
 
CNIT 128 8: Mobile development security
CNIT 128 8: Mobile development securityCNIT 128 8: Mobile development security
CNIT 128 8: Mobile development security
 

Plus de WithTheBest

Engaging and sharing your VR experience
Engaging and sharing your VR experienceEngaging and sharing your VR experience
Engaging and sharing your VR experience
WithTheBest
 
How to survive the early days of VR as an Indie Studio
How to survive the early days of VR as an Indie StudioHow to survive the early days of VR as an Indie Studio
How to survive the early days of VR as an Indie Studio
WithTheBest
 
Unlocking Human Potential with Immersive Technology
Unlocking Human Potential with Immersive TechnologyUnlocking Human Potential with Immersive Technology
Unlocking Human Potential with Immersive Technology
WithTheBest
 
VR Interactions - Jason Jerald
VR Interactions - Jason JeraldVR Interactions - Jason Jerald
VR Interactions - Jason Jerald
WithTheBest
 

Plus de WithTheBest (20)

Riccardo Vittoria
Riccardo VittoriaRiccardo Vittoria
Riccardo Vittoria
 
Recreating history in virtual reality
Recreating history in virtual realityRecreating history in virtual reality
Recreating history in virtual reality
 
Engaging and sharing your VR experience
Engaging and sharing your VR experienceEngaging and sharing your VR experience
Engaging and sharing your VR experience
 
How to survive the early days of VR as an Indie Studio
How to survive the early days of VR as an Indie StudioHow to survive the early days of VR as an Indie Studio
How to survive the early days of VR as an Indie Studio
 
Mixed reality 101
Mixed reality 101 Mixed reality 101
Mixed reality 101
 
Unlocking Human Potential with Immersive Technology
Unlocking Human Potential with Immersive TechnologyUnlocking Human Potential with Immersive Technology
Unlocking Human Potential with Immersive Technology
 
Building your own video devices
Building your own video devicesBuilding your own video devices
Building your own video devices
 
Maximizing performance of 3 d user generated assets in unity
Maximizing performance of 3 d user generated assets in unityMaximizing performance of 3 d user generated assets in unity
Maximizing performance of 3 d user generated assets in unity
 
Wizdish rovr
Wizdish rovrWizdish rovr
Wizdish rovr
 
Haptics & amp; null space vr
Haptics & amp; null space vrHaptics & amp; null space vr
Haptics & amp; null space vr
 
How we use vr to break the laws of physics
How we use vr to break the laws of physicsHow we use vr to break the laws of physics
How we use vr to break the laws of physics
 
The Virtual Self
The Virtual Self The Virtual Self
The Virtual Self
 
You dont have to be mad to do VR and AR ... but it helps
You dont have to be mad to do VR and AR ... but it helpsYou dont have to be mad to do VR and AR ... but it helps
You dont have to be mad to do VR and AR ... but it helps
 
Omnivirt overview
Omnivirt overviewOmnivirt overview
Omnivirt overview
 
VR Interactions - Jason Jerald
VR Interactions - Jason JeraldVR Interactions - Jason Jerald
VR Interactions - Jason Jerald
 
Japheth Funding your startup - dating the devil
Japheth Funding your startup - dating the devilJapheth Funding your startup - dating the devil
Japheth Funding your startup - dating the devil
 
Transported vr the virtual reality platform for real estate
Transported vr the virtual reality platform for real estateTransported vr the virtual reality platform for real estate
Transported vr the virtual reality platform for real estate
 
Measuring Behavior in VR - Rob Merki Cognitive VR
Measuring Behavior in VR - Rob Merki Cognitive VRMeasuring Behavior in VR - Rob Merki Cognitive VR
Measuring Behavior in VR - Rob Merki Cognitive VR
 
Global demand for Mixed Realty (VR/AR) content is about to explode.
Global demand for Mixed Realty (VR/AR) content is about to explode. Global demand for Mixed Realty (VR/AR) content is about to explode.
Global demand for Mixed Realty (VR/AR) content is about to explode.
 
VR, a new technology over 40,000 years old
VR, a new technology over 40,000 years oldVR, a new technology over 40,000 years old
VR, a new technology over 40,000 years old
 

Dernier

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Dernier (20)

DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 

Securing the Internet of Things - Hank Chavers

  • 1. GlobalPlatform Confidential © 2016 Securing the Internet of Things: Privacy, Authentication, and Trust for billions of things Hank Chavers Technical Program Manager IoT With the Best 29-30 October 2016
  • 2. Agenda • Introduction to GlobalPlatform • IoT Security Use Cases • Introduction to the Trusted Execution Environment • Trusted Application Manager • Question and Answer (Time Permitting) 2
  • 3. Agenda • Introduction to GlobalPlatform • IoT Security Use Cases • Introduction to the Trusted Execution Environment • Trusted Application Manager • Question and Answer (Time Permitting) 3
  • 4. GlobalPlatform Overview • GlobalPlatform is an international standards organization that provides a comprehensive set of specifications, divided into three domains: 4 – Card Focus on the Secure Element (SE), secure chip technology. – Device Include the complete set of specifications for the Trusted Execution Environment (TEE), and technology to integrate a secure element into a device such as over-the-air management or the access control specification. – Systems (Cloud) Cover the interactions between the managing systems of Secure Element Issuers (SEIs), Service Providers (SPs), the Controlling Authority (CA) and Trusted Service Managers (TSMs).
  • 6. GlobalPlatform was created in 1999 to digitalize issuers services! 1999 2000 - 2007 2007 - 2015 2015+
  • 7. Value of GlobalPlatform’s Solution • GlobalPlatform’s Specifications offer: – Interoperability – Flexibility – Multi-application management – Security • GlobalPlatform is not an all-or-nothing proposition. The Specifications: – Can be used independently or all together – Work together with proprietary models – Support both single and multiple applications 7
  • 8. Secure Element • A secure element (SE) is a tamper-resistant platform capable of securely hosting applications and their confidential and cryptographic data (e.g. key management) in accordance with the rules and security requirements set forth by a set of well-identified trusted authorities. From 2013 to 2015, more than 17 billionGlobalPlatform cards or SEs have been produced
  • 9. • Introduction to GlobalPlatform • IoT Security Use Cases • Introduction to the Trusted Execution Environment • Trusted Application Manager • Question and Answer (Time Permitting) Agenda 9
  • 10. How media portrays the IoT market today 10
  • 12. IoT security requirements Device to device communication: Device identification Send message securely to cloud service: encrypt Device lifecycle and management Identity (Identification, access control, privacy): configuration, operations
  • 13. Deployment Example • Some will adopt GlobalPlatform technologies (Secure Element) for security purposes – Smart Meters – Medical Equipment – Security Components 13
  • 14. NXP Example of a Connected Automobile 14
  • 15. Secure component in use 15 Device • State of the art Root of Trust • Simplified key injection (keys are already inside the hardware to be embedded • Cost effective crypto processor • Certified and reliable (no risk on crypto bugs from open source libraries) • Enables Unique Identification • Reliable Crypto Environment • Flexibility of services • Same platform can be customized depending on the market • Isolated environment • Crypto engine protected from other operation in the device • Provides Remote Administration • Update of IOT device security features in a multi tenant environment
  • 16. Secure component in use 16 Device Security services for application Security services for device
  • 17. • Introduction to GlobalPlatform • IoT Security Use Cases • Introduction to the Trusted Execution Environment • Trusted Application Manager • Question and Answer (Time Permitting) Agenda 17
  • 18. GlobalPlatform TEE 18 • GlobalPlatform defines a TEE as a secure area in the main processor in a connected device • Ensures sensitive data is stored, processed, and protected in an isolated, trusted environment • Offers isolated safe execution of authorized security software, known as 'trusted applications’ which enables end-to-end security
  • 19. Trusted Execution Environment Adoption • Android 6.0 requires TEE to protect biometric readers and data • FIDO Alliance and GlobalPlatform working together to ease development • oneM2M refers to GlobalPlatform TEE to provide level 2 protection 19
  • 20. 20 Hack Example › Waze Social Traffic hack › Attacker creates “ghost jam” › Other users diverted › Attacker clears road ahead › “Sensors” spoofed using Android dev environments › Fake user accounts made › Big Data fooled › Loss of trust in Service
  • 21. The Rich Execution Environment 21 RICH OS APPLICATION ENVIRONMENT Rich OS Hardware Platform
  • 22. GlobalPlatform TEE Architecture 22 RICH OS APPLICATION ENVIRONMENT GlobalPlatform Published APIs Rich OS Trusted OS Components Hardware Platform TRUSTED EXECUTION ENVIRONMENT GlobalPlatform Published APIs TEE Comm. Agent Trusted Drivers Trusted Core Framework HW Keys, Storage, TUI Peripherals (Screen and Keyboard), Secure Element HW Secure Resources
  • 23. Message Passing Architecture 23 REE Application REE Application REE Application Client Application Shared Memory Public Device Drivers REE Comms. Agent TEE Client API Rich OS Components Trusted Device Drivers TEE Comms. Agent Trusted Kernel Trusted Core Framework Trusted OS Components TEE Internal Core API and extensions Shared Memory View Trusted Application REE Application REE Application Trusted Application Public Peripherals Trusted Peripherals Switchable Peripherals Messages IsolationdefinedbyTEEProtectionProfile TEE Protocols Platform Hardware
  • 24. TEE Specification landscape • Architecture – TEE System Architecture v1.0 • Device TEE Access – TEE Client API Specification v1.0 • APIs for Trusted Applications – TEE Internal Core API Specification v1.1 – TEE Secure Element API Specification v1.0 – TEE Sockets API Specification v1.0 – Trusted User Interface API Specification v1.0 – TEE TA Debug Specification v1.0 • Security requirements – TEE Protection Profile v1.2 • Compliance – TEE Initial Configuration Test Suite 1.1.0.1 24 Download @ https://www.globalplatform.org/specificationsdevice.asp
  • 25. Client application side 1. Create a context – Client application with TEE 2. Open a session Client application and Trusted Application 3. Exchange command/operation with a TA25 result = TEEC_InitializeContext( NULL, &context); if (result != TEEC_SUCCESS) { goto cleanup1; } result = TEEC_OpenSession( &context, &session, &cryptoTEEApp, /*UUID of the app */ TEEC_LOGIN_USER, NULL, /* No connection data */ NULL,/* No payload, no cancellation. */ NULL); result = TEEC_InvokeCommand( &session, CMD_ENCRYPT_INIT, &operation, NULL);
  • 26. Trusted Application = TA Interface • TA_CreateEntryPoint – This is the Trusted Application constructor. • TA_DestroyEntryPoint – Guess what? This is the Trusted Application destructor! • TA_OpenSessionEntryPoint – This function is called whenever a client attempts to connect to the Trusted Application instance to open a new session • TA_CloseSessionEntryPoint – This function is called when the client closes a session and disconnects from the Trusted Application instance. • TA_InvokeCommandEntryPoint – This function is called whenever a client invokes a Trusted Application command.26 Each Trusted Application MUST provide the Implementation with a number of functions, collectively called the “TA interface”.
  • 27. Trusted Application configuration • Each application is Identified by a UUID gpd.ta.appID • gpd.ta.singleInstance = create a single (if TRUE) TA instance for all the client sessions or create a separate instance for each client session • gpd.ta.multiSession = Whether the Trusted Application instance supports multiple sessions • gpd.ta.instanceKeepAlive = When this property is set to true, then the TA instance is terminated only when the TEE shuts down • gpd.ta.dataSize = Maximum estimated amount of dynamic data in bytes configured for the Trusted Application • gpd.ta.stackSize = Maximum stack size in bytes available to any task in the Trusted Application at any point in time • gpd.ta.version • and gpd.ta.description 27
  • 28. Also • Trusted Applications are able to retrieve properties – From the client application • gpd.client.identity – From the TEE • gpd.tee.deviceID , gpd.tee.apiversion – Also the current TA • TAs are able to commit suicide – When a Trusted Application calls the TEE_Panic function, the current instance MUST be destroyed and all the resources opened by the instance MUST be reclaimed 28 TEE_GetPropertyAsString TEE_GetPropertyAsBool TEE_GetPropertyAsU32 TEE_GetPropertyAsBinaryBlock
  • 29. Trusted Storage • A Trusted Storage Space contains Persistent Objects identified by an Object Identifier that can be – a Cryptographic Key Object, – a Cryptographic Key-Pair Object, – or a Data Object • gpd.tee.trustedStorage.rollbackDetection.protectionLevel gives to the application the level of protection against rollback attacks – Typically, protection level is equal to 100 for REE and 1000 with hardware assets controlled by the TEE • A TA can also allocate Transient Objects – have no identifier – Transient objects are held in memory and are automatically wiped and reclaimed when they are closed or when the TA instance is destroyed. • Multiple APIs are available to manage Persistent and Transient objects through object handles – Example : TEE_CreatePersistentObject, TEE_OpenPersistentObject, TEE_RenamePersistentObject , TEE_CloseAndDeletePersistentObject1, TEE_AllocateTransientObject 29 Trusted Storage Persistant object ID Transient object
  • 30. More Internal Core APIs Crypto API • Based on Cryptographic operations - pre-allocated for a given operation type, algorithm, and key size Time API • 3 sources of Time – TA Persistent Time, a real-time source of time • The origin of this time is set individually by each Trusted Application and MUST persist across reboots. – System Time • the system time is not reset or rolled back during the life of a given TA instance • The level of trust accessible via gpd.tee.systemTime.protectionLevel • REE Time Arithmetic API • The specification offers a tool box for complex crypto functions not yet standardized – Allow to Implement missing crypto function as plug in – gives access to a Fast Modular Multiplication primitive • The “only” limit is input and output are TEE_BigInt [-2M+1, 2M-1] – M can be retrieved as the implementation property gpd.tee.arith.maxBigIntSize 30 TEE_ALG_SHA256 TEE_MODE_DIGEST Between 192 and 1024 bits, multiple of 8 bits
  • 31. • Introduction to GlobalPlatform • Trusted Execution Environment (TEE) Architecture • Introduction to TEE APIs • Trusted Application Manager • Question and Answer Agenda 31
  • 32. Trusted Application Manager Overview • Trusted Application Manager (TAM): – Provides a scalable and remote means to manage the • Trusted Execution Environment (TEE) • Security Domains (SD) • Trusted Applications (TA) – Enforces the security policy of TA Providers, TEE Issuers, and TEE Implementers – Ensures the security and the integrity of these entities – Enables the confidentiality of the data • Uses secure protocols and interfaces accessed either through the Client API or via extensions to the Internal Core API 32 rSD SD2 TA SD3 TA
  • 33. 33 How does a TAM operate? Service Provider Create Security Domain 1) Install TA 2) TA personalization Push the App and the TA on the App Store 1 App TA 5 App T A 2 6 Request installation3 Verify Device Identity4 NOTE: This is only one of many possible configurations 5
  • 34. 34 Trustonic Developer Tools App Store Google Play Trustonic Software Protection TEE TA Ap p Ap p SW TA Ap p SW TA Main App TEE TA SW TA Main App SW TA Trustonic TEE Protection
  • 35. • Introduction to GlobalPlatform • Trusted Execution Environment (TEE) Architecture • Introduction to TEE APIs • Trusted Application Manager • Question and Answer Agenda 35