Date post: | 16-Jul-2015 |
Category: |
Technology |
Upload: | mfrancis |
View: | 65 times |
Download: | 1 times |
Gemplus Introduction
World Leader for Smart Card SolutionsSmart Solutions in Telecommunications
Beyond the SIM with applications and Over the Air Platform
Trusted Solutions for finance and securityBanking: differentiated servicesRetail: customer loyaltyID and Security: Government and Enterprise
Security expertise delivered by Business Development GroupDigital SecurityOperating SystemsTechnology-driven business
What is the Gemplus Automotive Approach?
Leverage our telecom and security expertise in automotive market :
Provide more flexibility to the SIM Card
Ensuring end to end security in Electronic Control Unit SoftwareDownload
Enabling Multi services Token for services personalization
Requirements for services life cycle flexibility and security
Java Card J2SE J2EE
VM
Language
API
JCVM JVMKVM
J2MECLDC CDC
Java subset Java
JC API CLDC API CDC APIAPI
APIMID
P
P2
P4P3 . . .
. . .
OSGI
Gemplus and Java
More than 50% of our products are Java compliant
Migration from proprietary platform towards open platform
As a smart card leader we have to be the first at the standardization level
JSR 177 – Secure the Java Mobile Environment with security services coming from SIM Card
Why OSGI for the next Java Card Platform?
Next Generation smart cards will require dynamic service management
Need for OSGI lite in order to have a flexible way to manage application
Need for adapting Performance and Hardware constraints due to the small smart card environment
Gemplus is proposing an OSGI framework for the next Java Card platform
Our light OSGI Implementation
Implements only the Core OSGI Features (possibly a subset)
KVM-like java platform Development for smart card
Communication is provided by an embedded TCP/IP stack
For smart card first but possible extension to small foot print environment
Our OSGi Security approach
Open environment means more risk exposure and more security requirements
Objective is to have an end to end security chain from development to application use
The security level is always given by the weakest element
So far, usage of Global Platform to manage our open platformOur products are based on Global Platform and have a security validated by EAL5+ (Evaluation Assurance Level) Certification
OSGi Security scheme remains open and has to be defined by OSGi solution integrators
Java is Open but Possibly Secured
Java and securityCode download post-issuanceMulti-applicationApplet / platform separation
RisksNon Verified Application (Trojan horses)Problems of trust and rights delegation
Enforcement of chain trustRisk assessment to evaluate the vulnerabilityIdentity of each involved party can be checked (authentication)Answer to Integrity and Confidentiality of data NeedsSecure the Java Virtual Machine
End to end Security Services
GSM/GPRS,UMTS
Multi-applicationPost-issuance
capabilitiesSignature and
encryption of application
Internet
Shops
Application Server
Complete security chain to reach high security level
Parallel can be made with the Automotive World
The same requirements exist for the automotive market
InternetWLAN
Dealers
Application Server
GSM/GPRS,UMTS
Multi-applicationPost-issuance
capabilitiesSignature and
encryption of application
Conclusion
OSGi is a candidate for New Generation Java Card management framework
OSGI brings flexibility but great care has to be taken concerning the complete security chain
Gemplus has an end to end security expertise and has experimented an OSGI lite implementation
Questions? [email protected]