© 2016
GlobalPlatform
Confidential
Securing the Internet-of-Things with
GlobalPlatform Components
François Ennesser
GlobalPlatform IoT Task Force
Member (Gemalto)
ETSI IoT Workshop 2016
Sophia Antipolis, France
GlobalPlatform was created in 1999 to
help issuers digitalize their services!
2
1999
2000 - 2007
2007 - 2015
2015+
GlobalPlatform positioning
3
GlobalPlatform positioning
4
How media portrays the IoT market today
5
How we see the IoT market today
• As the IoT market continues to grow and the number of connected objects and
devices proliferates, an abundance of new services will be possible.
• Yet, this market is still in its infancy and the explosion of objects, devices and
services creates a new set of privacy and security concerns.
• In the same way that consumers want to ensure that their personal and usage
data are not misused, any number of stakeholders will also want to ensure that
their data is protected and services are securely delivered.
• Unlike traditional internet, a typical IoT system:
– Inputs information about our behaviours, thus directly exposes our privacy
– Outputs adaptations to our environment, thus potentially affects our safety
• Security is a chain that is only as strong as its weakest link, hence all stages of a
device / service lifecycle need to be properly secured through its lifetime
6
Secure component in use case #1Already available for the market
7
GlobalPlatform secure
component is
a state of the art root of trust
Simplified key injection
(keys are already inside
the hardware to be
embedded), providing
IoT provisioning
Cost effective, certified
and reliable crypto
processor
(no risk of crypto bugs
from open source
libraries)
Secure component in use case #2Already available for the market
8
A GlobalPlatform secure
component provides unique
identification, applicable
across multiple business
domains
Secure component in use case #3Already available for the market
9
A GlobalPlatform secure
component provides remote
administration during
operation, supporting
devices with long lifecycles
IoT device security features
can be updated
confidentially by each
stakeholder in a multi-tenant
environment
Secure component in use case #4Already available for the market
10
A GlobalPlatform secure
component provides:
Security services for the
device
Security services for the
application
It can facilitate initial
provisioning in addition to
operations
Scope of the Internet of Things
• Industrial M2M
– Heating, ventilation, and air conditioning
– Industrial controls / proximity security
– Power distribution and management, smart grids
– Health and medical equipment
– Manufacturing equipment, smart factory
• Smart Cities
– City and metropolitan services
– Intelligent transport systems
– Public utilities
• Consumer IoT
– Smart homes
– Automotive
– Wearables
– Gaming
11
Embedded systems make-up
a significant
percentage of IoT
Many IoT devices are often
unattended / physically exposed
to attackers, though locally managed
Others are physically unreachable
and need to be remotely managed
Traditional embedded systems are
migrating to
multi-app / multi-tenant environments
Our vision for affordable M2M/IoT security
1. A single security infrastructure should be leveraged in each deployment, enabling
all ecosystem stakeholders to confidentially manage their security parameters
2. Stakeholders involved in all layers of a device or infrastructure component
(hardware manufacturer, communication provider, application providers) should
be able to leverage on a single security component to satisfy all their requirements
3. M2M/IoT diversity requires a range of security solutions to address different
security requirements, yet they need to be homogeneously managed:
– Protect safety through tamper resistance for unattended devices (SE)
– Protect privacy from remote attackers through integrated hardware features (TEE)
4. It must be possible to remotely add services or service providers to a device after
it is deployed in the field: similarly, a service subscriber must be able to change
service providers
5. All security measures must be sufficiently robust and flexible to support a device’s
deployed lifetime
12
GlobalPlatform and oneM2M
• GlobalPlatform is a oneM2M « type 2 » partner
• GlobalPlatform security components (SE and TEE) are referred by oneM2M
TS-0003 as supported implementations of « Secure Environment » enabling
remote administration
• A work item is under way to expose « Secure Environment » services to device
applications, independent of their underlying implementation (e.g.
GlobalPlatform SE or TEE)
• Discussion are in progress to further integrate GlobalPlatform security
administration services within the oneM2M service layer, to complement
remote management technologies already supported by oneM2M
13
Thank you!
14