October 2018 Newsletter

Letter from GlobalPlatform’s Executive Director

September was a great month for GlobalPlatform. Our 6th annual seminar, Security in our Connected World, was the largest seminar to date, with over 200 participants joining us from around the globe.

Our technical workshop was also a resounding success, with so many registrations that we needed to create a waiting list for the session! I sincerely thank all our sponsors, partners and delegates who made both events so enjoyable and informative for all.

Looking to the future, our fall meetings are fast approaching and will take place in Lisbon, Portugal in November. Be sure to register your interest soon as places are quickly filling up.

Security in Our Connected World – a reflection

The Seminar was best summed up during Jeremy O’Donoghue, Chair of the Trusted Platform Services Committee’s closing comments, which are summarized below. Thanks again to all supporters, attendees and sponsors!

At events such as Security in Our Connected World, everyone is looking for the holy grail – a secure system that will do everything, is easy-to-use and, ideally, free. The industry has not reached that point yet, but there is certainly interest in getting there.

What is clear is that we are gaining an increasingly mature understanding of how secure components can meet the security requirements of different use cases. We are also gaining a greater understanding of the IoT lifecycle, and the importance of certification for IoT devices – whether driven by regulation or commercial differentiation.

As new technology that TEEs and SEs can support come to the fore, one thing that remains the same is the importance of the ecosystem. With so many cloud platforms across the world, we as equipment and SoC vendors must find ways to support them all without an explosion of different proprietary software solutions.

GlobalPlatform welcomes Kaspersky Lab as a participating member

Kaspersky Lab is a multinational cybersecurity and anti-virus provider headquartered in Moscow.

We look forward to contributions from Kaspersky Lab members to GlobalPlatform activities

Google’s implementation of OMAPI in Android paves the way for simple deployment of secure apps

It may not be one of the most high-profile new features of the latest Android 9 Pie release, but Google’s implementation of GlobalPlatform’s Open Mobile Application Programming Interface (OMAPI) is one of the updates most welcomed by secure digital service and device experts globally.

Read Our Blog

GlobalPlatform in-house training sessions

Our in-house training sessions provide education on how to use GlobalPlatform specifications and frameworks to achieve significant cost and time-to-market savings for consumer and industrial use-cases.

GlobalPlatform can bring the training directly to your company with our ‘onsite’ service! All classroom trainings are available at your location. The curriculum is the same as the classroom training however courses can be customized to meet specific client requirements.

Contact the Secretariat to request a session

Learn More

Save the date: Fall meetings

From 12-16 November 2018 we’ll be in Lisbon, at the Pestana Palace.

All Task Force meetings, the All Member Plenary Session and the All Member Meeting are open to all members, and the full schedule can be found in the global calendar on the member website.

Visit Global Calendar

GlobalPlatform Simplifies Remote Secure Management of Trusted Execution Environments & Trusted Apps

We have published two configurations to simplify and expedite the implementation of our Trusted Execution Environment Management Framework (TMF).

The configurations offer guidance on the specific parts of the framework that need to be implemented to remotely manage Trusted Execution Environments (TEEs) and their trusted applications (TAs) on particular device types.

Find out more

GlobalPlatform Simplifies Implementation of Standardized IoT Device Security

We have published a configuration that simplifies the implementation of Secure Element (SE) specifications for the protection of internet of things (IoT) devices.

This configuration enables manufacturers to identify the best solution for devices with limited operating environments by providing the subset of specifications that they need to develop and deploy IoT devices and services.

Find out more
Technical Documents

New Document Releases

This document describes a first implementation of the GlobalPlatform Card Specification for Secure Elements integrated in low end IoT edge devices. It requires support for the ISD, AES and SCP03 only.

Download Here

This document specifies configuration requirements for implementing the TMF initial configuration of GlobalPlatform TEE Specifications.

The configuration defines two sub-configurations, that are judged to apply to two broad use cases:
– Model A: supportable by even basic IOT devices — it is a very minimal configuration
– Model B: supports use of the TEE by multiple parties — it anticipates a reasonably powerful and capable device

Download Here

This maintenance release of GPCS Amendment A: Confidential Card Content Management contains errata and precisions, including acknowledging and reserving appropriate values for a variant of scenario #3 which was defined by the GSMA for the eSIM and clarifying both the encoding of some length fields for scenario #1 when RSA keys longer than 128 bytes are used and how an off-card entity may look up for an appropriate CA Public Key in order to verify a CASD certificate.

Download Here

Specifications Under Review

Over the last few years, further new specifications have been brought out for the TEE and GlobalPlatform has defined its concepts of Root of Trust. This TEE Architecture document revision brings the related architectural and conceptual additions and clarifications into one place, enabling third parties to gain a quick overview of the possibilities when using a TEE.

This document is now available for public review until Monday November 5, 2018.

Download Form
Speaking Engagements

‘IoT Security Summit’

Executive Director, Kevin Gillick will join the Secure Technology Alliance’s IoT security workshop, on Wednesday 17 October at 3:30PM, to deliver a presentation on how industry standards and the Device Trust Architecture, embed trust in IoT systems and connected hardware.

Link

‘CEATEC Japan’

Chair of the Japan Task Force, Mr. Eikazu Niwano, will deliver a presentation, titled ‘IoT Security for Key Stakeholders – Connecting the Dots’ on Tuesday 16 October at 10:15am.

Link

‘International Common Criteria Conference’

Gil will join the panel ‘The why and how of using CC in Private Schemes’ on Tuesday 30 October at 4:30PM. He will also present ‘TEE Certification: Managing Risk for Digital Services’ on Wednesday 31 October at 10am.

Link

‘Symposium on Securing the IoT’

Kevin Gillick will deliver the presentation ‘IoT Security – Connecting the dots’ on Wednesday 31 October at 15:30pm.

Link

‘TRUSTECH’

Technical Director Gil Bernabeu will join the panel ‘Biometrics: Key for the Digital World’ on Tuesday 27 November at 15:00pm, to discuss the link between the physical and digital world and the importance of biometrics.

Link

Did you miss our webinar for BrightTALK’s Securing the IoT Virtual Summit?

Here is another chance to watch our BrightTALK webinar, in which Gil discusses IoT security challenges and explains how GlobalPlatform builds trust into today’s digital services and devices.

Watch
Membership Offers

For archived newsletters

GlobalPlatform
Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.

GOOGLE CHROME
FIREFOX
MICROSOFT EDGE