© 2016

GlobalPlatform

Confidential

Securing the Internet-of-Things with

GlobalPlatform Components

François Ennesser

GlobalPlatform IoT Task Force

Member (Gemalto)

ETSI IoT Workshop 2016

Sophia Antipolis, France

GlobalPlatform was created in 1999 to

help issuers digitalize their services!

2

1999

2000 - 2007

2007 - 2015

2015+

GlobalPlatform positioning

3

GlobalPlatform positioning

4

How media portrays the IoT market today

5

How we see the IoT market today

• As the IoT market continues to grow and the number of connected objects and

devices proliferates, an abundance of new services will be possible.

• Yet, this market is still in its infancy and the explosion of objects, devices and

services creates a new set of privacy and security concerns.

• In the same way that consumers want to ensure that their personal and usage

data are not misused, any number of stakeholders will also want to ensure that

their data is protected and services are securely delivered.

• Unlike traditional internet, a typical IoT system:

– Inputs information about our behaviours, thus directly exposes our privacy

– Outputs adaptations to our environment, thus potentially affects our safety

• Security is a chain that is only as strong as its weakest link, hence all stages of a

device / service lifecycle need to be properly secured through its lifetime

6

Secure component in use case #1Already available for the market

7

GlobalPlatform secure

component is

a state of the art root of trust

Simplified key injection

(keys are already inside

the hardware to be

embedded), providing

IoT provisioning

Cost effective, certified

and reliable crypto

processor

(no risk of crypto bugs

from open source

libraries)

Secure component in use case #2Already available for the market

8

A GlobalPlatform secure

component provides unique

identification, applicable

across multiple business

domains

Secure component in use case #3Already available for the market

9

A GlobalPlatform secure

component provides remote

administration during

operation, supporting

devices with long lifecycles

IoT device security features

can be updated

confidentially by each

stakeholder in a multi-tenant

environment

Secure component in use case #4Already available for the market

10

A GlobalPlatform secure

component provides:

Security services for the

device

Security services for the

application

It can facilitate initial

provisioning in addition to

operations

Scope of the Internet of Things

• Industrial M2M

– Heating, ventilation, and air conditioning

– Industrial controls / proximity security

– Power distribution and management, smart grids

– Health and medical equipment

– Manufacturing equipment, smart factory

• Smart Cities

– City and metropolitan services

– Intelligent transport systems

– Public utilities

• Consumer IoT

– Smart homes

– Automotive

– Wearables

– Gaming

11

Embedded systems make-up

a significant

percentage of IoT

Many IoT devices are often

unattended / physically exposed

to attackers, though locally managed

Others are physically unreachable

and need to be remotely managed

Traditional embedded systems are

migrating to

multi-app / multi-tenant environments

Our vision for affordable M2M/IoT security

1. A single security infrastructure should be leveraged in each deployment, enabling

all ecosystem stakeholders to confidentially manage their security parameters

2. Stakeholders involved in all layers of a device or infrastructure component

(hardware manufacturer, communication provider, application providers) should

be able to leverage on a single security component to satisfy all their requirements

3. M2M/IoT diversity requires a range of security solutions to address different

security requirements, yet they need to be homogeneously managed:

– Protect safety through tamper resistance for unattended devices (SE)

– Protect privacy from remote attackers through integrated hardware features (TEE)

4. It must be possible to remotely add services or service providers to a device after

it is deployed in the field: similarly, a service subscriber must be able to change

service providers

5. All security measures must be sufficiently robust and flexible to support a device’s

deployed lifetime

12

GlobalPlatform and oneM2M

• GlobalPlatform is a oneM2M « type 2 » partner

• GlobalPlatform security components (SE and TEE) are referred by oneM2M

TS-0003 as supported implementations of « Secure Environment » enabling

remote administration

• A work item is under way to expose « Secure Environment » services to device

applications, independent of their underlying implementation (e.g.

GlobalPlatform SE or TEE)

• Discussion are in progress to further integrate GlobalPlatform security

administration services within the oneM2M service layer, to complement

remote management technologies already supported by oneM2M

13

Thank you!

14