Security & trust in Mobile application

8/9/2019 Security & trust in Mobile application

1/58

Security and Trust

in mobile applicationsWhite Paper , 3G Americas

1


2/58

Introduction Traditional- Walled Garden Current scenario

Identity theft, phishin and pharmin

Compromise secure data, pirate contents or ta!e

money from "an! accounts

#etrimental impact on the ser$ice pro$ider

%


3/58

Secure Mobile Applications Financial Applications

3G&' infrastructure is (ell suited for )nancial applications

*o"ust infrastructure and hihly secure storae

"an!in applications, money transfers, "alance chec!in,

payment applications $ia either credit, de"it, or prepaid

methods etc+

*emotely or Point of sale

3


4/58

Secure Mobile Applications Near Field Communications (NFC)

allo(s the handset to communicate (ith close-

proimity card readers allo(in point-of-sale

payments

ample. Pu"lic transportation

'o"ile /0C ecosystem consists of- 'o"ile Phone (ith

/0C Chipset and &ecure lement, 'o"ile /et(or!

perator 2'/, &er$ice Pro$iders, Trusted &er$ice

'anaer

4


5/58

5


6/58

Mobile Financial Use Cases Mobile Payment

mPayment or mCommerce

diital ser$ices or information ser$ices

Payment- monthly or durin the transaction

6ust in Time shoppin

'icro payment and 'acro Payment

7


7/58

Mobile Financial Use Cases Mobile Banking

i$es users access to their "an! accounts from their

mo"ile de$ices

chec! "alances, transfer funds electronically, top-up

prepaid to!ens and possi"ly e$en o"tain cash from AT's

-Tic!etin

the de$ice is used in /0C mode to pay for access to

mass transit and round transport systems

mo"ile de$ice or 8o9ine:

;


8/58

Access ApplicationsApplications that access ser$ice $ia pass(ord, loin or other usercredential "efore ser$ice is ranted


9/58

Secure Pass Application &tores all employees: pass(ords, I#s, and personal

information in one sinle folder

0or security-focused enterprises it reduces compleity

le$els of access and authori


10/58

Secure Pass Application Key Features

'anae a user:s identities and pass(ords

&ecured (ith master pass(ord

Can "e modi)ed

Operator benefts

Increased ser$ice usae

=uildin user loyalty

asy to implement (ith minimal operator in$estment

re>uired


11/58

Secure Pass Application nd !ser "alue

? Accessin secure data e@ortless for the user

? *educed compleity to access the secured data

? Can "e con)ured so that (ith one PI/ or pass(ord,

di$erse con)dential data is stored in one secure folder+

11


12/58

Protected SMS &ecure Chat application

&ecure one-to-one communication

ia "inary &'& messaes

#i@erent encryption methods 2e++ 3#&

Bimited access throuh an application PI/ or pass(ord+

Key Features

To secure the messae from spyin or snoopin

Access to the secure messae is protected

Guaranties uni>ue !ey for each user:s ser$ice


13/58

Protected SMS Operator benefts

Increased ser$ice usae

Allo(s the customer to send in circumstances (here

messae security is a concern =uildin user loyalty

*elies on eistin technoloy

nd !ser "alue

Protection for the tet or data that is echaned durin the

session

&ecure storae of these messaes


14/58

One Time Password Applets TP solutions are scala"le net(or! identity platforms

that deli$er the stron authentication that consumers

re>uire to use sensiti$e on-line ser$ices con)dently+

Its !ey feature is that it transforms the handset into a

secure authentication to!en+

It uses AT TP applet and secret DICC stored !eys to

enerate TP+


15/58

One Time Password Applets There are 3 "asic interfaces for TP

oice Channel

&'& Channel

''I Channel

TP solutions a$oids the need to remem"er

special procedures, to!ens or memori


16/58

VPN and Secure Storage of Data A $irtual pri$ate net(or! 2P/ is a net(or! that uses the Internet

to pro$ide remote oEces or indi$idual users (ith secure access to

their orani


17/58

VPN and Secure Storage of Data P/ applications allo( direct secure access to the corporate

data from the handset or from the PC+


18/58

Advantages Greater scala"ility

asy to addremo$e users

*educed lon-distance telecommunications costs

'o"ility

&ecurity

1H


19/58


20/58

Protection of Downloaded and

Broadcasted ContentTo control the distri"ution and consumption of

do(nloaded diital media o"Jects, the pen 'o"ile

Alliance 2'A has pro$ided appropriate #iital

*ihts 'anaement 2#*' speci)cations to protect

authors and content pro$iders: intellectual property

rihts from unauthori


21/58


22/58

&treamin of #*' protected content

A * is enerated, the 1% encryption !ey to access the encrypted

stream is put in the *, and the * is then "ound to a #*' Aent+

&harin Content use case 2&uper #istri"ution and

#omains The "asic model of 'A #*' "inds the * and CL to a speci)c

#*' Aent+ The domain model "ased ser$ice o@ered "y the

&er$ice Pro$ider etends this notion, allo(in a *I to "ind * and

CL to a roup of #*' Aents+ An end user may then share a

speci)c #*' content o@-line (ith other mo"ile e>uipment, either

o(ned "y him or "elonin to friends+


23/58

Service and Content Protection #iital ideo =roadcastin 2#= orani


24/58


25/58

DRM Profile 'A =CA&T #*' Pro)le relies on 'A #*' $%+M

for the !ey material echane "ased on Pu"lic

Ley Infrastructure 2PLI and * manaement


26/58


27/58

Smart Card Profile It is a smartcard "ased solution relyin on 3GPP 'ultimedia

=roadcast 'ulticast &er$ice +

It re>uires a continuously acti$e channel to manae

reistration and !ey material+

There are % $ariants .a &I' &martcard Pro)le" DI'C&I' &martcard Pro)le


28/58

%H


29/58

'o"ile =roadcast &er$ices na"ler &uite of pen 'o"ile

Alliance #*' and &martcard Pro)les , ha$e the follo(in

features "ased on protection+

Transport layer security (ith &*TP or IP&ec, allo( format

Nei"ility+

o(e$er in I&'ACrypt content layer security allo( solution to

"e completely independent of intrinsic transport or IP layer

&ecurity+


30/58

Security Requirements 0or consistency in #*' implementations , pen 'o"ile

Terminal Platform 2'TP has pro$ided a set of speci)c

terminal re>uirements+

Accordin to this , the rights object(eg. picture) , is protected

using Rights Encryption Key (REK) for sensitive parts like the

Content Encryption Key (CEK). The R is signed by the Rights

issuer (R!). "uring delivery REK is cryptographically bound to

the target "R# $gent. nly in this %anner can the "R#

agent access the R and thus the CEK.&


31/58

'TP has pu"lished % documents , i$in a set of security

re>uirements+ These documents are.

=asic Trusted n$ironment 2T*PM in %MM7 , (hich pro$ides

the "asic security re>uirements for de"uin , the mo"ilede$ice I# protection , "asic #*' security re>uirements+

Ad$anced Trusted n$ironment 2T*P1 in %MMH , i$es a set

of ad$anced security terminal re>uirements, to deal (ith

threat of hac!ers+ It ena"les &ecure storae facility , &ecure

Bin! "et(een mo"ile e>uipment and the DICC+


32/58

Authentication Applications #tensible Aut$entication Protocol

&upports multiple authentication methods

&pecify the informational elements rele$ant to speci)c

mechanisms to "e carried in the AP messae, thus

ma!in the AP $ery Nei"le

AP runs directly o$er data lin! layer protocols

3%


33/58

EAP Architecture

33


34/58

The peer and authenticator entities start the AP echane+

The later is the lin! end point 2e++, access point or /A&

that initiates AP authentication, the former is the lin! endpoint that responds to the authenticator usin a supplicant,

a soft(are component, (hich ena"les an AP peer to

communicate the AP pac!ets o$er a lin! layer protocol

2e++, PPP or HM%+1+

Actual entity done "y the AP ser$er, (hich implements an

authentication method and terminates the authentication

echane (ith the peer+

AAA &er$er is a *emote Authentication #ial-In Dser &er$ice

2*A#ID& or a #iameter ser$er+

34


35/58

EAP Methods AP%&'M Aut$entication

#e$eloped "y IT0 in support of 3GPP

speci)es the use of a &I' for mutual authentication and

session !ey distri"ution in G&'+

speci)es enhancements to G&' authentication and !ey

areement

includes net(or! authentication, user anonymity

support, result indications, and a fast re-authentication

procedure+

35


36/58

AP%AKA Aut$entication "ased on the Authentication and Ley Areement 2ALA

mechanism used in third eneration mo"ile net(or!s

speci)es an AP method for mutual authentication and

session !ey distri"ution that uses the third eneration

Authentication and Ley Areement

D'T& and C#'A%MMM are lo"al third eneration mo"ile

net(or! standards that use the same ALA mechanism+

37


37/58

AP%& Aut$entication

"eins (ith the authenticator and the peer neotiatin the AP

After that the authenticator sends an AP-*e>uestIdentity pac!et to

the peer and the peer (ill respond (ith an AP *esponseIdentity

pac!et to the authenticator containin the peerFs user identi)er+

0rom this step for(ard, the AP con$erses "et(een the peer and

the AP ser$er, (hich may "e located at the "ac! end

authentication ser$er or "e a part of the authenticator+

When the AP ser$er is located at the "ac! end ser$er, the

authenticator encapsulates the AP pac!ets in the protocol pac!ets

that run "et(een the

le$eraes the handsha!e protocol de)ned in the Transport Bayer

&ecurity 2TB& protocol+

The protocol ena"les the peer and the ser$er to authenticate each

other usin diital certi)cates+

3;


38/58

AP%& Aut$entication

employs the TB& handsha!e protocol for authenticatin an

authentication ser$er to a peer, "ut the method does notre>uire peer authentication to the ser$er usin the diital

certi)cates+

&uch authentication is done after a secure connection 2TB&

tunnel is esta"lished "et(een the peer and the ser$er as a

result of the handsha!e+

It allo(s the use of the (idely-deployed leacy mechanisms

"y pro$idin additional protection+

sta"lishes the !eyin material that secures the data

connection "et(een the peer and the access point or

2/et(or! Access &er$er /A&+

3H


39/58

Generic Bootstrapping Architecture

(GBA)

*eneric Bootstrapping Arc$itecture2G=A is a

technoloy that ena"les the authentication of a user+

It ena"les authenticated Dser >uipment 2D access

to the /et(or! Application 0unction 2/A0 ser$ices+


40/58

The G=A includes three maJor entities.

An end-user (ho is tryin to o"tain net(or! ser$ices usin Dser

>uipment 2D

An application ser$er 2called /et(or! Application 0unction or /A0

A trusted entity 2called =ootstrappin &er$er 0unction or =&0,

(hich authenticates and shares !eys "et(een t(o other entities+

The G=A authenticates a user, (ho is usin D, to an

application ser$er 2/A0 (ithout re$ealin the user:s lon-

term credentials and secrets to the /A0 "y usin a trusted

entity =&0+


41/58

The G=A authentication procedure results in a secret !ey "ein

shared "y D and /A0+

This shared !ey can "e used for mutual authentication of the D

and /A0, and protected data echane "et(een these entities+

The G=A also supports &inle &in n 2&&+

The && is accomplished "y repeatin the G=A authentication

procedure for authenticatin the D to multiple /A0:s (ithout

re>uestin a user:s loin credentials+


42/58


43/58

Public Key Infrastructure (PKI) and

Certificate-based Authentication

The certi)cates are commonly used for

authentication of the net(or! entities+

D ii fA h i i


44/58

Description of Authentication

CertificateA certi)cate is a diital document that includes an

entity:s identi)er, its attri"utes, an entity pu"lic !ey,

and other authentication information 2i+e+ information

on the certi)cate issuer, startin and endin dates and

times of the certi)cate:s $alidity, etc++

A certi)cate is diitally sined "y a trusted third party,

(hich is called the Certi)cation Authority 2CA+

44

D iti fA th titi


45/58

Description of Authentication

Certificate The CA computes a hash 2i+e+ &A-1 of all the )elds ecept the )eld

&inature alue, sins it (ith its o(n pri$ate !ey, and then adds the

sinature to the certi)cate in the &inature alue )eld+

To $alidate the data interity, the recipient )rst uses the siner:s pu"lic !ey

to decrypt diital sinature+ The recipient then uses same hashin

alorithm that enerated oriinal hash to enerate ne( hash of same data+

If the t(o hash $alues match, the recipient can trust the certi)cate:s holder

information as lon as it trusts the CA that has issued the certi)cate+

45


46/58

Certificate-based Authentication &uppose, user A (ishes to send an authenticated messae to user =

assumin that user = has o"tained a certi)cate from a trusted CA, (hich

identi)es user A as the certi)cate:s holder and that = has $eri)ed the

CA:s sinature, chec!ed the $alidity dates etc+

0or = to authenticate the messae, user A encrypts a diest '#2P of his

plain tet messae P, 'ith his private key "$.

Then user A sends the result of the encryption, #A2'#2P to user = alon

(ith the plain tet P itself+ That is, user A sends the messae P, #A2'#2P

to .


47/58


48/58


49/58

Digital Identity There are three participants in diital identity

interactions usin Information Cards.

Identity Pro$iders issue diital identities for you+

*elyin Parties accept identities for you+

&u"Ject is yourself, the party in control of all these

interactions+


50/58

Identity Selection Applications Dser-centric identity manaement application

Authentication (ith a ser$ice pro$ider

Consistent (ay to (or! (ith multiple diital identities usin

Information Cards 2InfoCards+ The user is not directly conductin the authentication process

(ith the *P+

The authentication process ta!es place "et(een *P and IP

(here the identity selector is a trust "ro!er for the

authentication process usin security to!ens (hich re>uire

mutual authentication+


51/58

Open ID and SAML 2.0 Model

Com"ination of the identity selector and pen I# pro$ide themost promisin solution for )in the phishin pro"lem

The identity selector can mitiate the middle-man security

attac!s "y usin the pen I# as the authentication process isn:t

"et(een the user and *P+

Comple layers of the &A'B standard speci)cations limits its

adoption+

'/s may support "oth &A'B and pen I# in the identity

selector applet to address di@erent mo"ile application

re>uirements and customer needs+


52/58

Identity Selector Authentication Flow


53/58

Key Differentiators The G&' e$olutionary family of mo"ile access technoloies

has a clear ad$antae o$er other access technoloies as far as

security features are concerned+

At the heart of most of these ad$antaes is the DICC+

DICC is a secure porta"le to!en that is reconi


54/58

1. Security features The 'ilenae alorithm commonly used in D'T& net(or!

access authentication is also $ie(ed as superior to the

authentication mechanisms used in other access

technoloies+ The DICC is enineered to include a num"er of physical and

loical countermeasures that ma!e compromisin its

secrets $irtually impossi"le+

To ensure that only the correct user can access the secrets

stored in the DICC, the information is protected usin a PI/

or pass(ord, (hich ena"les t(o-factor authentication+

2Managingthesensitive


55/58

2. Managing the sensitive

information nce in the )eld, secure data and applications can "e remotely

manaed $ia the Glo"al Platform+

The distinct ad$antae enJoyed "y the G&' family of operators is that

the net(or! platform used to remotely access secure data are li!elyalready installed in their net(or!+

'ost TA platforms currently deployed utili


56/58

3. Managing and transferring

credentials.

A collateral ad$antae of stronly tyin security credentials to the

(ireless account is the po(er that this i$es the net(or! operator

to manae the features and credentials used "y a su"scri"er+

In cases of loss or fraud, the credentials can "e $ery easily

terminated or modi)ed "efore they can "e used (ithout the

su"scri"er:s !no(lede+

=y to!eni


57/58

Conclusion &ecurity and trust are real concerns for consumers and

application pro$iders ali!e+

Attempts to compromise ser$ices and applications such asidentity theft, phishin and pharmin threaten to limit the

types of applications that are pro$ided+

/ot surprisinly, the applications that ha$e the reatest

re$enue potential are also those that are o"$ious tarets for

hac!ers to steal information and use it maliciously+


58/58

Documents

Security & trust in Mobile application