A Letter From GlobalPlatform's Executive Director, Kevin Gillick

GlobalPlatform has published a maintenance version of its Root of Trust Definitions and Requirements.

The document is a detailed technical framework, explaining how GlobalPlatform technology implements two key concepts that are integral to securing the delivery of digital services, regardless of sector: Root of Trust (RoT) and Chain of Trust.

Several extensions to the functionality of RoTs are included in the requirements document, including the combination of multiple RoTs. GlobalPlatform has collaborated with representatives from the IoT and connected computing industries, including TCG, to develop these extensions, as the sensitivity and sheer number of services available through connected devices is growing rapidly. Root of Trust Definitions and Requirements 1.0.1 document is available to download now.

Industry bodies align to standardize on-device NFC service management 0

Find out more about GlobalPlatform’s collaboration with ETSI and NFC Forum.

Protecting Web Apps with Secure Components1

If you missed our webinar on the privacy and security benefits of Secure Elements for web apps

Contribute to our member meetings2

Could you provide a use case or topic for discussion?

Book your 2017 training now!3

Join us soon in Seoul, other locations around the world, and online.

Get targeted exposure at GlobalPlatform events4

See how your organization could benefit from sponsoring a GlobalPlatform event!

New specifications available for download5

Several GlobalPlatform Card and Device Specifications have been updated. Find out what's changed.

Did you miss? 6

Rivetz blogs on attestation and TEE.

Upcoming speaker activity7

Hank Chavers, GlobalPlatform’s Technical Program Manager, is presenting at the International Cryptographic Module Conference in May.

Industry bodies align to standardize on-device NFC service management

GlobalPlatform has collaborated with ETSI and the NFC Forum to detail a standardized approach to implementing and managing NFC services across all technologies and platforms. The shared work initiative explains how to ensure that NFC services successfully coexist within a device and operate as intended.

The standardized approach is detailed in a joint white paper – Ensure Interworking Between Multiple Contactless Card Emulation Environments. The related industry specification, GlobalPlatform Managing Entity Specification will be released in Q1 2017.

Webinar:

Protecting Web Apps with Secure Components

GlobalPlatform recently hosted a webinar to outline the privacy and security benefits that Secure Elements bring for the protection of web apps. Designed for technical experts and application developers, the online seminar offered insight into GlobalPlatform’s Web API to access Secure Elements. If you missed it, you can now watch the webinar in full on our website.

Contribute to our member meetings

The GlobalPlatform team is busy finalizing the agenda for the Spring Meetings in San Francisco, but there is still room for members to add to the program. We welcome additional topics and use cases in the following areas:

Consumer IoT
Industrial IoT
Security Task Force
Digital Identities Workshop

If you would like to contribute, please send your proposal to secretariat@globalplatform.org as soon as possible, as we will communicate the final agenda to the membership shortly.

Book your 2017 training now!

GlobalPlatform has expanded its training options to support the secure digital services ecosystem, and is offering a variety of training courses around the world during 2017. Check out the full schedule for more information and to register.

Next up, we’re heading to Seoul with a range of courses that are already filling up:

Seoul – on May 22-26 our trainers will host Card Specifications, Mobile / Contactless and TEE training sessions. Register now.

Our online Card Specification training is still available at a heavily discounted rate – but only until 30 April. If you’re a service provider, software developer, device manufacturer or platform provider, and want a better understanding of GlobalPlatform Card Specifications, register now to pay only $199!

Get targeted exposure at GlobalPlatform events

Our events can help you to reach stakeholders across the secure digital service ecosystem, from software developers and hardware specialists, right through to senior decision makers. Attendees represent a range of geographic markets and sectors, from payments and wearables to connected cars and smart transport, to government and ID.

For 2017, we are looking for sponsors for TEE Seminars (Santa Clara and Beijing) and for Hackathons in Santa Clara (TEE) and Western Europe (SE).

Check out the GlobalPlatform sponsorship kit and video to learn more about our upcoming events and how we can help you to reach your key audiences.

New specifications available for download

The following specifications are now available for member and public download:

GlobalPlatform Device Technology TEE System Architecture v1.1. This document explains the hardware and software architectures behind the TEE, introduces TEE management and explains concepts relevant to TEE functional availability in a device. This version of the TEE System Architecture has been extended to include the second phase of TEE standardization.
GlobalPlatform Card Executable Load File Upgrade Card Specification v2.3 – Amendment H v1.0. This document defines an extension of the GlobalPlatform Card Specification to facilitate the upgrade of Executable Load Files in a Secure Element.
GlobalPlatform Card Contactless Extension v2.0. This new Contactless Extension is an evolution of the previous UICC Contactless Extension which now generically applies to any card compliant with the GPC Common Implementation Configuration or any other configuration based on the latter. This extension also integrates new features introduced in GPCS Amendment C v1.2.
GlobalPlatform Card Technology Card Specification – Privacy Framework v1.0. This document describes a framework based on the GlobalPlatform Card Specification that allows the management of different privacy mechanisms (i.e. protection against traceability, protection of the communication) which remain under the control of the card issuer. In particular, it describes the concepts of Global Privacy Protocol (GPP), Global Master File (GMF) and OPEN Privacy Extension (OPEX).

Did you miss?

Steven Sprague, CEO, Rivetz Corp, blogs on ‘Attestation and TEE: cybersecurity controls with privacy for cloud access’. Read it here.

Upcoming speaker activity

Hank Chavers, GlobalPlatform’s Technical Program Manager, is speaking at the International Cryptographic Module Conference (16-18 May, Washington), delivering a presenting entitled ‘Common Criteria Protection Profile for Trusted Execution Environment’ on Thursday 18 May, 12:20pm – 12:40pm.

With kind regards,
Kevin Gillick

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Newsletters