For inquiries about GlobalPlatform or website assistance, contact secretariat@globalplatform.org.

Thales Becomes GlobalPlatform Member

Security evaluation laboratory joins GlobalPlatform to participate In TEE security certification activity

10 March 2015 – GlobalPlatform has announced its latest new member as Thales Communications & Security (Thales). The Participating Member is one of the world leaders in cybersecurity products and services for critical infrastructure operators, satellite networks and industrial and financial companies.

Thales’ membership follows the recent news from GlobalPlatform that its Trusted Execution Environment (TEE) Protection Profile (PP) had been officially certified against Common Criteria (CC). The Thales laboratory, Thales ITSEF1 , is one of the first CC accredited laboratories that is able to evaluate products against the security requirements outlined in this document.

“We have been tracking the development of the TEE over recent years as we recognize the technology has the potential to revolutionize mobile device security,” comments Joan Mazenc, Head of Hardware Security Assessment Team at Thales ITSEF. “We plan to use our extensive security evaluation experience and position as a CC approved laboratory to support the association’s drive towards standardizing the security level of TEE.”

Thales assisted GlobalPlatform in gaining its CC recognition and is now focusing its activity on supporting the development of the GlobalPlatform TEE security evaluation secretariat, due to launch later this year. This work will define the security testing infrastructure and test plans that laboratories will need to comply with to certify TEE products on behalf of GlobalPlatform. Additionally, the new member is participating in the work of the GlobalPlatform Device Committee, with particular focus on the activity of the TEE Security Work Group.

“Thales’ membership comes at a time of rapid advancement for the organization,” adds Kevin Gillick, Executive Director of GlobalPlatform. “Thanks to the TEE PP, we have defined the security rules for TEE products to comply with to ensure that services such as premium content and mobile wallets, or enterprise and government secure mobility solutions are protected appropriately. While laboratories licensed by supporting national Certification Bodies can now test against GlobalPlatform TEE PP, we are keen to provide a global testing infrastructure that gives all service providers confidence that products have achieved the recommended level of security. The GlobalPlatform TEE security evaluation secretariat will achieve this by supporting the CC infrastructure with more laboratories in more countries, ensuring close proximity to all TEE manufacturers.”

Thales e-Security, part of the Thales Group, is also a member of GlobalPlatform. It has been an Observer Member of the association since 2000.

The GlobalPlatform TEE PP defines the level of security required in a TEE, a secure area that resides in the main processor of a mobile device, ensuring that sensitive data is stored, processed and protected in a secure environment. The document identifies the security needs of the TEE to support different market requirements by combining the standard security methodology outlined by CC, with the best practice specifications as defined by GlobalPlatform in relation to TEE architecture and interfaces.

Download the GlobalPlatform Protection Profile and read news about its listing on the Common Criteria portal, under the Trusted Computing category, in February. Also, if you would like to learn more about the TEE, view GlobalPlatform’s infographic.

-ENDS-

For further media information, please contact Rob Peryer or Andrew Murgatroyd at iseepr: rob@iseepr.co.uk / andrew@iseepr.co.uk or on + 44 (0) 1943 468007

Keep up to date with the latest news from GlobalPlatform:

Notes to editors:

About the GlobalPlatform TEE protection profile: 
The GlobalPlatform protection profile has been certified by ANSSI as EAL 2+ defined a specific level for TEE called AVA_TEE. This certification allows recognition as EAL2 in the CCRA (https://www.commoncriteriaportal.org/ccra/) and at EAL2+ in the SOG-IS (https://sogis.org/). The editor was Trusted Labs and the evaluation laboratory Thales.

About GlobalPlatform
GlobalPlatform is a cross industry, not-for-profit association which identifies, develops and publishes specifications which facilitate the secure and interoperable deployment and management of multiple embedded applications on secure chip technology. Its proven technical specifications are regarded as the international industry standard for building a trusted end-to-end solution which serves multiple actors and supports several business models.

The freely available specifications provide the foundation for market convergence and innovative new cross-sector partnerships. The technology has been adopted globally across finance, mobile/telecom, government, healthcare, retail and transit sectors. GlobalPlatform also supports an open compliance program ecosystem to ensure the long-term interoperability of secure chip technology.

As a member-driven association with cross-market representation from all world continents, GlobalPlatform membership is open to any organization operating within this landscape. Its 130+ members contribute to technical committees and market-led task forces. www.globalplatform.org

1 Thales ITSEF – Information Technology Security Evaluation Facility

Back to Archive

If you are a media representative, analyst, or conference organizer with a question, please contact iseepr:

Tel: +44 (0) 113 350 1922
Email: pressoffice@globalplatform.org

GlobalPlatform
Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.

GOOGLE CHROME
FIREFOX
MICROSOFT EDGE