For inquiries about GlobalPlatform or website assistance, contact secretariat@globalplatform.org.

安全任务小组

安全任务小组由来自 STMicroelectronics 的 Olivier Van Nieuwenhuyze 担任主席。 所有 GlobalPlatform 成员均有资格参加此小组,获批准的非成员政府机构同样有此资格。

安全任务小组定义了协会的安全理念及其对安全领域的贡献

目标

安全任务小组致力于:

  • 参与外部安全组织并进行协作,以确保将广泛的用例和市场部门的安全要求纳入 GlobalPlatform。
  • 向 GlobalPlatform 技术委员会提供安全理念、密码学、认证和适用性方面的建议。
  • 推进与政府机构及其安全专家的合作,以确定市场需求。

目前优先事项

  • 继续确定和分类面向物联网 (IoT) 的安全技术。
  • 为物联网中的 SCP 开发用例。
  • 远程连接有限制时,确定物联网密码学约束。
  • 推进加密灵活性和后量子密码学方面的工作。
  • 维护和更新加密算法建议表。
  • 定义如何结合使用 GlobalPlatform 技术和 TPM 技术(或其他等效库)。
  • 完成安全级别定义和更新的认证计划。
  • 支持 TEE 委员会制定 MCU 保护框架。
  • 通过建立由如下方面组成的评估方法论,支持认证机构和实验室将物联网平台安全评估标准 (SESIP) 方法与其现有计划相结合,并确保评估的一致性:
    • 供应商模板
    • 虚拟 SFR 数据库
    • 指向攻击活动方法的链接。
相关内容

RoT 要求

通过定义和要求文件,原始设备制造商 (OEM) 和服务提供商 (SP) 能够创建、实施和使用信任根 (RoT) 来保护其设备和服务。

下载

GlobalPlatform RoT 简介(英语)

GlobalPlatform 的 RoT 定义和要求视频简介解释了 RoT 的定义以及 GlobalPlatform 创建技术文档的原因。

观看英文版

使用信任链部署和保护数字服务

该商业出版物由 GlobalPlatform 的安全任务小组编撰,其中解释了以安全为核心设计设备和服务的重要性。

下载
Crypto Sub-Task Force

GlobalPlatform promotes cross industry discussion to identify and address market requirements

Crypto Sub-Task Force

GlobalPlatform promotes cross industry discussion to identify and address market requirements

Mission

The Security Task Force defines GlobalPlatform’s security philosophy and its contribution to the security landscape.

It works closely with the Crypto Sub-Task Force to monitor new trends in cryptography and examine new algorithm proposals, providing a list of algorithms and protocols based on academic publications and known organizations. This is in addition to supporting the SESIP Committee on its mission to drive the adoption and recognition of the Security Evaluation Standard for IoT Platforms (SESIP) methodology as a worldwide, multi-vertical scheme for IoT security evaluation.

Objectives

  • Engage and collaborate with external security organizations to ensure that security requirements from a broad range of use cases and market sector are brought into GlobalPlatform.
  • Advise the GlobalPlatform technical committees in security philosophies, cryptography, certification and applicability.
  • Facilitate collaboration with government agencies and their security experts to define market requirements.
  • Identify and classify secure technologies for the Internet of things (IoT).
  • Maintain and update GlobalPlatform’s cryptographic algorithm recommendations table, through the crypto sub-task force.

Current Priorities

  • Engage ENISA on the alignment of security levels and cybersecurity certification frameworks.
  • Define how to combine GlobalPlatform technology and TPM technology (or other equivalent library).
Software Bill of Materials (SBOM) Sub-Task Force

Software Bill of Materials (SBOM) Sub-Task Force

The SBOM Task Force is chaired by Gonda Lamberink of Fortress Information Security. All GlobalPlatform members are eligible to participate in this group.

Mission

The purpose of the SBOM (Software Bill of Materials) Task Force is to analyze the impact of, and provide guidance on, the deployment of SBOM.

Objectives

  • To assess the impact of the deployment of SBOM.
  • To clarify the concepts of software transparency and assurance and provide guidance, such as:
    • A consistent means to produce, consume and exchange software transparency and assurance information.
    • A guide to improve interoperability of software transparency and assurance data exchange.
  • To initiate dialogue and collaborations with impacted markets such as telecoms, healthcare and automotive.
  • To collaborate within GlobalPlatform and with external organizations on SBOM and other key iniatives.
  • To define any necessary requirements for technology development in relation to SBOM.

Current Priorities

  • Analyze impact of the SBOM and provide guidance relating to its deployment, including a consistent means to produce, consume and exchange, software transparency and assurance information.
Chairs

GlobalPlatform promotes cross industry discussion to identify and address market requirements

Olivier Van Nieuwenhuyze

GlobalPlatform Vice Chair
Security Task Force Chair

STMicroelectronics

Olivier currently serves as Senior R&D Engineer at STMicroelectronics. Within this role he has software architecture responsibilities for the NFC ecosystem and secure elements.

He joined STMicroelectronics in 2003 and since 1999 Olivier has been active in several smart card projects for banking, transport and near field communication.

Olivier joined the GlobalPlatform Board of Directors in 2017 and was appointed as GlobalPlatform Secretary / Treasurer from 2021 – 2022. He now serves as GlobalPlatform’s Vice Chair and Security Task Force Chair.

Béatrice Peirani

Thales

Dr. Beatrice Peirani is a standardization expert at Thales (former Gemalto), where her work focuses on security and cryptography.

After ten years working with AFNOR, CEN, and ETSI in the field of electronic signatures, and serving as an expert for the European Commission supporting the development of the eIDAS Regulation, Dr. Peirani is now using her expertise to support other standardization organizations. Specifically, since 2016, Dr. Peirani has served as the Chair of GlobalPlatform’s Crypto Sub-Task Force, which evaluates and recommends algorithms for industries such as banks, transportation, and governments. Her work with GlobalPlatform includes overseeing and providing expert input to the organization’s Security Task Force in the areas of cryptographic agility and post-quantum cryptography.

As an active member of the FIDO Alliance, she pushed for the definition of a new security certification methodology for mobile security software solution. She is co-chair of the FIDO Alliance’s Security & Privacy Working Group  and co-chair the organization’s Certification Working Group. She serves as a liaison between the FIDO Alliance and GlobalPlatform, including facilitating the adoption of GlobalPlatform TEE Protection Profile, as a companion program for FIDO Alliance’s Security Level L3.

Laurent Sustek

SBOM Sub-Task Force Chair

STMicroelectronics

Laurent is in Security Technical Marketing at ST Microelectronics. He focuses on general purpose microprocessors and more precisely on STM32 MPUs. Those products are designed for secure edge computing applications. STM32 MPUs’ ecosystem is composed of open source software.

Before joining ST in 2023, he held different positions in various companies of the smart card industry. His former experience in standardization was mainly with ETSI.

He is joining Global Platform in the SBOM Sub-Task Force to chair the current work. Software Bill Of Materials is a key component for a secure software supply chain.

有兴趣加入安全任务小组?

GlobalPlatform
Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.

GOOGLE CHROME
FIREFOX
MICROSOFT EDGE