Letter from GlobalPltform's Executive Director, Kevin Gillick

TEE Seminar 2017

This year we welcomed a record-breaking 217 delegates from 85 companies and 13 different countries

This year we welcomed a record-breaking 217 delegates from 85 companies and 13 different countries to explore the theme ‘Providing Security for Digital Services and Devices’ with industry insights, use cases and interactive panel sessions from leading experts around the world. We also hosted several networking opportunities throughout the day, including an evening cocktail reception.

The morning began with a welcome address before our first keynote speaker, CAICT Vice President Mr Xie Yi, delivered his presentation on the ‘Evolution of the TEE Ecosystem in China.’

Our Technical Director Gil Bernabeu and Device Committee Chair Christopher Colas then provided insight into the work of the association in specifying and standardizing TEE technology, followed by an interactive Q&A panel on Future Trends and Emerging Applications with a focus on connected devices.

After lunch, discussion continued with a presentation on ‘Standardized Security for the IoT’ by Alibaba’s Senior Director Chunpei Feng. We then invited our audience to engage in another Q&A panel on the issue of Digital Payment Security in China, followed by a session on DRM and Premium Content.

Finally, we looked at TEE Certification and the benefits it can bring to product and service providers, with an emphasis on the China Certification objectives.

All in all, the day was a great success! For those who were unable to join, or would like copies of the presentations given, all are available for members to download free here.

Register for our Fall Meetings and Wearables Workshop

Another reminder that this year’s Fall Meetings will be held in Vienna, Austria, between 6 - 10 November.

The meeting schedule has now been updated and is available to view on the member website.  This year we will also be hosting a Wearables Workshop on Tuesday morning, 7 November.  The agenda (to be finalized soon) will focus on requirements, trends and real world use cases for wearable technology and the role of GlobalPlatform in this high growth area.  A special presentation will be offered by Tag Heuer!

Also on Tuesday, during the afternoon Security Task Force Meeting, special guest Dr. Joan Daeman will deliver a presentation on SHA-3, its extensions and its applicability to GlobalPlatform. See below for more news from the Security Task Force.

Please note, it is extremely important that you register your attendance for each meeting on the member website by Friday, 20 October.  This will ensure that the Secretariat and the Hilton have adequate space and requirements for each meeting.  If there are any changes in your planned attendance, please update your website registration accordingly.

New Documents Available for Review

The below documents are now available for member review:

• Glo balPlatform Device Technology TUI Extension: TEE Biometrics API v0.0.0.74 – This specification focuses on a TEE running within a smartphone or tablet. The specification enables a trusted application housed in the safety of the TEE to provide biometric validation services to entities in the rich execution environment and elsewhere. Smartphones and tablets must have a biometric sensor which is wired and integral to the. device Remote peripherals are not considered in this specification.

Please provide comments by Thursday, 5 October to bio_api_review@globalplat form.org

The below documents are now available for member review:

• GlobalPlatform Card Financial Configuration v0.0.0.7 - This new configuration defines the minimum implementation requirements of the GlobalPlatform Card Specification for Secure Elements (SE) supporting Financial Services. The SE may be implemented in a card or any other form factor and come with a contact interface, a contactless interface or both. The document defines 4 sub-configurations with different feature sets.

Please provide comments by Monday, 30 October to financial- config-review@globalplatform.org

• GlobalPl atform Card Secure Element Management Service Card Specification v2.3 – Amendment I v0.0.0.12 – This document defines an extension of the GlobalPlatform Card Specification aiming at changing the traditional Card Content Management model by extending it to broadcast deployment and management of Java-Card-based services hosted on a Secure Element through a set of new standardized card administration commands. It also extends and refines the GlobalPlatform delegation model through the use of certificates. This document has been made available in order to solicit comments from the membership of GlobalPlatform.

Please provide comments by Monday, 30 October to amend-I- review@globalplatform.org

Security Task Force Releases Crypto Recommendations

The Crypto Sub-Task Force, part of the Security Task Force, was formed to list the cryptographic algorithms and provide context on where and how they are used.

The Sub-Task Force has now published the below resources available on the member site, and plans to identify new crypto trends, provide recommendations, and address the constraints on key loading, key rotation and provisioning.

• The list of algorithms included in all GlobalPlatform specifications including the Card, Device and Systems Committees
• The state-of-the-art status on each algorithm and key size on the list based on NIST SP 800-131Ar1 and SOGIS agreed cryptographic mechanisms
• The mapping of the recommendations , together with the list of algorithms, which provides recommendations classified in 3 types (deprecated, legacy, recommended).

GlobalPlatform Recognized for Contributions to IoT Security Standardization

We have been featured in the latest ABI Research report.

We are pleased to have been featured in the latest report from ABI Research titled IoT Security: Development of Standards and Guidelines. The report outlines the latest developments in IoT security with reference to the fragmented IoT ecosystem and the organizations addressing the issue through development of tools and specifications. To read the full document subscribe to ABI Research here.

Board Election Results

Thank you to everyone who participated in this year’s Board election!

Voting officially closed on 20 September and we are pleased to announce the five members elected to serve a two-year term on the GlobalPlatform Board of Directors, as elected by the membership, are:

• ARM – Rob Coombs
• FIME – Stéphanie El Rhomri
• Gemalto – Rémi de Fouchier
• Oracle – Sebastian Hans
• ST Microelectronics – Olivier Van Nieuwenhuyze

We would like to welcome new and returning members of the Board, and to thank each nominee for their willingness to serve the membership through Board representation.

Member News

We are pleased to welcome two new Participating Members

Shanghai Pingbo Information Technology Co., Ltd. (Trustkernel)specialises in the core security of mobile platforms and provides industry leading trusted execution environment (TEE) security solutions to smart device manufacturers and application developers.

Hangzhou C-SKY Microsystems Co., Ltd. (C-SKY Microsystems)

C-SKY Microsystems is an integrated circuit design house dedicated to 32-bit high performance low-power embedded CPU and chip architecture license. For more than 10 years, C-SKY Microsystems has been developing innovative embedded CPUs with leading technologies. Its proprietary 32-bit C-SKY series of embedded CPU cores have such benefits as ultra-low power, high performance, high code density and ease of use.

GlobalPlatform Training

We will be announcing full details of the 2018 training calendar in the fourth quarter. Until then, we would like to remind you that all technical training is available in-house, customized to meet your specific requirements, and card training is available online all year round.

Watch:

Managing Security in the Internet of Things

In this video Nguyen Quang-Huy, Evaluation Labs Manager at Trusted Labs, discusses the implications of an IoT hack and how TEE technology can help manage this risk.

Watch the full video here.

Did You Miss?

Don’t forget to take a look at our Annual Report 2017, available on the GlobalPlatform website. The report presents just some of GlobalPlatform’s accomplishments over the last 12 months, as well as the long-term impact of our technology. It has been another successful year and we would like to thank all of our members for their continued hard work in helping to solve the very real security challenges that today’s digital ecosystem is creating.

Download the report here.

Upcoming Speaker Activity

GlobalPlatform representatives will be speaking at a number of events in October and November with a particular focus on the topics of security, standardization and IoT. Find out more by following the links below:

• CEATECH Japan (5 October, Chiba). GlobalPlatform Board Member, Eikazu Niwano from NTT, is presenting ‘Securing IoT Deployments with GlobalPlatform Qualified Components’ on Thursday 5 October at 10:00.
• IoT Payments (10-11 October, Austin). Technical Program Manager Hank Chavers is set to present on ‘Standardizing BLE for IoT Payments’ on Wednesday 11 October at 10:45.
• ETSI IoT Workshop (24-26 October, Sophia Antipolis). Gil will be delivering a presentation and partaking in a panel within the session ‘Security and Privacy in IoT’ on Wednesday 25 October at 16:15.
• Security of Things World USA (16-17 November, San Diego). Kevin Gillick will deliver a presentation on ‘Security Standardization for IoT’ on Thursday 16 November at 2.30pm.
• IoT Tech Expo North America (29-30 November, Santa Clara). Kevin will join a panel to discuss ‘Creating a standards framework for IoT’ on Thursday 30 November at 9:50am.

With kind regards,
Kevin Gillick