Secure Wireless Application Platform

Transcription

1 Texas Instruments Secure Wireless Application Platform

2 New Challenges for Wireless Handsets Open Environment Multi-application, Interoperability Multiple Access Data Paths GSM/GPRS, EDGE, , Bluetooth OTA Distribution, Delivery Management, Billing, Roaming SECURITY is key! Limited resources Size, Bandwidth, Storage, Battery Life Content Personalization Mobility, Ability to Customize Security Device Security, Rights Mgmt, Privacy

3 Complexity Increases Security Risks Micro-browsers (XML, WML, chtml & XHTML) Digital Imaging (GIFS, JPEG) Open S/W (Java) Multimedia (MP3, MPEG-4) Entertainment (Gaming) Location (GPS) Messaging (Instant, media-rich)

4 1 Electronic Transactions (Banks) 3 Mobile New Services to Support 2 Banking Brokering Ticketing Shopping Make a financial transaction to pay a service/product directly with your mobile phone Local Billing (Operators) Mobile Billing Pay the received content according to the Quality of Service profile Content Protection (Content Providers) Office Mobile Multimedia Entertainment Insure confidentiality of: Resident firmware Downloaded application code Downloaded media with digital rights Personal data 4 Firmware and Handset Integrity (Operators - Manufacturers) Insure the authenticity and integrity of: Resident Firmware IMEI SIM Lock

5 Definition Texas Instruments proposed solution for m-commercem Software + Hardware components combination Offers the capabilities to transform the Digital Base Band or the Application Platform in a Secure Open Framework Provides services, storage and processing performances for applications requiring security Secure Boot Secure Execution and Storage Environment HW-accelerated Cryptography and Security Protocols Secure Application Layer

6 Architecture SECURE NETWORK SOLUTIONS M-Commerce; Network Updates; Content Management Crypto Engine Secure Execution Secure Boot Crypto Engine Crypto Service Provider Secure Execution Secure Boot ON CHIP HARDWARE SECURITY OMAP33x, 73x, 161x, TCS2200 OMAP73x, 161x, TCS2200

7 Secure Boot What it does: How it works: Benefits: Authenticates and verifies the integrity of the flash programmer code before flash programming Authenticates and verifies the integrity of the OEM firmware code upon reset or upon request This is accomplished through embedding a public key, provided by the OEM, into the device and checking signed boot strap code against this key during the flashing and booting processes Guarantees the authenticity and the integrity of the boot strap code prior to delivering processor control to the OS

8 Secure Execution and Storage Environment What it does: How it works: Benefits: Creates a partitioned HW-assisted Secure Mode where CPU can operate as a separate virtual security processor while executing security operations Loads and verifies protected applications in secure environment Provides secure services (crypto & key mgmt) for protected application Loads and Stores sensitive data belonging to protected applications between secure to non-secure environments Comprehensive suite of hardware and software components, including separate Secure RAM, Secure ROM, and a Security State Machine Sensitive information are securely protected from access or tampering by un-trusted software

9 HW-based Components (1/2) On-chip Secure ROM Secure Boot software Secure Services Drivers for the HW crypto blocks Secure Mode Manager for the Secure Mode entry, exit and interrupt management Load Manager for loading and authenticating protected applications to Secure RAM for execution Secure Storage Manager, available only to protected applications, for securely storing digitally signed and encrypted data in permanent non-secure memory Remote Procedure Call interface, available only to protected applications to access services in the non-secure side Crypto library (optional), available only to protected applications, for performing a large number of established cryptographic operations

10 HW-based Components (2/2) On-chip Secure RAM Authentication and execution of protected applications, such as cryptographic algorithms, value-added services Key material generation Dynamic keys storage Safe working space for execution of Secure ROM services Certificate signature and verification (during boot and in run-time for protected applications) Non-volatile key store Hash of the root public key. It is the foundation of the public key infrastructure Randomly generated symmetric key, which is different on each device Additional fuses for device personalization Cryptographic Accelerators (DES/3DES, SHA-1/MD5, True RNG) Secure Watchdog Timer

11 SW Components (1/2) Cryptographic Library Symmetric Key (Data Confidentiality) DES, 3DES, ARC4, RC5, AES Public Key (Authentication and Key Management) RSA, ECC DH, ECDH Digital Signature (Authentication, Non Repudiation) RSA, DSA, ECDSA One-way Hash (Integrity) SHA-1 (160Bits), MD5 (128Bits) HMAC Others Biometry

12 SW Components (2/2) Application Manager Download of new applications on the terminal Installation Initialization Registration Security Manager Checks the dynamic access to the device resources against the access rights Access Manager Dynamic allocation of the resources and peripherals of the device Arbitrates the conflicts when the following situations occur: Several applications require the same resources An application requires too many resources Secure Java Framework Allows secure execution of downloaded applets Allows development and safe use of Secure Value Added Services (payment, DRM, OTA database management, etc.)

13 Compliance to Standards Adhere to established standards and methodologies Standard API STIP, PKCS Security standards relying on PKI SSL/TLS, WTLS, IPSec, S/MIME Open Mobile Standards OMA Adhere to cryptographic standard validation criteria FIPS PUB (US NIST) Common Criteria (ISO 15408) Compatible with Compatible with SIM/WIM

14 Benefits OMAP1612 OMAP1611 OMAP1610 TCS2200 TCS2600 OMAP730 TCS2620 OMAP732 More secure and faster than software More power efficient than software Development time savings Digital rights management Trust terminal origin: IMEI protection Hardware Security Benefits OEM Benefits Operator Benefits Complements software security Virtually transparent to the user Development cost savings Additional revenue from users running secure applications Network updates Secure m-commerce Secure financial transactions Secure content delivery End User Benefits Secure access Confidentiality Protection against viruses