Startseite Anya Elis Manager Business Development Wireless Deutschland GmbH Oracles Mobiler Hintergrund 2001 2,5 Millionen Mobile Benutzer 2000 Wireless Application Hosting Die Ersten 1999 Oracle9i Application Server Wireless Edition 1999 WAP Portal in Europa 1998 SMS Portal in Europa 1997 Prototyp Lab mit Telia 1996 Oracle8i Lite - 1MB Mobile Datenbank 1995 Personal Oracle7 - Mobile Database 1995 2001 Page 1 1
Oracle9i Application Server Wireless SMS G/W TEXT Jede WEB Site Personalisiertes Portal WAP G/W WML XML Quellen Dynamische Inhalte- Transformation für alle Geräte XML basierte Technologie HTML G/W Tiny HTML HDML G/W HDML Firmen RDBMs Application Server HTML Any ML Jedes ML Gerät Oracle9iAS Wireless Jedes Gerät Nokia Motorola Ericsson Palm RIM Pagers Blackberry Any Network.. Jeder Browser Jedes Gateway Jede Markup Jede Applikation S.E.S.A. Nokia Motorola Ericsson Phone.com CMG Tantau Infinity... HTML XML HDML WML TinyHTML TTML CHTML KML VoXML VoiceXML... Geräteunabhängig Personalisierbar Positionsbasiert Event-gesteuert Sicher Jeder Inhalt Jede Web Site Jede HTML Page Jede XML Seite Jede Datenbank Jedes Servlet Jedes JSP Jedes XSP Jede E-mail... Page 2 2
Oracle Wireless Services WML SMS Transformer Adapter XML HDML Personalisierungs Portal Runtime (User, Session Management) Service Manager TTML Oracle9i Oracle9i AS User Präferenzen Geräte te-information Jede Web Site, DB, Enterprise App, E-mail System Oracle9iAS Wireless Option : die einzige vollständig integrierte Lösung, um Multichannel Internet Anwendungen zu entwickeln und einzusetzen Anwendungen nur einmal entwickeln Vorhandene Inhalte einsetzen Personalisierte und ortsabhängige Dienste Page 3 3
Oracle9iAS Wireless Edition Marktdurchdringung Grosse Carrier Sprint PCS, Telefonica Moviles, Telecom Italia Mobile 12-15 andere inkl. 9/12 Top Europäischen Carrier Portale/ASPs LycosMobile (Asia), Telefonica, Telia 8-10 andere Corporate DrugEmporium, Overseas Union Bank, DBS Bank 12-15 andere Oracle Location Based Services Spatial Einfach mit Oracle9i Application Server Wireless und 9i Spatial: Aware Services Nächstes Restaurant, Autowaschanlage, Verkehrshilfen Lokalisationsabhängige Services Mein Wetter Meine Stadt Events Car Internet Mobile Services Verkehr, Stadtpläne, Routing... Page 4 4
Oracle9iAS Wireless Partner Content Management Calendering Scheduling Implementation Services Wireless Edition Oracle9i APPLICATION SERVER Location Personalization Payment Advertising Billing E-Commerce Version 2.0 Personal Information Management Mobile Email Mobile Directory Mobile Address Book Mobile Calendar Instant Messaging Document Management Unified Messaging Basierend auf Standard-Protokollen M-Commerce M-Wallet Form Filler Payment Processing back Page 5 5
Beispiel Partner: Eine vollständige Plattform für Lösungen über mobiles und festes Internet mit dem höchsten verfügbaren Sicherheits-Standard Public Key Infrastruktur wird zum Teil der Entwicklungsumgebung. Internationale Standards werden unterstützt. Für SIM-Karten und Smart Cards + + PayCircle HP, Lucent, Oracle, Siemens und Sun bilden ein Konsortium zur Standardisierung mobiler Zahlung und Unterstützung der weltweiten Verbreitung von M-Commerce. PayCircle Konsortium wird offene Schnittstellen für mobiles Bezahlen entwickeln, verwenden und fördern. Non-Profit Organisation Mitgliedschaft für alle Aktiven im Mobile Payment Markt, wie Anwendungsentwickler Payment Service Provider Händler Inhalteanbieter Hersteller von Payment Systemen Hersteller fürr mobile Infrastruktur und mobile Endgeräte Netzbetreiber Banken & Kreditkartenfirmen www.paycircle.org Page 6 6
Trusted Operator PKI integration in Oracle 9i AS Wireless Petter Bergström petter.bergstrom@smarttrust.com SmartTrust Digital ID SmartTrust Fact Sheet History Business Offices Ownership Created by the mergers of Sonera SmartTrust, Across Wireless and id2 Technologies in 2000 - operations since 1991 Infrastructure software for managing and securing e-services Sweden, Finland, UK, Germany, Belgium, Italy, Spain, Malaysia, Hong Kong, Singapore, US ~290 full-time employees Currently 100% owned by Sonera Corporation (NASDAQ: SNRA) Products Revenue Customers Delivery platform for mobile operators PKI solutions with unique smart card support 1999 14 million 2000 25 million 2001 35 million 2002FC 49 million, EBITDA positive 70+ mobile operator customers and 160+ corporate customers in 43 countries 1
SmartTrust s Current Market Position Established Mobile Operator Franchise 60+ delivery platform installations 67 million Service and Device Management end-user licenses ~75% market share in SDM 15 million Wireless Internet Gateways end-user licenses sold All major SIM-cards inter-operate with SmartTrust technology Strong Presence in Digital Identity Technology >50% market share in Trust Service Provider segment in Europe (high-end smart card based PKI security) 1,5 million licenses SmartTrust Personal 9 smart card brands supported covering market share >75% 40+ CM installations Source: Dataquest, SmartTrust management estimates Customer Examples for Digital ID Segment Customer examples Trust Service Providers Bank/FI Telecom Government &Corporate 2
Product overview Content Provider Personal Internet HTTPS (SSL) Security Center SIM/UICC with Wireless Internet Browser (WIB) & signature plug-ins GSM/GPRS UMTS WLAN (11,5 G) Delivery Platform Mobile Operator Directory Service Certificate Manager OCSP Responder Trust Service Provider Mobile Digital ID Partner(s) The Challenge On the Internet nobody knows you re a dog. 3
The Security Trend (High level) One-time password Certificates / PKI Trend In a token On a Smart Card Complex installation Complex usage Password On diskette On paper list On hard disk 1 4 Unlimited No. of applications PKI Products from SmartTrust Certification Authority SmartTrust Certificates & Certificate Manager revocation information Certificate Repository Directory with LDAP protocol Certificates PKI cards Revocation information (e.g. CRLs) PKI-enabling software SmartTrust Personal Secure connection PKI-enabling software SmartTrust Security Center SmartTrust Servant OCSP End-users (subjects) End-entities 4
PKI Security Users Banks and financial institutions Government Telecom Large Enterprises Secure email & file encryption with standard email products Applications Extranet/intranet, VPN, remote access, Single Sign On Internet banking/e-commerce document processing, workflow SmartTrust products CA system Client side PKI Server side PKI Standards RSA PKCS SSL S/MIME SEIS X.509 LDAP SET A Typical Web Solution SmartTrust Certificate Manager Certificate and CRL distribution Directory Certificate distribution CLIENT Web Browser SmartTrust Personal Authentication & digital signatures including extensive support for for Smart Cards and andsoft softtokens SSL version 3.0 CRL retrieval/checking SERVER WWWserver SmartTrust Servant Check CRL Verify signature Parse signature Parse certificate Application 5
The Mobile Ecosystem Mobile Ecosystem Co-operation by different types of service providers to offer mobile e-services to end users using the mobile terminal as a trusted personal device Infrastructure/ Technology Providers Mobile Operator Billing Relationship Provides mobile subscriber management, access and VAS. Currently in hub position in the mobile ecosystem. Media Company Provides information and content (e.g., music, news) Provides products/services for sale (e.g. software, tickets) Retailer/ Merchant End-User Financial Institution Facilitating savings, credit, payments Provides corporate IT services (e.g., ERP, Intranet, e-mail) Corporate/ Enterprise Trust Service Provider Provides digital identities and trust services (e.g., authentication) Trusted Operator A Trusted Operator is an operator that achieves acceptance of the mobile phone as a trusted personal device The mobile phone is the most deployed device for security tokens in the world! 6
Addressing the entire market? Dedicated devices Special tokens WAP Varying signature support Trusted Operator Supports tokens (and potentially seamlessly replaces tokens) Supports and enhances WAP Multi browsing environment Trusted Operator - Services and Revenue Digital Signatures Orders, Payments email Authentication VPN connection Wallet Services Web-login Confidentiality Account, Stock, Voting information One-time passwords Assumption: 1 000 000 subscribers, avg. 20 extra messages/user/month, 0.04 /message Decrease churn by 1% ARPU of 500 /year Certificate fee 3 /year (30%) New Services Revenue 240 000 in msg/month 900 000 in cert/year Reduced Churn churn 5 000 000 in retained revenue/year 7
Oracle9i Application Server Wireless and SmartTrust HTML Oracle 9iAS WE Client browsers and signature plug-ins P7 Web server P7, ISO9797 Adapters Content: XML, HTML, WML, DB etc... DP5 WIG WIG WML P7, ISO9797 Transformers XML Sign tag /ACI SDK /Oracle SDK HTML WIG WML XSLT New in ias WE v2 Available at partner web P7 Content transformation Harmonized signature interface Payment clearing with ACI ACI ACI payment gw gw Servant OCSP Security Center Systems Architecture HTML P7 DP5 DP5 WIG WIG WIG WML P7, ISO9797 Web server Oracle 9iAS Wireless Adapters P7, ISO9797 XML Sign tag /Oracle SDK HTML P7 Servant Servant OCSP OCSP Security Security Center Center Wireless Wireless Certificate Certificate Enrollment Enrollment Server Server Certificate Certificate Manager Manager Oracle OID X500 8
Example: B2C using wireless PKI Request signature Sign Transaction use private key on SIM Telecom Operator Notify Merchant and process payment Bank Request order confirmation Place Order, specify mobile payment Solution Highlights A complete platform to implement solutions over the mobile and fixed Internet using the highest security standard available. Any content or application becomes available on any device. Create Once Publish Everywhere Personalized Content Secure Portal Services Harmonized Signature Interface Leverage SMS channel Public Key Infrastructure becomes a part of the development environment. International standards are supported. Digital certificates can be stored on any device: smart card, SIM-card or as a soft certificate. Certificate issuing and management 9
More information www.smarttrust.com or petter.bergstrom@smarttrust.com Background What is required is the equivalent to: 10
The four elements of security Confidentiality Integrity Eavesdropping Modification Authentication Non-repudiation Faked identify Not sent Claims Receipt PKI - Public Key Infrastructure Juliet s Private Key Romeo s Private Key Juliet s Public Key Romeo s Public Key 11
Signing the message Meet me at the balcony, Juliet Clear Text Message Juliet s Private Key Sign Signed data Meet me at the balcony, xa7a1 Encrypting it Meet me at the balcony, xa7a1 Signed data Romeo s Public Key Encrypt Encrypted and signed data 8duqhj482aq29#1ej&2aVhd2# 2 Deliver to Romeo... 12
Decrypting it 8duqhj482aq29#1ej&2aVhd2# 2 Encrypted and signed data Romeo s Private Key Decrypt Signed data Meet me at the balcony, xa7a1 Checking the signature Meet me at the balcony, xa7a1 Signed data Juliet s Public Key Verify Clear Text Message Meet me at the balcony, Juliet 13