Credential Management for Cloud Computing



Similar documents
EMV in India: Giesecke & Devrient India. Mastering Successful Implementations with G&D

Mobile Sicherheitein sicheres Ecosystem für die mobile Kommunikation

Die Zukunft des M-Payment The future of m-payment

Secure Authentication for the Development of Mobile Internet Services Critical Considerations

Mobile Payment: The next step of secure payment VDI / VDE-Colloquium. Hans-Jörg Frey Senior Product Manager May 16th, 2013

WHITE PAPER Security in M2M Communication What is secure enough?

Secure Authentication for Mobile Internet Services

Commercial Banks. Payment transactions secured by G&D.

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS

How Secure are Contactless Payment Systems?

Bringing Security & Interoperability to Mobile Transactions. Critical Considerations

ACI TOKEN MANAGER FOR MOBILE: TOKEN SERVICE PROVISION, HCE AND EMBEDDED SECURE ELEMENT IN THE CLOUD

NFC Transit White Paper The Future is Urban and Mobile

OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE

EMV-TT. Now available on Android. White Paper by

Challenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG All rights reserved

Building Trust in a Digital World. Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd.

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui

Making Cloud-Based Mobile Payments a Reality with Digital Issuance, Tokenization, and HCE WHITE PAPER

Embedded Java & Secure Element for high security in IoT systems

Key & Data Storage on Mobile Devices

Cloud Services Prevent Zero-day and Targeted Attacks

EESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper.

BGS MOBILE PLATFORM HCE AND CLOUD BASED PAYMENTS

The Importance of Secure Elements in M2M Deployments: An Introduction

Securing the future of mobile services. SIMalliance Open Mobile API. An Introduction v2.0. Security, Identity, Mobility

The Information Security Problem

IT Networking and Security

2012 Data Breach Investigations Report

Mobile Electronic Payments

GEMALTO M2M KEY TECHNOLOGY TRENDS OF M2M

Cyber Security and Critical Information Infrastructure

Public Key Applications & Usage A Brief Insight

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis,

The Next Generation of Security Leaders

EU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015

Key Topics in Mobile Payments. Marianne Crowe Federal Reserve Bank of Boston m-enabling Summit June 10, 2014

Security aspects of e-tailing. Chapter 7

Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge

THE BLUENOSE SECURITY FRAMEWORK

Security Requirements in the Era of Mobile communication The case of the financial industry

Key Management Issues in the Cloud Infrastructure

LBSEC.

WRITTEN TESTIMONY BEFORE THE HEARING ON FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN TARGET

HCE, Apple Pay The shock of simplifying the NFC? paper

MITIGATING LARGE MERCHANT DATA BREACHES

IDENTITY & ACCESS. BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape

Internet Banking Attacks. Karel Miko, CISA DCIT, a.s. (Prague, Czech Republic)

Encrypted Communication Based on BlockChain and PKI Technology.

BLACKJACKING: SECURITY THREATS TO BLACKBERRY DEVICES, PDAS, AND CELL PHONES IN THE ENTERPRISE

Presented by: Mike Morris and Jim Rumph

Security of Proximity Mobile Payments

PUF Physical Unclonable Functions

Android pay. Frequently asked questions

Enhancing Organizational Security Through the Use of Virtual Smart Cards

Mobile Payment Security discussion paper

Smart Ride: European transit systems move to contactless mobile payments Trends and Developments, May 05, 2015

BlackBerry 10.3 Work and Personal Corporate

Protecting Online Customers from Man-inthe-Browser and Man-in-the-Middle Attacks

True Identity solution

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

Brainloop Cloud Security

Intel Cyber Security Briefing: Trends, Solutions, and Opportunities. Matthew Rosenquist, Cyber Security Strategist, Intel Corp

Information Security and Risk Management

How Secure is Authentication?

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules

White paper Security Solutions Advanced Theft Protection (ATP) Notebooks

Protecting Your POS System from PoSeidon and Other Malware Attacks

Securing the Cloud Infrastructure

APT Advanced Persistent Threat Time to rethink?

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

Central Agency for Information Technology

Remote Access Securing Your Employees Out of the Office

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Introduction to SAML

Stronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement"

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks

Swisscom Cloud. Building a secure cloud. SIGS, Christof Jungo

Threat-Centric Security for Service Providers

IT Networking and Security

Transcription:

Credential Management for Cloud Computing Workshop Cloud Security, 16.07.2014 Dr. Johannes Luyken Page 1

Security breaches increase in their impact by exploiting online access to confidential data that is centrally stored Recent attacks target central Hubs storing Customer data Financial data Access credentials 2011 2013 More incidents Higher variety Attacks become increasingly sophisticated Social engineering (e.g. s pear phishing) Trojans, malware etc. Impacts increase For example: >75m data sets stolen from Sony including financial data 1.5m credit card data (MC, Visa) stolen from payment provider Global Payments Page 2

Cloud Security: Framework TRANSACTIONS CONNECTIVITY USER DOMAIN SERVICE DOMAIN MOBILITY IDENTITY TRUST AND SECURITY CLIENT SIDE ELEMENTS DEVICE SOFTWARE DATA MANAGE- MENT PERSO- NALIZATION MOBILE DEVICE LIFECYCLE MANAGE- MENT SERVER SIDE Cloud Security Building blocks Page 3

Security Building Blocks Secure Elements Our Secure Elements are the VAULTS of your mobile service solutions Data management and Personalization Securely personalizing your service applications on multiple devices and multiple channels MOBILE DEVICE SOFTWARE LIFECYCLE MANAGEMENT ELEMENTS DATA MANAGEMENT PERSONALIZATION Device Software Establishing the connection between the user and your mobile service Secure Device Lifecycle Management State-of-the-art lifecycle management solutions for your Secure Elements and Service Applications A B Page 4

Secure Environments for Cloud Cloud Security Threats Data control Data location Data deletion Data Integrity Privacy Cloud Provider Secure Environment Page 5

Privacy by design for Cloud applications Encryption is the key element for privacy in the cloud Different encryption schemes Symmetric Asymmetric (PKI) Different encryption implementation At Cloud provider At third party At the access device Encryption can be made very powerful, but what about the keys? Adequate key handling needed to guarantee privacy Secure Environments Page 6

A family of Secure Environments (SE) for Secure Cloud Embedded SE SIM Token ID-Card Trusted Execution Environment NFC MicroSD Page 7

Secure device management solutions ensure full service flexibility over the entire device lifecycle MOBILE DEVICE SOFTWARE LIFECYCLE MANAGEMENT ELEMENTS DATA MANAGEMENT PERSONALIZATION SIM / Device Management Managing SIM cards and mobile devices over their entire lifetime NFC / TSM Trusted Service Management for service applicationson different multi-service secure elements Subscription Management / M2M Secure M2M communication (car, home) and dynamic SIM personalization A B Secure Authentication Secure Trusted Execution Environment (TEE) Lifecycle and Service Management TEE Page 8

Securing mobile life. Dr. Johannes Luyken Innovation Management Thank you for your attention Secure Devices Mobile Security Giesecke & Devrient GmbH Prinzregentenstrasse 159 81607 Munich, GERMANY www.gi-de.com Telephone 49 89 4119-1119 johannes.luyken@gi-de.com Secure Environments for Cloud Computing Dr. Johannes Luyken 6th Banrisul International IT Forum, June 6 th 2013 Page 9

High-level personalization flow for Secure Elements MOBILE DEVICE SOFTWARE LIFECYCLE MANAGEMENT ELEMENTS DATA MANAGEMENT PERSONALIZATION Card body Card Commercial Banks and Transit Account data Input data Input Data reception SIM Data Preparation Data Generation Branch MNO Card Management System Output data Data routing Card / SE Personalizatio n G&D High Security Domain POS OEM Back end System Carrier Personalizatio n Fulfilment Shipment Car Home Mobile Transit Data Processing Systems G&D Security Domain Page 10

Credential Management:Subscription Mgt Page 11

Comparison between Secure Element and TEE SE Dedicated security chip with specific software Protects against all known HW and SW attacks, Certifications Limitations on number of applications and performance OS based and part of application processor of mobile device Protects against all known SW attacks, Does not offer HW tamper resistance Enabling a security layer on top of peripherals (e.g. display, keypad) SE Protects device and peripherals and applications the solution for scenarios with significant threat potential, such as mobile banking for everything beyond small amounts Page 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information