Device Security Overview May 2010 doc.: IEEE 802.11-yy/xxxxr0 September 2010 Device Security Overview Date: 2010-09-16 Authors: Notice: This document has been prepared to assist IEEE 802.19. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Alex Reznik (InterDigital) Tuncer Baykas, NICT

September 2010 Abstract In response to group’s request to learn more about device security We present a high-level overview of what device security is We also show examples of how existing commercial standards and products implement it Alex Reznik (InterDigital)

Outline Emerging Threats in the New Communication Network September 2010 Outline Emerging Threats in the New Communication Network What is Device Security? Why is it Needed? Some solutions that have proved useful Adoption in Other Products and Standardization Examples: 3GPP R9 Femtocell Autonomous Validation Commercial examples of mobile phone chipset device security Why Device Security for Communications Summary and Next Steps Alex Reznik (InterDigital)

Tomorrow’s Network of Networks September 2010 Tomorrow’s Network of Networks Social networks Shopping, banking, secure transactions Healthcare Intelligent Highways & Vehicular Comms Education Smart Power Grid Entertainment and gaming Wireless home & Consumer electronics WiMax Sensors Relays Cellular WiFi Increased data utilization – Devices like smartphones and USB modems are driving mobile broadband adoption. Smartphone users transfer more data than the typical enhanced phone or low-end wireless subscriber. In addition, vendors and operators are reporting significant increases in embedded and external modem use. • Rich multimedia experiences – Web surfing and e-mail represented the first wave of mobile data applications. Streaming audio and video are becoming increasingly popular ways for wireless subscribers to enjoy an immersive content experience. • More efficient mobile data networks – Increased wireless data rates, reduced latency, and better use of existing spectrum allocations are all benefits resulting from migrating to 3G and 4G mobile broadband network technologies. • New revenue streams – Data services enable incremental revenue beyond cellular voice and messaging plans. Multiple tiers of pricing are possible depending on mobile device type, network access speeds, and frequency of use. Ambience Femto Mesh Billions of subscribers, trillions of connections Alex Reznik (InterDigital)

New Security Threats Will Emerge September 2010 New Security Threats Will Emerge As wireless networks become more and more distributed, new security threats are emerging Network edge components require stronger security e.g. Femto cells, relays and gateways As the scale of connected devices grows the avenues of attack will also grow Some type of new attacks Physical attacks on devices Malicious attacks on software, data and credentials Configuration attacks Protocol attacks against the device Attack on the core network User data and identity privacy Alex Reznik (InterDigital)

What is Device Security? September 2010 What is Device Security? Device Security addresses a core need: To ensure devices will operate as trusted and expected, and not to operate in un-trusted or unexpected ways Commonly applied requirements include: To perform security-sensitive functions (e.g. crypto key generation, authentication, access control, etc) and do so in a way that counters unauthorized access to, disclosure of, or compromise to such functions To store and handle security-sensitive data (e.g. crypto keys, sensitive data, etc) without unauthorized access or compromise to the data while the data is in storage or being processed in the device To detect, report or prevent attempts of attacks on the device itself To report and remediate functionality when and if compromises do happen To provide reliable and secure references for time and/or location, that help other requirements such as those listed above Device Security is related to but different from Communication Security, which mostly concerns how data, while in transit from point A to point B, can be protected for confidentiality, integrity, freshness, etc. Without Device Security, little trust can be given to communication security! Alex Reznik (InterDigital)

September 2010 Why device security? Devices can’t be inherently trusted or assumed to be secure They use many components that integrators don’t fully know about Complexity of modern computing or communication devices often makes it impossible for even its designer to know all vulnerabilities Rule of thumb is there is a security bug in every 1k line of code! Fast changes (for the worse) in attack-cost vs. benefit equation that motivates prospective attackers to attempt more attacks Increasing use of open standards and platforms Ubiquitous availability of connectivity (e.g. Internet, USB, Bluetooth,etc) and resultant access for attackers to the devices Devices acting more and more like multi-app computers, and handling data or perform functions that are high-value or high-impact Trend for flattened network architectures, pushing sensitive network-based functions toward edge-network equipments such as routers, gateways, etc Many compromising attacks and threats (e.g. viruses, malware, ID theft, remote high-jacking, etc) are finding ways to other devices (cell phones, gaming boxes, etc) Alex Reznik (InterDigital)

Solutions that have proved useful for Device Security September 2010 Solutions that have proved useful for Device Security Use inherently trustable “secure environments” in devices To perform the most fundamental or security-wise critical functions To store and handle the most sensitive data To build a ‘chain of trust’ to attest to the integrity of the rest of the device functionality Requires appropriate hardware to build (e.g. secure ROM, RAM, Onetime Pads, E-Fuses, etc) Detect, report, and remediate deviations or compromises To detect, use “secure environment” to measure behavior or metric (e.g. hashes) of integrity or trustworthiness, and compare them to trusted references To report, use “secure environment” to assure validity of alarms or fault reports. To remediate, use “secure environment” to assure integrity of remediation/update protocol handling and local updates procedures Balance local trust vs. remote enforcement Something within the device has to be inherently trusted. Make it small and cost effective. Everything else need to be monitored for deviation, and detected deviations need to be addressed by controlled enforcement (e.g. deny access to network) Protect the network from compromises in devices Enable the network to become cognizant of compromised devices and be able to control access of devices suspected of compromises Design network and end-point protocols that enable or help detection, reporting, access control and remediation Make sure such protocols and mechanisms can handle shades of grey, gradations, and multiple scopes/contingencies Alex Reznik (InterDigital)

Product Adoptions and Standardization September 2010 Product Adoptions and Standardization Device Security has been adopted for many products, and are being standardized for other products too Communication network equipments Femto-cell or Home (e)NB devices (3GPP stds Rel9/10, 2009 and onward) 3GPP eNodeBs (stds Rel8, 2008) and relay nodes (Rel10 /11– 2010+) ETSI M2M Gateway (Rel1, end of 2010) Communication terminal devices, and chipsets & modules for them Smart cards / SIM / UICC modules (since 1990s and onward) Embedded security on commercial mobile phones (mid 2000s and onward) CableCARD™ or DCAS™ security for Cable STBs (early 2000s & on) ETSI TC M2M Devices (being standardized for Rel1 release in 2010) Other devices – computers, laptops, gaming devices, etc Most current laptops have on-board Trusted Platform Modules (TPM™) Gaming boxes such as Xbox and PS-2/3 have built-in dev sec. Alex Reznik (InterDigital)

Trusted Processing for Wireless Devices September 2010 Trusted Processing for Wireless Devices Wireless Device Perform chain of trust based integrity check of platform Authentication and Access to Network Allowed Measured Value Reference Metric COMPARE √ Yogendra’s comments. Introduce TPM’s functionality Qualify the Internal Atestation as immediate term. Network attestation is more longer term (more opportunity for IDCC) Server side: longer-range of TCG: Network side., Network based trust measurements for DRM or Mobile Payments, the network collects trustmeasurements and assessments, and grant different privileges of access to different terminals with different levels of trust.  Longer Term opportunity for us. Integrity Self Check Pass/Fail Cert Credentials Meas. Data Reference Metrics (RIM) protected by Trust Environment Alex Reznik (InterDigital)

Example: Autonomous Validation of 3GPP R9 Femtocell* September 2010 Example: Autonomous Validation of 3GPP R9 Femtocell* An internal Trusted Environment (TrE) of a Femto measures and verifies the integrity of software and configuration of the Femto. Femto is ONLY allowed to authenticate as a device with the Network after passing integrity check Network infers device trust in Femto by virtue of implication from successful device authentication Femto Cell √ B C X Femto Cell A X * 3GPP TS 33.320 H(e)NB Security Aspects sections 6, 7, and 8. Alex Reznik (InterDigital)

Overview of TR1 Recommendations September 2010 Example: Open Mobile Terminal Platform (OMTP) Advanced Trusted Environment TR1 for Mobile Terminal Security (*) Overview of TR1 Recommendations Enhances the Basic Trusted Environment (TR0) specs New, expanded threat model Protects the Application Security Framework on a device Different profiles for different levels of security in the terminal Enables high security platforms and devices Grounding for future high-security services on mobile phones ** Source: * http://www.omtp.org/Publications/Display.aspx?Id=3531a022-c606-42ad-bf02-4c8d10dc253e# **http://docbox.etsi.org/Workshop/2009/200901_SECURITYWORKSHOP/OMTP_DavidRogers_OMTPSecurityRecommendationsandtheAdvancedTrustedEnvironment_OMTP_TR1.pdf Alex Reznik (InterDigital)

Example: Mobile Phone Security (Freescale product example) September 2010 Example: Mobile Phone Security (Freescale product example) Secure ROM and RAM Hardware-based binding of DevID to crypto key Security Controller Onchip secure monitor Crypto engines Run-time integrity check (RTIC) Source: http://www.freescale.com/files/training_pdf/WBT_27207_IMX31_SECURITY.pdf Alex Reznik (InterDigital)

Example: Freescale i.MX-31 High-Assurance Boot (HAB) September 2010 Example: Freescale i.MX-31 High-Assurance Boot (HAB) Source: http://cache.freescale.com/files/32bit/doc/white_paper/IMX31SECURITYWP.pdf? Alex Reznik (InterDigital)

Example: i.MX-31 Runtime Integrity Checker (RTIC) September 2010 Example: i.MX-31 Runtime Integrity Checker (RTIC) Source: http://www.freescale.com/files/training_pdf/WBT_27207_IMX31_SECURITY.pdf Alex Reznik (InterDigital)

Example: Qualcomm SecureMSM™ Software Architecture September 2010 Example: Qualcomm SecureMSM™ Software Architecture Source: http://www.writefayewrite.com/images/pdfs/DatasheetII.pdf Alex Reznik (InterDigital)

Example: Texas Instruments M-Shield™ Embedded Security September 2010 Example: Texas Instruments M-Shield™ Embedded Security Source: http://focus.ti.com/pdfs/wtbu/ti_mshield_whitepaper.pdf Alex Reznik (InterDigital)

September 2010 Summary and Next Steps Cognitive Communication Systems and Network are particularly susceptible to device-oriented threats Reliance on complex and dynamic policies to meet regulatory and standards compliance These increasingly need to be soft and updatable Reliance on other devices to follow rules Device Security is Here Technology is available Already being used to secure communication systems And it is the right solution to this problem The proper role of a communications standard Enable device security through support of required signaling Incorporate device security into appropriate security procedures (e.g. network access) When applicable require device security capability for access to certain services Alex Reznik (InterDigital)