1 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services Trial at the University of Rome: SIM-based Services Author: Alessandro Rabbini.

Slides:

Advertisements

Similar presentations

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.

Advertisements

McAfee One Time Password

1 Enabling Personal Databases To every Citizen. To create a Global Personal Network that facilitates Information Flow between people Every person in the.

© Tally Solutions Pvt. Ltd. All Rights Reserved Remote Access & SMS.

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

UDDI, Discovery and Web Services Registries. Introduction To facilitate e-commerce, companies needed a way to locate one another and exchange information.

Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

10/20/2011Pomcor 1 Deployment and Usability of Cryptographic Credentials Francisco Corella Karen Lewison Pomcor.

Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

FIT3105 Smart card based authentication and identity management Lecture 4.

Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.

SMS-Meeting Munich December 07 WP 4.4 Contribution Sagem Orga Carsten Rust.

Security and Policy Enforcement Mark Gibson Dave Northey

Session 12b, 12 June 2009 ICT-MobileSummit 2009 Copyright 2009 Project S.M.S. Design and Implementation of Mobile Electronic Memos: a tool to capture and.

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  

INTRODUCTION Toomeeting Conference (TMC) is the easiest and more accessible multimedia videoconferencing solution on market. TMC offers a large portfolio.

Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.

Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.

FTP. SMS based FTP Introduction Existing System Proposed Solution Block Diagram Hardware and Software Features Benefits Future Scope Conclusion.

May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

ISIGN IMS Proximity Marketing Solution (IMS) iSIGN Media Corp Sales 1ATTRACT. TRANSACT. MEASURE.

Mobile Identity and Mobile Authentication (mobile e-signature) Valdis Janovs Sales Director Lattelecom Technology SIA.

Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Information Security for Managers (Master MIS)

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

Ken Dorsey KA8OAD. What is EchoLink? The simple answer is EchoLink software uses VoIP technology to link ham radio stations together around the world.

Secure Electronic Transaction (SET)

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.

1 An Introduction to Electronic Commerce Electronic commerce: conducting business activities (e.g., distribution, buying, selling, marketing, and servicing.

PKI interoperability and policy in the wireless world.

Web Trnsport – Beta Testing and Implementation TUG Roundtable Discussion Elizabeth Rodgers Info Tech, Inc. October 9, 2007.

Registration Processing for the Wireless Internet Ian Gordon Director, Market Development Entrust Technologies.

DICOM Security Lawrence Tarbox, Ph.D. Chair, WG 14 Mallinckrodt Institute of Radiology Washington University in St. Louis School of Medicine.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Configuring Directory Certificate Services Lesson 13.

METU-SRDCEUROREC Meeting, Geneva, October 10, 2006 RIDE Overview Asuman Dogac Middle East Technical University Ankara, Turkey.

MobileMAN Internal meetingHelsinki, June 8 th 2004 NETikos activity in MobileMAN project Veronica Vanni NETikos S.p.A.

Leveraging UICC with Open Mobile API for Secure Applications and Services.

SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.

HEPSYSMAN UCL, 26 Nov 2002Jens G Jensen, CLRC/RAL UK e-Science Certification Authority Status and Deployment.

Proposed Solution for Device Binding 3GPP2 TSG-S WG4 S Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,

The FIDO Approach to Privacy Hannes Tschofenig, ARM Limited 1.

IST project ePerSpace N° IST integrated project ePerSpace Contract N°: Ádám Kapovits, Eurescom 8/11/2004.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

MVC WITH CODEIGNITER Presented By Bhanu Priya.

VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.

Site Authorization Service Local Resource Authorization Service (VOX Project) Vijay Sekhri Tanya Levshina Fermilab.

Systems that support electronically executed business transactions.

Planning an Active Directory Deployment Lesson 1.

Jason Kuo APSCA October 29, 2010 Convergence and cross usage of secure elements for mobile PKI and secure mobile contactless services.

Explanation of SMS Grievance System & Components for DWO’s David Shirley September 26 th.

Key management issues in PGP

Secure Element API An introduction.

Message Digest Cryptographic checksum One-way function Relevance

Presentation transcript:

1 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services Trial at the University of Rome: SIM-based Services Author: Alessandro Rabbini (TI) Co-Authors: RadioLabs (RAL) Sagem ORGA

2 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services Summary  Trial Data  SIM-based Services  SIM-based Services Architecture  Implementation Plan  SIMs and Subscriptions Provisioning  User Recruitment

3 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services Trial Data  Duration: 4 months, May – June and September – October 2008  Set-up: February – April 2008  100 participants:  Each one will receive a SIM with on board services plus the SCWS platform (ORGA), and a subscription (TI).  A small group (10 users) will also receive Windows Mobile (WM) phones, for exploiting the SCWS advanced services.  All other participants will use their own phone.  End-User components:  WM devices will have a pre-loaded SMS client, plus a gateway to interact with the SCWS platform.  Legacy phones will have to download the SMS client from trial servers.

4 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services SIM-based services  User Identification Service: SMS applications will ask SIM for identifying the user.  User Profile Data Management: the personal profile of the user, or a part of it, will be stored and managed on the SIM.  Digital Signature Service: SIM will contain private/public keys pair for the owner and public keys from other entities (e.g. service providers), which can request digital signature validation/generation.  Software Deployment Service: SIM will automatically trigger the download of the SMS client.

5 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services General SIM Services Architecture SCWS Gateway Trial Servers Smart Card Web Server SIM Services Unique User Interface 1.Legacy phones: minimum set of SIM services; the most advanced features will be replicated on phone and remote servers 2.WM phones: a gateway allows access to SCWS and the complete set of SIM services

6 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services User Profile Data Management  Use Cases:  Pre-entering of user data (e.g. in forms)  Management of user passwords to enable single-sign-on service  Selective service discovery  Portability of personal settings  Authenticated user access to personal data

7 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services User Profile Data Management  What data does the personal profile contain?  To be defined in the service specification  Is useful that SMS applications can remember user data?  It will be a tunable feature, and some test will be done to select if use it or not  Is TLS required for exchanging user data with services?  It is not required  How to query SCWS for obtaining user data?  Namespaces plus key/value approach will be adopted

8 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services User Profile Data Management WM phones:  Profile Data Manger will also provide the User Identification Service, responding to Mobile Application requests forwarded by SCWS Legacy phones:  Each time it’s inserted in a new phone, SIM sends the user identity to trial server  Server retrieves the corresponding profile and sends it to the SMS client on the phone  The SMS client stores the user profile permanently

9 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services Digital Signature Service Use Cases:  MEMs signing  MEMs signature validation  Mobile commerce transactions

10 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services Digital Signature Service  MEMs signing should be used for SMS services provided by University Public Administration (e.g. issuing of certificate to the students, etc.) Legacy phones:  Short messages could be used to implement the service  MEMs signing is not feasible (too many data)  Reasonable only if m-commerce services will be present in the trial  SIM Toolkit as User Interface

11 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services Software Deployment Service  Use Cases:  Automatic triggering of the SMS client download

12 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services Software Deployment Service WM phones:  No need to download SMS Client, it will be pre-installed Legacy phones:  IMEI Tracking Application will also provide the User Identification Service: each time the SIM is inserted in a new phone, user identity will be communicated to the server for triggering the user profile download

13 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services Implementation Plan Time schedule:  First Service Specification Release: 30 th November 2007  Final Service Specification Release: 17 th December 2007  Test card for profile test: half of December 2007  Test card for applications test: 29 th February 2008  End of applications test phase: 31 st March 2008  Trial cards release: 30 th April 2008 SIM features:  256KB of memory  Support for cryptographic co-processor and RSA  White card (no art work)

14 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services SIMs and Subscriptions provisioning ORGA will provide:  100 SIM cards  5 WM phones  SIM Card components:  Smart Card Web Server  Profile Data Manager, Data Storage  Digital Signature Service Application, Key/Certificate Storage  IMEI Tracking Application  Phone components:  SCWS Gateway  Server components:  Short Message Gateway Server

15 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services SIMs and Subscriptions provisioning TI commitment:  Provide 100 new pre-paid subscriptions (no number portability)  Activate 100 service cards for the whole trial duration that will grant to each participant a certain amount (500MB/1GB, dependently from the particular service card) of data traffic per month:  TI will offer an initial credit on the pre-paid card to cover the total cost of the service card. Example: 20 Euro/month the service card cost, 4 month the trial duration  80 Euro of initial credit  Each trial month TI will automatically renew the service card subtracting the cost from the pre-paid credit  Users will pay for all data traffic exceeding the per-month limit of the service card  Users will pay for all non-data traffic (voice, SMS, etc.)  Provide 2 WM phones

16 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services User Recruitment  Prepare public announcements (within January)  Define the terms and conditions for trial participation: cell number changing, WM phones treatment, privacy of personal info, tracking activity for reporting purposes, data access constraints, …  Advertise what will be offered:  a GPS receiver  free data access for the whole trial duration  Seminars to students of different faculties in the campus  Encourage groups participation  Use a web site for collecting pre-registrations and users indication:  how they will use the system  references to existing community services on the web