Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Elements and W3C L. Castillo 06/16/15.

Published byDouglas Carson Modified over 6 years ago

Similar presentations

Presentation on theme: "Secure Elements and W3C L. Castillo 06/16/15."— Presentation transcript:

1 Secure Elements and W3C L. Castillo 06/16/15

2 Secure Elements at a glance
Secure microprocessor, secure memory, crypto engine September 8, 2014

3 Many applications Caveats Small memory, Low power, Low processing
Banking Telecoms ID Transport Caveats Small memory, Low power, Low processing Secure Elements don’t have a 6 weeks release cycle Title

4 A common set of standards
CC EAL FIPS EMVCo 3GPP ETSI GSMA PIV IAS ECC eIDAS OATH Business Applications ISO/IEC Java Card GlobalPlatform OS & Application Management ISO/IEC ISO/IEC 14443 Communication Security Features Title

5 W3C and Secure Elements Use cases to provide access to secure elements in web applications presented in SysApp WG Two factor authentication in web application “Chip present” mCommerce Reload transport card Mobile ID Reduce middleware burden on users Multiple efforts to provide access at various abstraction levels SE API in W3C SysApp WG at Communication level WebCrypto API support for SE at Cryptographic services level Past efforts stalled or stopped, one main issue Security policy & Access control to secure elements Middleware = driver burden Drivers => plug n’ play FIDO SE API based on OMAPI (SIM Alliance) Title

6 Web two security models
Security Model Issue Web two security models Permissions: for local, user controlled resources (GPS, storage, etc…) Same Origin Policy: for remote, domain-bound resources / entities SEs Security model Physical binding to a user’s device (for user control) Contained applications are owned and managed by remote entities Remote entity authentication doesn’t rely on web domains Support for SEs requires either compromise or a new model Using User Permissions - might open security hole for SE apps NOT using strong remote authentication Using SOP – requires binding SE apps to web domains and changing 6 bn+ SEs on a three year cycle Using a new Web App security model – Trust and Permission CG efforts stalled Permissions are specified in W3C, great Permission API, W3C Trust and Permission CG GP SEAC Title

7 Web Payments: touch points with SEs
Credentials for authentication and/or payments Proximity payment infrastructure EMV Card-based payment processing Tokenization World-wide EMV transition TEE Title

8 Next steps Ongoing efforts: collecting requirements to address SEs services through the web Global Platform Web APIs group W3C Working Group coming soon Many actions around Security / Credentials in W3C Web Security Recruiting participants for the coming W3C Working Group Contact Virginie Galindo: * Name to be defined Title

Download ppt "Secure Elements and W3C L. Castillo 06/16/15."

Similar presentations

1 Java Card Technology Prepared by:Ali Toyserkani Adopted from: Introduction to Java Card Technology C. Enrique Ortiz.

1 Java Card Technology Prepared by:Ali Toyserkani Adopted from: Introduction to Java Card Technology C. Enrique Ortiz.
Multi-Application in Smart Card-based Devices Christophe Colas, Chief Software Architect August 2002.

Multi-Application in Smart Card-based Devices Christophe Colas, Chief Software Architect August 2002.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards

Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards
Internet of Things Security Architecture

Internet of Things Security Architecture
1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Dongyan Wang GlobalPlatform Technical Program Manager

Dongyan Wang GlobalPlatform Technical Program Manager
SKS – Secure Key Store KeyGen2 –Token Provisioning Protocol Executive Level Presentation.

SKS – Secure Key Store KeyGen2 –Token Provisioning Protocol Executive Level Presentation.
Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.

Identity and Access IDGo Secure (ISE) for Android Didier Bonnet April 2015.
User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.

User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.
Secure Element Access from a Web browser W3C Workshop on Authentication, Hardware Tokens and Beyond 11 September 2014 1 Oberthur Technologies – Identity.

Secure Element Access from a Web browser W3C Workshop on Authentication, Hardware Tokens and Beyond 11 September Oberthur Technologies – Identity.
Android An open handset alliance project Janice Garcia September 18, 2008 MIS 304.

Android An open handset alliance project Janice Garcia September 18, 2008 MIS 304.
Athena Smartcard Solutions June 2009 Smart Card Technology and Security Leaders.

Athena Smartcard Solutions June 2009 Smart Card Technology and Security Leaders.
魂▪創▪通魂▪創▪通 2014. 9. 10. Digital Certificate and Beyond Sangrae Cho Authentication Research Team.

魂▪創▪通魂▪創▪通 Digital Certificate and Beyond Sangrae Cho Authentication Research Team.
Authentication Beyond Authentication - an e-banking and e-government perspective - Sean Michael Wykes CTO - Nascent Technology Consultants

Authentication Beyond Authentication - an e-banking and e-government perspective - Sean Michael Wykes CTO - Nascent Technology Consultants
Certificate and Key Storage Tokens and Software

Certificate and Key Storage Tokens and Software
Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet November 2014.

Identity and Access IDGo Secure (ISE) for Android Didier Bonnet November 2014.
Proposal for the support of connected and proximity crypto HW in browsers Philip Hoyer – Director Strategic Innovation January 2015 Presentation Title.

Proposal for the support of connected and proximity crypto HW in browsers Philip Hoyer – Director Strategic Innovation January 2015 Presentation Title.
May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

Similar presentations

Ads by Google