Presentation is loading. Please wait.

Presentation is loading. Please wait.

Certicom MobileTrust™: PKI for Mobile and Wireless Systems John Kennedy Director of PKI Product Marketing April, 2000.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Certicom MobileTrust™: PKI for Mobile and Wireless Systems John Kennedy Director of PKI Product Marketing April, 2000."— Presentation transcript:

1 Certicom MobileTrust™: PKI for Mobile and Wireless Systems John Kennedy Director of PKI Product Marketing jkennedy@certicom.com April, 2000

2 Presentation Overview Wireless and Mobile PKI Requirements, Demand, and Growth Opportunity Certicom’s MobileTrust™ Initiative Open Challenges

3 Certicom’s Mission Security for mobile e-business Certicom enables mobile e-commerce and e-business applications like shopping, banking, brokerage, email, payments, and healthcare

4 Market Size Mobile market growth is phenomenal  $66b in wireless e-commerce in 2003 (IDC)  1b mobile phones by 2003

5 Mobile Growth 199 8 200 2 Number of Non-PC Devices Accessing the Internet4% 43% Source: IDC Research Smartphones, handheld computers, television set-top boxes, pagers, etc.

6 Mobile Enterprise Connectivity Objective: Extend enterprise data to a mobile sales force Motivation:  Faster feedback  Better decisions  Lower costs Challenges:  The best info is the most sensitive  Existing data frameworks  Form factors

7 Wireless e-Commerce Objective: Enable banking, stock trading, and online shopping anywhere and any time. Motivation:  PC use saturated at 30%  Availability = more transactions  Service differentiation Consumer impulse buying Trader alerts Challenges:  Fraud (user authentication)  Privacy (consumer behavior tracking)

8 Mobile Devices Objective: Web-enable the rest of the world Motivation:  Non-PC Web devices expected to reach 43% by 2002  New services, transaction-based revenues  Customer loyalty and management Challenges  Low cost, low margin devices  Need the same security as PCs  Require better packaging, reliability and support than PCs

9 Where is strong authentication and user accountability needed? Secure Stock Trading On-line Banking Enterprise Data Access. Secure Messaging Healthcare Mobile Lifestyle, Personal Info Mobile phones, pagers, and PDA’s will be platforms of choice.

10 Certicom Security Solutions for Mobile Environments ECC-based signing from mobile devices in wireless networks. ECC-based security protocols with strong server and strong client authentication.

11 Certicom Mobile Security Technology Licensees Palm Computing AvantGo Puma Riverbed Advance Systems Extended Systems Confinity Infowave Qualcomm RIM 724 Solutions Aether Systems Newcom ePhysician iScribe PlanetRX Sybase Bell South Motorola JP Systems

12 Certicom OEM Customer Requirements “We love your ECC-based crypto and security protocol technology.” “We want the PKI-based identity management infrastructure.” “PKI is too expensive or too complicated to build ourselves.” If we build it, they will come…

13 MobileTrust™ Goals MobileTrust™ announced Jan. 2000 Deliver a full suite of PKI products and services for mobile and wireless markets. Develop a set of ECC-based certification authorities. Address an unaddressed market with tremendous growth potential.

14 Certicom PKI Product Set MobileTrust™  Outsourced Certification Authority (CA) service  Accompanied by semi-custom RA, client/server toolkits, PKI integration services Trustpoint ® PKI Technology Base  PKI toolkits for OEM developers  CA, RA, EE, RP applications and components in Java and C++

15 MobileTrust™ - Complete Mobile Security Solutions MobileTrust CA Service  Run by Certicom for OEM customers, service operators, enterprises and end users MobileTrust RA Platform  Run by enterprise to administer certificates. Calls on MobileTrust CA to issue certificates Client and Server Security Toolkits  PKI Clients (EE/RP functions), SSL Plus, WTLS Plus, and other Certicom security products. MobileTrust PKI Integration Services  Expert consulting and PKI Integration to fit MobileTrust to existing business logic and information systems

16 MobileTrust™ Hierarchy

17 MobileTrust Features Standards compliance  ANSI X9.62 ECDSA (signature standard)  IETF PKIX (X.509, CMP, CRMF)  WAP PKI (cert profiles, protocols)  LDAP-accessible repositories

18 MobileTrust Features (continued) Assurance  SAS-70 (service reliability audit)  FIPS 140-1 Level 3,4 (security environment)  NIST and ABA ISC PKI Security Guidelines

19 MobileTrust Features (continued) Interoperability  Is “Interoperable Security Components” an oxymoron?  Customer want to choose best-of-class PKI components. PKI investment preservation.  Interoperability is good for overall PKI market growth.  Interoperability cost/value not always well- understood.  Participation in PKI Forum, Radicchio, other fora.

20 MobileTrust Features (continued) Scalability  Immediate need is server certificates  Long-term emphasis is on client certificates  We anticipate 100:1 - 1000:1 ratio of client certificates to server certificates.  Scalability requirements drive database, directory, and RA distributability needs.  MobileTrust being designed to handle 100 million certificates/year.

21 MobileTrust™ Registration Authorities Based upon Trustpoint™ CA/RA Java Bean-based policy engine architecture. Anticipates need for customization to accommodate unique identity capture and vetting requirements Communicates with end-entities using PKIX CMP, WAP, and PKCS-10 based protocols

22 PKI Client Basic Cryptography: ECC, RSA, DES, RC4, SHA1, etc Key Store: Secret keys and Certificates Certificate Protocols: Request, Revoke, Renew Security Protocols: *SSL Plus *IPSEC Plus *WTLS Plus *Palm VII OPP *E-commerce wallet *Text Signing GUI - security icons, locks, etc.

23 PKI Client Platforms Palm platform devices  Palm, Nokia, Sony,TRG, Handspring Cell Phones Paging devices  RIM, Bellsouth networks Embedded Systems

24 Mobile PKI Special Requirements Ultra-thin clients, mobile code Integration with wireless-friendly security protocols. (e.g., WTLS) Roaming identity services Platform and channel heterogeneity.

25 Mobile Security Challenges Better authentication protocols  User assertive -- mutual authentication by default. Client authentication at multiple layers. End-point security: secure O/S, trusted path, platform integrity. End-to-end security instead of gateways and proxies. Secure audit capability at client.

26 MobileTrust ™ Summary Managed Certificate Services Features  CA Service for industry standard elliptic curve certificates  100% Java-based RA platform  Compatibility with SSL Plus and WTLS Plus products  PKI client software for handhelds  OEM and Enterprise integration services Benefits  Guaranteed PKI service: 24x7 operation  Signed business transactions on mobile systems in wireless networks  Rapid time-to-market for mobile e-business applications

27 Questions?

Download ppt "Certicom MobileTrust™: PKI for Mobile and Wireless Systems John Kennedy Director of PKI Product Marketing April, 2000."

Similar presentations

OneBridge Mobile Data Suite Product Positioning. Target Plays IT-driven enterprise mobility initiatives Extensive support for integration into existing.

OneBridge Mobile Data Suite Product Positioning. Target Plays IT-driven enterprise mobility initiatives Extensive support for integration into existing.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Www.cleo.com Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.

Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
PKI -An Industry Perspective Lisa Pretty Executive Director.

PKI -An Industry Perspective Lisa Pretty Executive Director.
Cryptography and Network Security

Cryptography and Network Security
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Advances in Card Solutions 7 th Annual CACR April 25, 2001 7 th Annual CACR April 25, 2001.

Advances in Card Solutions 7 th Annual CACR April 25, th Annual CACR April 25, 2001.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer

Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer
Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.
A Survey of WAP Security Architecture Neil Daswani

A Survey of WAP Security Architecture Neil Daswani
The Internet & The New IT Infrastructure Chapter 9.

The Internet & The New IT Infrastructure Chapter 9.
Principles and Learning Objectives

Principles and Learning Objectives
Robin Estabrooks Computer Science 1631, Winter 2011.

Robin Estabrooks Computer Science 1631, Winter 2011.
9 Lecture The Wireless Revolution. Identify the principal wireless transmission media and devices, cellular network standards and generations, and standards.

9 Lecture The Wireless Revolution. Identify the principal wireless transmission media and devices, cellular network standards and generations, and standards.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
02/12/00 E-Business Architecture

02/12/00 E-Business Architecture

Similar presentations

Ads by Google