Download presentation
Presentation is loading. Please wait.
1
Certicom MobileTrust™: PKI for Mobile and Wireless Systems John Kennedy Director of PKI Product Marketing jkennedy@certicom.com April, 2000
2
Presentation Overview Wireless and Mobile PKI Requirements, Demand, and Growth Opportunity Certicom’s MobileTrust™ Initiative Open Challenges
3
Certicom’s Mission Security for mobile e-business Certicom enables mobile e-commerce and e-business applications like shopping, banking, brokerage, email, payments, and healthcare
4
Market Size Mobile market growth is phenomenal $66b in wireless e-commerce in 2003 (IDC) 1b mobile phones by 2003
5
Mobile Growth 199 8 200 2 Number of Non-PC Devices Accessing the Internet4% 43% Source: IDC Research Smartphones, handheld computers, television set-top boxes, pagers, etc.
6
Mobile Enterprise Connectivity Objective: Extend enterprise data to a mobile sales force Motivation: Faster feedback Better decisions Lower costs Challenges: The best info is the most sensitive Existing data frameworks Form factors
7
Wireless e-Commerce Objective: Enable banking, stock trading, and online shopping anywhere and any time. Motivation: PC use saturated at 30% Availability = more transactions Service differentiation Consumer impulse buying Trader alerts Challenges: Fraud (user authentication) Privacy (consumer behavior tracking)
8
Mobile Devices Objective: Web-enable the rest of the world Motivation: Non-PC Web devices expected to reach 43% by 2002 New services, transaction-based revenues Customer loyalty and management Challenges Low cost, low margin devices Need the same security as PCs Require better packaging, reliability and support than PCs
9
Where is strong authentication and user accountability needed? Secure Stock Trading On-line Banking Enterprise Data Access. Secure Messaging Healthcare Mobile Lifestyle, Personal Info Mobile phones, pagers, and PDA’s will be platforms of choice.
10
Certicom Security Solutions for Mobile Environments ECC-based signing from mobile devices in wireless networks. ECC-based security protocols with strong server and strong client authentication.
11
Certicom Mobile Security Technology Licensees Palm Computing AvantGo Puma Riverbed Advance Systems Extended Systems Confinity Infowave Qualcomm RIM 724 Solutions Aether Systems Newcom ePhysician iScribe PlanetRX Sybase Bell South Motorola JP Systems
12
Certicom OEM Customer Requirements “We love your ECC-based crypto and security protocol technology.” “We want the PKI-based identity management infrastructure.” “PKI is too expensive or too complicated to build ourselves.” If we build it, they will come…
13
MobileTrust™ Goals MobileTrust™ announced Jan. 2000 Deliver a full suite of PKI products and services for mobile and wireless markets. Develop a set of ECC-based certification authorities. Address an unaddressed market with tremendous growth potential.
14
Certicom PKI Product Set MobileTrust™ Outsourced Certification Authority (CA) service Accompanied by semi-custom RA, client/server toolkits, PKI integration services Trustpoint ® PKI Technology Base PKI toolkits for OEM developers CA, RA, EE, RP applications and components in Java and C++
15
MobileTrust™ - Complete Mobile Security Solutions MobileTrust CA Service Run by Certicom for OEM customers, service operators, enterprises and end users MobileTrust RA Platform Run by enterprise to administer certificates. Calls on MobileTrust CA to issue certificates Client and Server Security Toolkits PKI Clients (EE/RP functions), SSL Plus, WTLS Plus, and other Certicom security products. MobileTrust PKI Integration Services Expert consulting and PKI Integration to fit MobileTrust to existing business logic and information systems
16
MobileTrust™ Hierarchy
17
MobileTrust Features Standards compliance ANSI X9.62 ECDSA (signature standard) IETF PKIX (X.509, CMP, CRMF) WAP PKI (cert profiles, protocols) LDAP-accessible repositories
18
MobileTrust Features (continued) Assurance SAS-70 (service reliability audit) FIPS 140-1 Level 3,4 (security environment) NIST and ABA ISC PKI Security Guidelines
19
MobileTrust Features (continued) Interoperability Is “Interoperable Security Components” an oxymoron? Customer want to choose best-of-class PKI components. PKI investment preservation. Interoperability is good for overall PKI market growth. Interoperability cost/value not always well- understood. Participation in PKI Forum, Radicchio, other fora.
20
MobileTrust Features (continued) Scalability Immediate need is server certificates Long-term emphasis is on client certificates We anticipate 100:1 - 1000:1 ratio of client certificates to server certificates. Scalability requirements drive database, directory, and RA distributability needs. MobileTrust being designed to handle 100 million certificates/year.
21
MobileTrust™ Registration Authorities Based upon Trustpoint™ CA/RA Java Bean-based policy engine architecture. Anticipates need for customization to accommodate unique identity capture and vetting requirements Communicates with end-entities using PKIX CMP, WAP, and PKCS-10 based protocols
22
PKI Client Basic Cryptography: ECC, RSA, DES, RC4, SHA1, etc Key Store: Secret keys and Certificates Certificate Protocols: Request, Revoke, Renew Security Protocols: *SSL Plus *IPSEC Plus *WTLS Plus *Palm VII OPP *E-commerce wallet *Text Signing GUI - security icons, locks, etc.
23
PKI Client Platforms Palm platform devices Palm, Nokia, Sony,TRG, Handspring Cell Phones Paging devices RIM, Bellsouth networks Embedded Systems
24
Mobile PKI Special Requirements Ultra-thin clients, mobile code Integration with wireless-friendly security protocols. (e.g., WTLS) Roaming identity services Platform and channel heterogeneity.
25
Mobile Security Challenges Better authentication protocols User assertive -- mutual authentication by default. Client authentication at multiple layers. End-point security: secure O/S, trusted path, platform integrity. End-to-end security instead of gateways and proxies. Secure audit capability at client.
26
MobileTrust ™ Summary Managed Certificate Services Features CA Service for industry standard elliptic curve certificates 100% Java-based RA platform Compatibility with SSL Plus and WTLS Plus products PKI client software for handhelds OEM and Enterprise integration services Benefits Guaranteed PKI service: 24x7 operation Signed business transactions on mobile systems in wireless networks Rapid time-to-market for mobile e-business applications
27
Questions?
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.