Inhyok Cha

Trust in M2M communication

Machine-to-machine (M2M) communication is viewed as one of the next frontiers in wireless communications. M2M communication applications and scenarios are growing and lead the way to new business cases. Because of the nature of M2M scenarios, involving unguarded, distributed devices, new security threats emerge. The use case scenarios for M2M communication also address the new requirement on flexibility, because of deployment scenarios of the M2ME in the field. We believe that these new requirements require a paradigm shift. One important pillar of such a shift will be a new, more balanced mix of device-centric trust and traditional enforcement of security properties.

Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications

The Third Generation Partnership Project (3GPP) standardisation group currently discusses advanced applications of mobile networks such as Machine-to-Machine (M2M) communication. Several security issues arise in these contexts which warrant a fresh look at mobile networks’ security foundations, resting on smart cards. This paper contributes a security/efficiency analysis to this discussion and highlights the role of trusted platform technology to approach these issues.

Trusted computing enhanced user authentication with OpenID and trustworthy user interface

Trusted computing, used as a security technology, can establish trust between multiple parties. One implementation of trusted computing technology standardised by the Trusted Computing Group is the trusted platform module (TPM). We build on the security provided by the TPM to create a trusted variant of identity management systems based on the popular OpenID protocol. We show that it is feasible to bind OpenID identities to the trustworthiness of the device. Our concept and implementation builds on previous work which showed that trusted computing can be used to create tickets. In this work, we use such tickets as a building block to establish trust in the OpenID protocol between the identity provider and the device. Furthermore, we investigate how mutual trust can be established in the communication between device and user during authentication. The concept of trust visualisation via a trusted environment and binding to user authentication are presented.

Sender Scorecards for the prevention of unsolicited communication

Sender Scorecards are conceived as a method to enable different IP Multimedia Subsystem (IMS) domains and networks to exchange trustworthy information on sender identities and other relevant information, to allow discrimination between legitimate and unsolicited IMS communication. The approach uses a secure and interoperable scorecard about the sender of IMS calls. Such a scorecard is generated, transported, and evaluated collaboratively between different network domains. Scorecards are used to generate a standardized exchange format for sender and message related information. Depending on the outcome of the scorecard evaluation, the receiving domain can take appropriate actions such as denying or allowing a communication attempt. The present paper proposes a blueprint for an IMS architecture including scorecard elements, based on 3GPP standards. In this context, procedures operating with scorecards for prevention of unsolicited communications are presented.