Stephan Spitz

Secure Embedded Platform with Advanced Process Isolation and Anonymity Capabilities

Mobile and embedded devices are increasingly popular: well over a million smart-phones were sold each day in 2011. These devices have changed from simple single-purpose tools, to powerful multifunctional personal computers, providing the owner with functionality previously only available on much more powerful desktop computers.

Mobile phones as secure gateways for message-based ubiquitous communication

For ubiquitous communication self-organising adhoc networks become more and more important. We consider mobile phones as an appropriate trusted gateway for external machines with low communication needs. A message-based approach is best in such a scenario with moving mobile phones and machines. We propose a security model for access control to the communication infrastructure that is also message-based. To meet the requirements of ubiquitous communicating machines, all algorithms on the senders side are based on symmetric cryptography resulting in low computation needs. A sophisticated symmetric key infrastructure for message authentication provides the necessary key management. The trustworthiness of the mobile phone is achieved by using the SIM as a secure storage and computing module. This makes it possible to use the mobile phone not only as a user terminal but also as a trusted infrastructure component of the mobile network.

Privacy and Identity Management on Mobile Devices: Emerging Technologies and Future Directions for Innovation

Secure Elements have been around as identity providing modules in Mobile Services since the creation of the Mobile Phone Industry. With an increasingly dynamic environment of Mobile Services and multiple Mobile Devices, however, and with an ever changing ecosystem, characterized by new value chain entrants, new (partial) identities need to be provided for the end users. Here, emerging Secure Elements such as Stickers and Secure SD cards can be leveraged in addition to the omnipresent SIM card / UICC. For future services though, even more flexible, secure and privacy enhanced Secure Elements, such as Trusted Execution Environments can be expected. They are needed to cope with an ever more dynamic Mobile Services environment that depends upon reliable, partial identities of the end users and increasingly calls for privacy and security measures. This chapter elaborates upon the emerging and future Secure Element technologies for Mobile Devices. These technologies shall allow an increasingly dynamic creation of services between front-end Mobile Devices and back-end Servers. The Chapter sets the current developments of the ecosystem for Mobile Services into perspective with the needed technologies, reflects on the contributions of the PrimeLife project and draws attention towards the still needed future directions of innovation.

ISOIIEC 24727 — A Future Standard for Smart Card Middleware

This paper describes the features of the future-oriented ISO/IEC 24727 smart card middleware standard for a broad audience; i.e., from a basic to a good technical understanding. Not only technical aspects are covered, but business and market aspects as well.