1 / 15

Gemplus and OSGI Benjamin Maury

Gemplus and OSGI Benjamin Maury 10.23.03 Gemplus Introduction World Leader for Smart Card Solutions Smart Solutions in Telecommunications Beyond the SIM with applications and Over the Air Platform Trusted Solutions for finance and security Banking: differentiated services

Jims
Download Presentation

Gemplus and OSGI Benjamin Maury

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Gemplus and OSGIBenjamin Maury 10.23.03

  2. Gemplus Introduction • World Leader for Smart Card Solutions • Smart Solutions in Telecommunications • Beyond the SIM with applications and Over the Air Platform • Trusted Solutions for finance and security • Banking: differentiated services • Retail: customer loyalty • ID and Security: Government and Enterprise • Security expertise delivered by Business Development Group • Digital Security • Operating Systems • Technology-driven business

  3. What is the Gemplus Automotive Approach? • Leverage our telecom and security expertise in automotive market : • Provide more flexibility to the SIM Card • Ensuring end to end security in Electronic Control Unit Software Download • Enabling Multi services Token for services personalization • Requirements for services life cycle flexibility and security

  4. OSGI Lite Implementation

  5. J2ME Java Card J2SE J2EE CLDC CDC MIDP P3 P4 P2 API Language VM API . . . . . . API CDC API CLDC API JC API Java subset Java JVM KVM JCVM OSGI

  6. Gemplus and Java • More than 50% of our products are Java compliant • Migration from proprietary platform towards open platform • As a smart card leader we have to be the first at the standardization level • JSR 177 – Secure the Java Mobile Environment with security services coming from SIM Card

  7. Why OSGI for the next Java Card Platform? • Next Generation smart cards will require dynamic service management • Need for OSGI lite in order to have a flexible way to manage application • Need for adapting Performance and Hardware constraints due to the small smart card environment • Gemplus is proposing an OSGI framework for the next Java Card platform

  8. Our light OSGI Implementation • Implements only the Core OSGI Features (possibly a subset) • KVM-like java platform Development for smart card • Communication is provided by an embedded TCP/IP stack • For smart card first but possible extension to small foot print environment

  9. OSGI Security Approach

  10. Our OSGi Security approach • Open environment means more risk exposure and more security requirements • Objective is to have an end to end security chain from development to application use • The security level is always given by the weakest element • So far, usage of Global Platform to manage our open platform • Our products are based on Global Platformand have a security validated by EAL5+ (Evaluation Assurance Level) Certification • OSGi Security scheme remains open and has to be defined by OSGi solution integrators

  11. Java is Open but Possibly Secured • Java and security • Code download post-issuance • Multi-application • Applet / platform separation • Risks • Non Verified Application (Trojan horses) • Problems of trust and rights delegation • Enforcement of chain trust • Risk assessment to evaluate the vulnerability • Identity of each involved party can be checked (authentication) • Answer to Integrity and Confidentiality of data Needs • Secure the Java Virtual Machine

  12. End to end Security Services GSM/GPRS, UMTS Shops Application Server • Multi-application • Post-issuance capabilities • Signature and encryption of application Internet Complete security chain to reach high security level

  13. Parallel can be made with the Automotive World GSM/GPRS, UMTS Dealers Application Server • Multi-application • Post-issuance capabilities • Signature and encryption of application Internet WLAN The same requirements exist for the automotive market

  14. Conclusion • OSGi is a candidate for New Generation Java Card management framework • OSGI brings flexibility but great care has to be taken concerning the complete security chain • Gemplus has an end to end security expertise and has experimented an OSGI lite implementation

  15. Questions? benjamin.maury@gemplus.com

More Related