Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May...
Transcript of Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May...
![Page 1: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/1.jpg)
Sagem OrgaStrong, Global, Innovative.
![Page 2: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/2.jpg)
2
Sagem Orga – CTST – New Orleans, May 2009
CTST
François BlanchardGlobal Account Marketing Manager
![Page 3: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/3.jpg)
3
Sagem Orga – CTST – New Orleans, May 2009
Market drivers
The game has changed
New risks and new opportunities
Mobile Network Operators are now WEB service providersConvergence of technology and servicesMultiple devices to access services requiring a SIM card
The SIM card
The secure token of mobile networks (3GPP)The secure element for mobile NFC servicesAccess control element for mobile TV
Security of Internet is weak (Hacking, phishing)Forecast for IT security market $ 12B in 2010More than 35 000 WEB sites Open ID compatibleTons of web services means tons of passwords
![Page 4: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/4.jpg)
4
Sagem Orga – CTST – New Orleans, May 2009
PostulatesMake the SIM card a secure token for the WEBSingle Sign On solution re-enforced by the mean of a SIM card and add convenienceCompatible with standards and usual WEB technical environment (Open ID and HTTPS)Propose a solution to make the MNO a key player for the security of WEB services
PartnerEthertrust market software for smart cards and design innovative solutions that
strengthen the security of WEB applications while dramatically simplifying their use.
TLS Tandem: a way to secure Internet
![Page 5: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/5.jpg)
5
Sagem Orga – CTST – New Orleans, May 2009
Driving use cases, secure Internet authentications
E-CommerceE-Commerce
E-paymentE-BankingE-paymentE-Banking
Single Sign OnSingle Sign On
MNO WEB portalBank internet siteAny OpenID internet site
MNO WEB portalBank internet siteAny OpenID internet site
E-GamingE-Gaming
PokerGambling games
Corporate servicesCorporate servicesIntranetE-mailCorporate phonebook
![Page 6: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/6.jpg)
6
Sagem Orga – CTST – New Orleans, May 2009
USB companion, the device for convergence
SIM
MNO secure token
Internet Everywhere
MNO WEB portal
Open ID
Protected user data
![Page 7: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/7.jpg)
7
Sagem Orga – CTST – New Orleans, May 2009
How does it works
Macarte d'identitéINTERNET
Plug the dongle to laptop
Plug the dongle to laptop
Insert SIM in USB dongleInsert SIM in USB dongle
Connect to internet.
Connect to internet.
1- Automatic authentication1- Automatic authentication
2- Secure connection set up2- Secure connection set up
3- Get access to WEB services3- Get access to WEB services
4- Use services4- Use services
Java OSJava OS
TLS Tandem javacard applet
TLS Tandem javacard applet
Windows / Mac / Linux OSWindows / Mac / Linux OS
TLS Tandem ProxyTLS Tandem Proxy
USB dongle with SIM card reader (PCSC) and HSDPA
modem
USB dongle with SIM card reader (PCSC) and HSDPA
modem
Memory for Internet Everywhere software Memory for Internet
Everywhere software
![Page 8: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/8.jpg)
8
Sagem Orga – CTST – New Orleans, May 2009
Role of the SIM in our solution
Store certificates
- At registration step the SIM applet will receive and store the WEB service certificate
Authentication
-Exchange user credential With scurity provider to Operate the mutual authentication
Set up secure session
-An HTTPS or SSL sessionIs set up by the SIM card
Transfer session keys
-The session key and encryption keys are Transmitted to proxy
Service
-The SIM contains a payment application used for the e-transaction
![Page 9: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/9.jpg)
9
Sagem Orga – CTST – New Orleans, May 2009
Solution architecture: case 1, TLS Tandem
Mobile Operator Internet
WEB Service4 – Set up secured connection
2 – Access request to WEB service
1 – Create a TLS Tandem account
3 – Check service access rights
![Page 10: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/10.jpg)
10
Sagem Orga – CTST – New Orleans, May 2009
Solution architecture: case 2, Open ID
Mobile Operator
Security Provider
Internet
WEB Service
3 – Check service access rights
2 – Re-routing to security provider
Certificate check
4 – Set up secured connection
1 – Access request to WEB service
1 – Create Open ID account
![Page 11: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/11.jpg)
11
Sagem Orga – CTST – New Orleans, May 2009
User experience
Secure SSL session
![Page 12: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/12.jpg)
12
Sagem Orga – CTST – New Orleans, May 2009
2 Access to a partner web store
PartnerWEB
service
3 « One click »payment
Cash back
4
1Connect token and log to my MNO portal
Business model
![Page 13: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/13.jpg)
13
Sagem Orga – CTST – New Orleans, May 2009
Benefits
The end user
The MNO
Simplify and protect its life on InternetNo more need for login & password Phishing killer solution
Technical
A unique and secure place to deploy the solution to ensure more security: every single byte flowing out of the SIM card is encryptedSpyware are blind, the computer is just a « plug » Authentication & Encryption algorythms are entirely computed in the SIM CardCompatible with existing infrastructure and standards
Become an Internet security provider – Open ID providerSecure usage of it WEB servicesTrace usage of WEB services for better billingIncrease usage of WEB services
![Page 14: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/14.jpg)
14
Sagem Orga – CTST – New Orleans, May 2009
Our messageLet’s make the SIM card a secure token to provide more security to WEB
services
Our solution
TLS Tandem enables the SIM to play the role of secure token for WEB services.
2 main use cases for the mobile operator:1- Tls tandem: to secure access to its own set of WEB services reserved to MNO
subscribers
2- Open ID: to become an Open ID security provider for all the Internet re-inforcing security thanks to the SIM card
Conclusion
![Page 15: Blanchard, Francios D22 SIMcard and Secure Memory Card...8 Sagem Orga – CTST – New Orleans, May 2009 Role of the SIM in our solution Store certificates - At registration step the](https://reader033.fdocuments.us/reader033/viewer/2022060523/60521e28be1fc60c1c71d764/html5/thumbnails/15.jpg)
Sagem OrgaStrong, Global, Innovative.