PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

GlobalPlatform Expands Root of Trust Requirements and Definitions for IoT and Connected Computing

PaymentsJournal by PaymentsJournal
November 16, 2016
in Press Releases
0

Press Releases - Office Folder on Background of Working Table with Stationery, Glasses, Reports. Business Concept on Blurred Background. Toned Image.

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

Industry bodydetails how to establish a Root of Trust using secure components to ensuresecure mobile service delivery

November, 16 2016 – GlobalPlatformhas published Root of Trust Definitions and Requirementsto enable original equipment manufacturers (OEMs) and service providers(SPs) to create, implement and use a Root of Trust to protect their devices andservices.

The document provides a detailed technicalframework, explaining how GlobalPlatform technology implements two key conceptsthat are integral to securing the delivery of digital services, regardless ofsector:

Rootof Trust (RoT) – A computing engine and its code, data and keys that is assmall as possible and offers secure services to other code (like the operatingsystem and applications) hosted in a device. GlobalPlatform Trusted ExecutionEnvironments and Secure Elements already fulfill this function in billions ofconnected devices like smartphones, set-top-boxes and internet of things (IoT)devices.

Chainof Trust – The ability to bind a service to one or more RoTs to offervalue added services.

Representatives from the IoT and connectedcomputing industries have worked with GlobalPlatform to develop the technicaldocument as the number and sensitivity of services available through connecteddevices is growing rapidly.

“Until now, GlobalPlatform securecomponents have not been presented as meeting RoT requirements, but thefunctionality has always been present,” comments Gil Bernabeu, TechnicalDirector of GlobalPlatform. “This means that device makers and SPs have beenunable to use GlobalPlatform SEs or TEEs as a security baseline for RoTservices. For the first time, this document outlines how to use GlobalPlatformtechnology to create RoTs that answer the latest needs of increasingly complexmarkets and address the presence of numerous stakeholders and devices.

“RoT is an important securityconcept, but the real value for SPs and OEMs lies in the establishment ofChains of Trust to securely connect services with secure components and/or thedevice RoT. As billions of devices are being connected to one another thesecurity services offered by secure components are essential to facilitate theprotection of information and devices from malicious attacks, and brands fromirreparable damage in the wake of hacking.”

Several extensions to thefunctionality of RoTs are included in the requirements document. Firstly,GlobalPlatform supports the process to securely transfer the ownership of asecure component in a multi-stakeholder environment. This is required when aSecure Element manufacturer passes administration ownership of the component toa device manufacturer or car manufacturer, for example. Additionally, with morethan one secure component now present in many devices, the combination ofmultiple ROTs has also been defined.

The document – Root of TrustDefinitions and Requirements – is available to download now.

Interested to follow or get involved withGlobalPlatform’s RoT and Chain of Trust activity? Check out the website.

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Mercator Advisory Group analysts and industry professionals.

    Must Reads

    commercial payments

    Optimizing Commercial Payments in the Digital Age

    March 21, 2023
    cross-border payments

    Cross-Border Payments: Fighting
    E-Commerce Fraud Using Data

    March 20, 2023
    fraud, ChatGPT-4

    How to Fight Fraud While Still Enabling a Great Online Customer Experience

    March 17, 2023
    RTP

    Financial Institutions Without an RTP Strategy Risk Being Left Behind

    March 16, 2023
    visa chargeback

    New Visa Chargeback Guidelines Will Be a Game Changer

    March 15, 2023
    liquidity management

    Liquidity Management Takes on Increasing Importance in Uncertain Economic Times

    March 14, 2023
    payments

    Key Challenges from Growing Payment Methods and Volume

    March 13, 2023
    Data Governance is a Journey, financial data

    How FIs Can Power Their Operations with a Modern Data Architecture

    March 10, 2023

    Linkedin-in Twitter

    Advertise With Us | About Us | Terms of Use | Privacy Policy | Subscribe
    ©2023 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    Menu
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • Recent News
    • Resources
    Menu
    • Industry Opinions
    • Recent News
    • Resources
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result

      Register to download the Autorek complimentary report: Payments Industry Outlook 2023: