PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

GlobalPlatform Expands Root of Trust Requirements and Definitions for IoT and Connected Computing

By PaymentsJournal
November 16, 2016
in Press Releases
0
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

Press Releases - Office Folder on Background of Working Table with Stationery, Glasses, Reports. Business Concept on Blurred Background. Toned Image.

Industry bodydetails how to establish a Root of Trust using secure components to ensuresecure mobile service delivery

November, 16 2016 – GlobalPlatformhas published Root of Trust Definitions and Requirementsto enable original equipment manufacturers (OEMs) and service providers(SPs) to create, implement and use a Root of Trust to protect their devices andservices.

The document provides a detailed technicalframework, explaining how GlobalPlatform technology implements two key conceptsthat are integral to securing the delivery of digital services, regardless ofsector:

Rootof Trust (RoT) – A computing engine and its code, data and keys that is assmall as possible and offers secure services to other code (like the operatingsystem and applications) hosted in a device. GlobalPlatform Trusted ExecutionEnvironments and Secure Elements already fulfill this function in billions ofconnected devices like smartphones, set-top-boxes and internet of things (IoT)devices.

Chainof Trust – The ability to bind a service to one or more RoTs to offervalue added services.

Representatives from the IoT and connectedcomputing industries have worked with GlobalPlatform to develop the technicaldocument as the number and sensitivity of services available through connecteddevices is growing rapidly.

“Until now, GlobalPlatform securecomponents have not been presented as meeting RoT requirements, but thefunctionality has always been present,” comments Gil Bernabeu, TechnicalDirector of GlobalPlatform. “This means that device makers and SPs have beenunable to use GlobalPlatform SEs or TEEs as a security baseline for RoTservices. For the first time, this document outlines how to use GlobalPlatformtechnology to create RoTs that answer the latest needs of increasingly complexmarkets and address the presence of numerous stakeholders and devices.

“RoT is an important securityconcept, but the real value for SPs and OEMs lies in the establishment ofChains of Trust to securely connect services with secure components and/or thedevice RoT. As billions of devices are being connected to one another thesecurity services offered by secure components are essential to facilitate theprotection of information and devices from malicious attacks, and brands fromirreparable damage in the wake of hacking.”

Several extensions to thefunctionality of RoTs are included in the requirements document. Firstly,GlobalPlatform supports the process to securely transfer the ownership of asecure component in a multi-stakeholder environment. This is required when aSecure Element manufacturer passes administration ownership of the component toa device manufacturer or car manufacturer, for example. Additionally, with morethan one secure component now present in many devices, the combination ofmultiple ROTs has also been defined.

The document – Root of TrustDefinitions and Requirements – is available to download now.

Interested to follow or get involved withGlobalPlatform’s RoT and Chain of Trust activity? Check out the website.

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    Protecting Corporate Financial Data with API Security, banking APIs, APIs Nacha Accenture, Bank of America APIs

    Monetizing the Data Ecosystem

    May 23, 2025
    Generative AI Supporting Supply Chains with Cloud Computing

    Why Decentralized Computing Models Are Gaining Momentum

    May 22, 2025
    gift card programs

    The Gift Card Boom—and What’s Driving It

    May 21, 2025
    Fleet Management payments

    Driving Into Digital: How Modernized Payments Platforms Impact Fleet Management

    May 20, 2025
    emerging payment trends

    From the Name on the Cup to Custom Hotel Lighting: The Future of Loyalty Programs

    May 19, 2025
    push notification bank

    From Bland to Beneficial: Using Push Notifications to Reach Business Customers

    May 16, 2025
    recurring payments, PCI Compliance for small business, Fintech for Underserved Small Businesses

    Tariffs May Create an Opportunity in Small-Business Cards

    May 15, 2025
    Using the Card “Beyond” Payments to find the Holy Grail

    Using the Card “Beyond” Payments to find the Holy Grail

    May 14, 2025

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2024 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result