Data Security Issues in the Cellular Revolution- Discretix View - PowerPoint PPT Presentation

1 / 40

About This Presentation

Title:

Data Security Issues in the Cellular Revolution- Discretix View

Description:

Masafumi Matsumoto, Group GM, Sharp Corporation. It's time for Security! ... Certified. Implemented in multiple environments. 39. Picture 9. Vietnam Sapa. 40 ... – PowerPoint PPT presentation

Number of Views:48

Avg rating:3.0/5.0

Slides: 41

Provided by: csePr

Category:

more less

Transcript and Presenter's Notes

Title: Data Security Issues in the Cellular Revolution- Discretix View

1
Data Security Issues in the Cellular Revolution-
Discretix View

July 6th, 2005
Aharon Aharon - Chairman of the Board

2
Agenda

Corporate overview
Product offering
Market trends and strategy
Summary

3
Objectives

Cellular data security whats all about
Get familiar with the buzzwords
Understand possible solutions and their
complexity
Check your travel habits
Have some fun

4
Belize a former British Colony, Central America
Similar size to Israel, 270,000 people Jungles,
Rain Forests, Beaches, Islands

Picture 1

5
Discretix at a Glance

US Headquarters Fully-owned subsidiary in
Israel
Focus on robust security in low resource
environments
Strongly financed by tier-one VCs

Founded 2000
ProductPortfolio

Secure Mobile and Secure Flash
Hardware, Firmware, Infrastructure Software,
Device Toolkits
Built upon strong intellectual property (15
patents)

6
Discretix Traction
Baseband Application Processor / Flash
Customers
Partners
SecuritySpecialist
7
Discretix Customers Worldwide Devices
Penetration (handsets and flash cards)

Application Processor
SonyEricssonSmartphones soldglobally

Baseband (2G,2.5G, 3G)
50 of Samsungmobile (GSM)
China, Korea andEurope OEMs

Embeddedmemeory
40 of globalembedded flashmarket

Baseband(GSM, EDGE,WCDMA)
Sold globally(Sony EricssonSharp,
TLC,Amoi,Bellwave, Flextronics,HTC, Lite-On)

ApplicationProcessor andBaseband
50 of Samsungmobile (GSM)
European andAsian OEMs

Application Processorand Baseband
Japan dominance(50 of NTT DoCoMoFOMA, strong
in PDC)
Very strong in Asia
Tier-one Europeand US OEMs

Flash storage cardssold globally
All cards formFactors
Used by key OEMsand retail stores(handsetmanufa
cturers,carriers. SIs)

In 2006 over 33 of handsets will include
Discretix inside
8

Guatemala Tikal

Picture 2

9
Growing Threats
Handset malfunctioning
Malicious messaging(SMS/MMS/Java)
Theft and Fraud
Viruses
Bluesnarfing
Denial of Service
Spam

Costly consequences
Handset replacements
Device downtime airtime lost
Legal settlements

Network malfunctioning
10
Its time for Security!

Security is an essential building blockfor any
application
Enables revenue generating applications
Prevents revenue leakage
Safeguards against attacks
Reduces operational expenses

We chose the EMP U100 platform for it's
security, and small size. Masafumi Matsumoto,
Group GM, Sharp Corporation
11

Barcelona - Gaudi

Picture 3

12
Mobile Client Security Needs
Digital RightsManagement(DRM)
FirmwareOver The AirUpdate
Phone SIM LockProtection
Device Security
DeviceManagement
Commerce Payment
Firewall,VPN
EnterprisesMobility
Anti-Virus Anti-Spam
13
Standards Committees Mapping
Carriers
DRM
Applications Schemes
Industry Bodies
Device Mgmt
Industry Bodies
CMLA Warner Brothers, mm02, Intel, Nokia,
Matsushita, Samsung, Real Networks
DRM
Commerce/Banking
Vodafone Orange, TelefonicaT-Mobile
Hardware
14

Costa Rica - Arenal

Picture 4

15
DRM Market Projections

Schemes
Current OMA
Emerging Windows Media, CPRM
Future DVB-H/T, FairPlay
Digital Tech Consulting (DTC)
Some 300 Million Mobile DRM Phones Will Ship in
09, license revenues from DRM technologies will
likely surpass 500 million by 2009.
Juniper Research projections for 2009
Mobile music market 9.3B
Mobile gaming market 19.3B
Mobile Video market - 5B

16
Phone (IMEI) SIM Lock Protection

Vodafone (Tim Wright)
Vodafone Group is loosing Euro 150m per year due
to device theft problems. Most OEMs fail to
implement robust security.
Vodafone formal requirements
Device shall support reprogramming protection,
SIM Lock and IMEI protection that are of
equivalent strength to that provided by
appropriate use of hardware security modules.

17
Simple IMEI and SimLock Crack
18
Commerce Payment

Mobile phone based services are rapidly expanding
Phone embedded security provides smart card
equivalent security at a lower cost
Contactless technology driven
Leading services
Felica (Japan)
E-commerce, Transportation, ID authentication
Moneta (Korea)
E-commerce, e-money, m-Banking
paypass (US)
E-commerce

19
Anti-Virus

The problem is growing faster than expected
Known viruses to date
Symbian Cabir, Skulls, Metal Gear, SEXXXY.sis,
Gavno.a
WinCE Duts.A, Brador
Palm source Phage.Dropper

20
Device Management

From OMA DM Specification
Every session MUST employ robust end-to-end
security between the client and the DM server,
including mutual authentication and data
encryption, either by using an adequate transport
layer mechanism or by implementing application
level security.
Provisioning, storage and maintenance of the
credentials on servers and on devices SHALL be
done securely.
OTAFF priorities
Maintaining Mobile Device Integrity
FOTA Security

Costa Rica - Arenal

Picture 5

22
Security Stakeholders
23
Operators Security Requirements
OMA DRM music service
OMA DRM music pilots
Phone theft protection
Over The Air updates
Mobile commerce
IPSec for VoIP
Security cannot be added as a magic dust it
must be part of the phone infrastructure
24
Possible Security Solutions

Client security can be
Software only
Combined software and hardware

Don't trust magic security words like "256-bit
AES. The devil is in the details, and it's easy
to screw up security. Bruce Schneier, Oct 04
25
Device Security Trends
26
Why Hardware-based Security

Extremely hard to create Root of Trust in
software
Real key protection can be done only in hardware
Software countermeasures have limited
capabilities
Software hacks are easily distributed
Protect the device most vulnerable assets the
firmware and its credential (keys)

Security

User experience is key
Off loads CPU and Bus to handle applications
Improves power consumption
Software overhead cannot enable robust and
secure boot verifications

Resources Performance
27

Athens Acropolis

Picture 6

28
CryptoCell Modular Configuration
SecureStorage
DeviceMgmt.
DRMAgent
IMEI SIM LockProtection
IPSec(VPN)
Java STIPSecurity
SecureBoot
Security Middleware Layer - CRYS Firmware
Hardware Crypto Engines
Software Crypto Engines
Root of Trust Secret CryptoKey, RNG, Secure Boot
29
CryptoCell Security Building Blocks
DeviceToolkits
SecureStorage
IMEI SIM LockProtection
Device Management
Middleware
SSL / TLSWTLS
WIMToken
CertificateHandling
IPsec(VPN)
KeyManagement
CRYS API
PKCS 11
Symbian CryptAlg
MS CAPI
OpenSSL
Countermeasures
OS Abstraction Layer
Context Management and Input Alignment
Hardware Abstraction Layer
HW Blocks
PKI Engine RSA, ECC, DSS, DH
Symmetric Engine3DES, AES, RC4, C2
Hash Engine SHA-1/2, MD5, HMAC
DigitalRNG
Secret CryptoKey
Integrity Validation
AttackResistant
30

Rome Coliseum

Picture 7

31
Market Trends Strategy
32
Handset Sales

684M handsets sold in 2004
Increase of about 30 from 2003
Strong replacement sales inmature markets
Rapid uptake in emerging markets
Motorola, Sony-Ericsson LG increased market
share atthe expense of Nokia, Siemens and
Samsung
Chinese, Taiwanese OEMs, ODMs

33
Handsets and Memory Trends

Handsets are driving growth in removable and
embedded memory
Over 60 of the phones sold in Europe by 2008
will have a slot for a memory expansion card
By 2008 typical 3G phone will have 128MB of
embedded storage, typical 2.5G phone - 64MB
More than 10 of handsets will include HDDs of
4GB (sub 1.8)
Most handsets will support multiple DRM systems
for music, video and other content