reaching ubiquity through i nvisibility
play

Reaching Ubiquity through I nvisibility Eric Vtillard Chief - PowerPoint PPT Presentation

Sep 27, 2023 •285 likes •741 views

Reaching Ubiquity through I nvisibility Eric Vtillard Chief Architect Trusted Logic w w w . t r u s t e d - l o g i c . f r Cassis04 Marseille March 2004 Ubiquity Ubiquity, n. The state of being everywhere at once. I

  1. Reaching Ubiquity through I nvisibility Eric Vétillard Chief Architect Trusted Logic w w w . t r u s t e d - l o g i c . f r Cassis’04 – Marseille – March 2004

  2. Ubiquity • Ubiquity, n. The state of being everywhere at once.

  3. I nvisibility • Invisibility, n. The quality of not being perceivable by the eye.

  4. Levels of I nvisibility • First degree � Visible � Invisible • Second degree � Visible � Invisible • Many other things are invisible here � TL Logos, Windows, … � The eye sees them, but not the brain

  5. Ubiquity • What is everywhere is invisible � Ubiquitous computing � Pervasive computing • a.k.a. “Commodity”

  6. Ubiquity of Smart Cards • For the end user � Using a smart card • For the IT architect � Accessing a smart card • For the developer � Programming a smart card

  7. Smart Cards ? The debate we won’t have • Pros � Tamper-resistant hardware � Closely associated to a person • Cons � Not better than a server in a connected world � Does not greatly simplify the infrastructure

  8. Hypotheses • Smart cards are useful � They can securely hold personal information � They are an interesting element in a security infrastructure • Security is a concern � Fair hypothesis since 9/11

  9. For the end-user

  10. Anecdotes • 1997, JavaOne keynote by Scott McNealy � Positive: Smart cards are mentioned � Negative: Scott mentions “swiping” a smart card • 2003, Java Card Forum meeting, Brighton, England � Positive: There is a smart card terminal � Negative: My French banking card does not work

  11. Breakthroughs • Contactless transit cards � No need to get the card out of the wallet � Use is very natural • SIM cards � We never think about them … � … except when reading « SIM is not ready » • Both are invisible

  12. Not so good • Use of banking cards in France � At the end of the counter � Efficient and secure (PIN is protected) � Inconsistent with current security rules � The clerk should check the hologram � No physical security is possible • Debate about “Smart Tags” in the U.S. � Only bad use cases for the end-user � Strong privacy concerns � Invisibility is not always good for the end-user

  13. On the Right Track • Appropriate technologies exist today � Portable/simple card readers � Contactless cards • The technology is well accepted � Use standard patterns � Simple is beautiful • It is simply a question of time � Technology needs to be deployed � It also needs to be well integrated

  14. For the I T architect

  15. The infamous APDU • A bad, old-style, serial protocol … � Very slow half-duplex protocol � Only 256 bytes at a time � Not even deadlock proof • … is the first thing you hear about � Most tutorials and APIs are a nightmare • APDU’s are far too visible

  16. APDU’s are not that bad • This is a very slow protocol � Cards are not fast • This is a low-level protocol � So is TCP • The card must be the slave � But SIM Toolkit was built on top of it

  17. High-level protocols exist • The application model has evolved � First with Java Card itself � Java Card 2.2 includes RMI � Experiments have been made with Jini • But no application uses them …

  18. Specs are the problem • Most of today’s applications are old-fashioned � Exchanging standard APDU’s � Based on a card file system (GSM/3G, EMV) • New architectures don’t get to the specs � So card (and APDU’s) remain highly visible � Nobody wants to deal with them

  19. Traditional applications ? • Backward compatibility issue � Terminals are strongly linked to cards � Terminals are late compared to cards � STIP remains confidential � MIDP is just starting its deployment � French EMV cards need to support B0’ • The migration will be extremely slow � JCRMI is a difficult protocol for terminals � The change is too costly

  20. New designs for new applications • There are good news on cards … � DoD makes extensive use of sharing � They even have defined plug-in applets • … and on terminals � JSR177 gives a way to access cards � They have selected JCRMI as one of the protocols � They also make extensive use of PKCS# 15 / WIM • The card becomes invisible

  21. The security issue • Smart cards are used for security � To protect some assets � To provide guarantees (authentication, …) • Security is difficult to assess � Smart card security is not simple � System security is much harder

  22. Building a secure system + + + Nothing really exists in that field about smart cards

  23. More invisibility • Security is a key factor � Some data needs to be protected � Operations need to be performed on this data • Splitting applications automatically sounds good � Even extremely good on mobile phones • Application management is the next issue � How to increase the trust ?

  24. For the developer

  25. The Java Card promise • Millions of Java programmers � Smart card application architecture is specific � Secure programming remains difficult • Thousands of new applications � Developers don’t make applications � Issuers make applications

  26. We did it ! • Thousands of SIM Toolkit applications � Most likely at least one on your mobile � You don’t even know you have a Java Card • The number of developers did not follow � Card manufacturers still dominate the market � Even they do not always master card programming

  27. How to get there ? • Education � Teaching more about security � Smart cards are ideal test cases • Rationalization � Definition of a process • Certification � Making sure applications are right • Automation � Generating the applications right

  28. Education • Computer security is not much taught � There are specific programs � Other programs are not very good • The basics are missing � Security is not a reflex � Students are not aware of security issues … � … or they have bad principles

  29. Security 101 • The basic principles � From assets and attacks to risks and countermeasures � Identity, authentication, authorization and other tools • Application to computers � Protecting data and code � A plentiful of use cases • Practical case: A smart card application � Ideal kind of application: simple and secure � Easily leads to an extension to a system

  30. Defining a process • This sounds quite simple � Defining some good principles � Making sure that they are applied • Reality check …

  31. A Development Cycle Specification Card Issuer Application Developer Applet Applet ok Applet ok Acceptance Development Process Process

  32. Enhancing the Process Interop Developer Java and Handbook Smart Card Security of Card App. Guides Rules Defined by the issuer Applied by the providers

  33. Enhancing the Process Interop Developer Java Automated and Handbook Smart Card Bytecode Security of Card App. Inspection Guides Rules Applied by the Issuer Checks the application of guides

  34. Writing the Guides � Gather information � Define the target environment � Perform a risk analysis � Split the responsibility � Some duties for the card provider � Some duties for the developer � Consolidate the guides � Define detailed rules for developers

  35. Example: Sharing in SI M Toolkit The Issue Basic Requirement No sharing is possible Contradiction! Practical Constraint The SIM Toolkit API This can be addressed uses sharing This can be addressed by defining more precise by defining more precise development guidelines development guidelines

  36. Example: Sharing in SI M Toolkit The Basic Guidelines Two guidelines: Two guidelines: • Applications can only share objects with the GSM application • Applications can only share objects with the GSM application • Applications can only use objects shared by the GSM application • Applications can only use objects shared by the GSM application Security policy is merged with the context constraints

  37. Example: Sharing in SI M Toolkit Development / Validation Rules Share objects with the GSM application: Share objects with the GSM application: • Only applets can implement ToolkitInterface • Only applets can implement ToolkitInterface • Only applets can be returned as shared objects • Only applets can be returned as shared objects • Before sharing, check the AID of the GSM application • Before sharing, check the AID of the GSM application Use objects shared by the GSM application: Use objects shared by the GSM application: • Applet should not use getAppletShareableInterfaceObject • Applet should not use getAppletShareableInterfaceObject • Only the SIMView shareable interface can be used • Only the SIMView shareable interface can be used Rules are directly applicable by developers

  38. Putting it I nto Practice I ssuer Developer Defines Writes Specs requirements application CAP File I ssues Provisioning Tester CAP CAP Checks Validates File File application application ok ok

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

How to Explain Ubiquity of Derivation of the CES . . . Constant Elasticity of Groups and Abelian

How to Explain Ubiquity of Derivation of the CES . . . Constant Elasticity of Groups and Abelian

CES Production . . . How This Ubiquity Is . . . Second Requirement Main Idea Behind a . . . How to Explain Ubiquity of Derivation of the CES . . . Constant Elasticity of Groups and Abelian . . . Discussion Substitution (CES) Let Us Use

606 views • 21 slides
REACHING OUT On Missions REACHING OUT On Missions Agenda 1. Overview on Missions/Community

REACHING OUT On Missions REACHING OUT On Missions Agenda 1. Overview on Missions/Community

REACHING OUT On Missions REACHING OUT On Missions Agenda 1. Overview on Missions/Community Engagement Model 2. Practical Next steps (forming teams / defining our missional plan / engagement strategy / research: ethnic groups,

486 views • 19 slides
reaching for policy and practice for net positive energy in the built environment reaching for

reaching for policy and practice for net positive energy in the built environment reaching for

Southwest Michigan Sustainable Business Forum and U.S. Green Building Council West Michigan Chapter present reaching for policy and practice for net positive energy in the built environment reaching for Mission Zero House Presented by:

244 views • 7 slides
REACHING A CULTURE REACHING A CULTURE THAT HAS THAT HAS ABANDONED SCRIPTURE ABANDONED

REACHING A CULTURE REACHING A CULTURE THAT HAS THAT HAS ABANDONED SCRIPTURE ABANDONED

REACHING A CULTURE REACHING A CULTURE THAT HAS THAT HAS ABANDONED SCRIPTURE ABANDONED SCRIPTURE Acts 17:16-34 IDOLATR IDOLATRY at ATHE Y at ATHE NS S 1. Introduction - Context 2. Inquiries of Intellectuals 17:16-21 a. Initiative of

1.02k views • 39 slides
Big picture context: Technology democratization Ubiquity of 3D imaging (CT, MR, )

Big picture context: Technology democratization Ubiquity of 3D imaging (CT, MR, )

The Modern CAD/CAM Workflow: Scan, Design, Edit, Analyze, and Fabricate Without Triangles Duane Storti Mechanical Engineering University of Washington Seattle, WA Big picture context: Technology democratization Ubiquity of 3D imaging

433 views • 28 slides
Reaching Definitions Global Opt: Reaching Definitions Concept of definition and use Using

Reaching Definitions Global Opt: Reaching Definitions Concept of definition and use Using

Reaching Definitions Global Opt: Reaching Definitions Concept of definition and use Using Program Analysis a=x+y for Optimization is a definition of a. is a use of x and y. A definition reaches a use if value written Advanced

379 views • 5 slides
LECTURE 7: when they are self interested? In an extreme case (zero sum Reaching Agreements

LECTURE 7: when they are self interested? In an extreme case (zero sum Reaching Agreements

Reaching Agreements How do agents reaching agreements LECTURE 7: when they are self interested? In an extreme case (zero sum Reaching Agreements encounter) no agreement is possible but in most scenarios, there is potential for

526 views • 13 slides
ubiquity: designing a multilingual natural language interface mitcho Michael Yoshitaka Erlewine

ubiquity: designing a multilingual natural language interface mitcho Michael Yoshitaka Erlewine

ubiquity: designing a multilingual natural language interface mitcho Michael Yoshitaka Erlewine 2009 SIGIR Workshop on Information Access in a Multilingual World Boston, July 23rd, 2009 ubiquity: designing a multilingual natural language

868 views • 86 slides
LECTURE 1: ubiquity ; INTRODUCTION interconnection ; intelligence ; delegation ;

LECTURE 1: ubiquity ; INTRODUCTION interconnection ; intelligence ; delegation ;

Overview Five ongoing trends have marked the history of computing: LECTURE 1: ubiquity ; INTRODUCTION interconnection ; intelligence ; delegation ; and Multiagent Systems human-orientation Based on An Introduction to

196 views • 6 slides
formal futures ubiquity and physicality From Formalism to Physicality, Alan Dix,

formal futures ubiquity and physicality From Formalism to Physicality, Alan Dix,

formal futures ubiquity and physicality From Formalism to Physicality, Alan Dix, UPC North, 30 April 2008 changing nature of the interface ubiquitous computing computers everywhere! many simple systems + complex

421 views • 13 slides
Reaching as many viewers as possible using only libre video technologies. Reaching as

Reaching as many viewers as possible using only libre video technologies. Reaching as

How Libre can you go? Reaching as many viewers as possible using only libre video technologies. Phil Cluff, February 2019 Reaching as many viewers as possible using only libre video technologies. Reaching as many web viewers as

651 views • 39 slides
MEF An Increasingly Connected Future 1 Connectivity. Ubiquity All the time Fast

MEF An Increasingly Connected Future 1 Connectivity. Ubiquity All the time Fast

MEF An Increasingly Connected Future 1 Connectivity. Ubiquity All the time Fast On every device 2 Somewhere Else. Storage Power consumption Maintenance 3 In Other Words.. Global Ethernet LAN IT

296 views • 6 slides
On the ubiquity of modular forms and Ap ery-like numbers Algorithmic Combinatorics Seminar

On the ubiquity of modular forms and Ap ery-like numbers Algorithmic Combinatorics Seminar

On the ubiquity of modular forms and Ap ery-like numbers Algorithmic Combinatorics Seminar RISC (Johannes Kepler University, Linz, Austria) Armin Straub October 9, 2013 University of Illinois & Max-Planck-Institut at

1.36k views • 93 slides
Transforming Nyrstar Port Pirie: reaching a pivotal milestone reaching a pivotal milestone

Transforming Nyrstar Port Pirie: reaching a pivotal milestone reaching a pivotal milestone

16 MAY 2014 Change pictures to MP Nyrstar proceeds with Port Pirie Redevelopment: Transforming Nyrstar Port Pirie: reaching a pivotal milestone reaching a pivotal milestone Important Notice This presentation has been prepared by the

339 views • 17 slides
The ubiquity of modal types David Corfield SYCO1 20 September, 2018 David Corfield (SYCO1) The

The ubiquity of modal types David Corfield SYCO1 20 September, 2018 David Corfield (SYCO1) The

The ubiquity of modal types David Corfield SYCO1 20 September, 2018 David Corfield (SYCO1) The ubiquity of modal types 20 September, 2018 1 / 30 A common phenomenon Philosophers will think about a family of concepts and try to theorize and

1.1k views • 57 slides
Reaching the unreached who cannot read By Johan Grobler Johan@MegaVoice.co.za Reaching the

Reaching the unreached who cannot read By Johan Grobler Johan@MegaVoice.co.za Reaching the

Reaching the unreached who cannot read By Johan Grobler Johan@MegaVoice.co.za Reaching the unreached who cannot read Missions Fest Pretoria 2014 Saturday 6 September 2014, 12h00-13h00 By Johan Grobler Johan@MegaVoice.co.za Agenda

814 views • 43 slides
Modeling Portfolios that Contain Risky Assets II: Efficient Frontiers for Various Models C. David

Modeling Portfolios that Contain Risky Assets II: Efficient Frontiers for Various Models C. David

Modeling Portfolios that Contain Risky Assets II: Efficient Frontiers for Various Models C. David Levermore University of Maryland, College Park ICERM Lecture, 16 November 2011 Extracted from Math 420: Mathematical Modeling 2011 Charles

778 views • 57 slides
As far as the Gospel is concerned, they are enemies for your sake; but as far as election is

As far as the Gospel is concerned, they are enemies for your sake; but as far as election is

As far as the Gospel is concerned, they are enemies for your sake; but as far as election is concerned, they are loved on account of the patriarchs, ROMANS 11:28 for Gods gifts and His call are irrevocable. ROMANS 11:29 Just as you who

754 views • 34 slides
Webinar on New Market Tax Credits February 24, 2011 Presented by Brian Keenan, Director &

Webinar on New Market Tax Credits February 24, 2011 Presented by Brian Keenan, Director &

Webinar on New Market Tax Credits February 24, 2011 Presented by Brian Keenan, Director & President at READS READS New Market Tax Credit Webinar: March 24, 2011: www.readsusa.org Housekeeping Mute your phone, please. If you have

458 views • 18 slides
Tax Credit Basics Tax credits provide a dollar for dollar offset to a taxpayers tax

Tax Credit Basics Tax credits provide a dollar for dollar offset to a taxpayers tax

Tax Credit Basics Tax credits provide a dollar for dollar offset to a taxpayers tax liability A $100 tax credit reduces taxes by $100; thus a $1 of tax credit today is worth $1 to an investor Tax credit calculations include:

390 views • 6 slides
WELCOME TO PHASE ONE OF ALLENTOWN 2030, OUR CITYS COMPREHENSIVE PLAN! TELL US WHAT YOU

WELCOME TO PHASE ONE OF ALLENTOWN 2030, OUR CITYS COMPREHENSIVE PLAN! TELL US WHAT YOU

WELCOME TO PHASE ONE OF ALLENTOWN 2030, OUR CITYS COMPREHENSIVE PLAN! TELL US WHAT YOU THINK! YOU THINK! LETS IMAGINE OUR FUTURE TOGETHER! WELCOME! At our first meeting on 13 November 2018, we were welcomed by: Reverend Charles

1.47k views • 122 slides
Teaching Code Arthur Carabott April 2015 @acarabott arthurcarabott.com My Teaching Code

Teaching Code Arthur Carabott April 2015 @acarabott arthurcarabott.com My Teaching Code

Teaching Code Arthur Carabott April 2015 @acarabott arthurcarabott.com My Teaching Code Code+Music Music Why teach? What to teach Am I wrong? Why teach? The whole art of teaching is only the art of awakening the natural

669 views • 52 slides
Webinar 31 July 2014 1 Webinar Cara Blockley Low Carbon Projects Manager 2 Webinar format

Webinar 31 July 2014 1 Webinar Cara Blockley Low Carbon Projects Manager 2 Webinar format

Webinar 31 July 2014 1 Webinar Cara Blockley Low Carbon Projects Manager 2 Webinar format 10 minutes 30 minutes presentation questions & answers Submit written questions online during the webinar 3 Agenda Introduction Technology

679 views • 27 slides
Cryptographic Enforcement of Segregation of Duty ,

Cryptographic Enforcement of Segregation of Duty ,

Cryptographic Enforcement of Segregation of Duty , old russian proverb rely yet verify 17.11.2015 thomas maus DeepSec 2015 Thomas Maus thomas.maus alumni.uni-karlsruhe.de

750 views • 38 slides

More recommend