GlobalPlatform, the standard for secure digital services and devices, publishes a configuration that simplifies the implementation of Secure Element (SE) specifications for the protection of internet of things (IoT) devices.
“At the moment some of the IoT sector are not taking security seriously enough,” explains Gil Bernabeu, Technical Director, GlobalPlatform. “Recent attacks demonstrate that any device can be attacked or infected with malware. Devices can then be used for DDoS attacks or to mine end user data, or even exploited to share their source code and other intellectual property. All of this can have significant reputational and financial impact on brands. This is why security needs to be foundational, considered at the start of the design phase.”
Secure digital services
The GlobalPlatform Compact IoT Configuration v1.0 answers IoT-specific market requirements by giving service providers and device manufacturers the means to interact seamlessly when deploying secure digital services across constrained IoT devices. The use of standardised secure components makes the mass marketing of secure digital services possible, while bringing time and cost efficiencies to stakeholders within the ecosystem and enabling new business models. SEs can form the keystone for constrained IoT devices - balancing the flexibility of GlobalPlatform specifications, that cover a range of connectivity options including LoRaWAN and HTTPS, with the restrictions of low-end IoT devices using m-class processors.
The configuration supports root of trust (RoT) device identity, the protection of critical assets, state-of-the-art AES cryptography for device management
This entry-level configuration enables manufacturers to identify the best solution for devices with limited operating environments by providing the subset of specifications that they need to develop and deploy IoT devices and services. The configuration supports root of trust (RoT) device identity, the protection of critical assets, state-of-the-art AES cryptography for device management and authentication, allowing automatic enrolment to online cloud services.
Publish new interfaces
100% of SEs embedded in mobile devices are GlobalPlatform compliant. This shows that the SE configuration is perfectly fit-for-purpose for the mobile world, and GlobalPlatform expects the Compact IoT Configuration to achieve similar market penetration.
“The next step for GlobalPlatform is to publish new interfaces that connect the SE to the rest of the platform and support the latest industry protocols” Gil continues. “This, along with a new standard for connecting embedded SEs to the device bus, will further enhance the integration of SEs into IoT devices and bring greater protection for services and IP.”