Download PDF version Contact company

GlobalPlatform, the standard for secure digital services and devices, publishes a configuration that simplifies the implementation of Secure Element (SE) specifications for the protection of internet of things (IoT) devices.

At the moment some of the IoT sector are not taking security seriously enough,” explains Gil Bernabeu, Technical Director, GlobalPlatform. “Recent attacks demonstrate that any device can be attacked or infected with malware. Devices can then be used for DDoS attacks or to mine end user data, or even exploited to share their source code and other intellectual property. All of this can have significant reputational and financial impact on brands. This is why security needs to be foundational, considered at the start of the design phase.”

Secure digital services

The GlobalPlatform Compact IoT Configuration v1.0 answers IoT-specific market requirements by giving service providers and device manufacturers the means to interact seamlessly when deploying secure digital services across constrained IoT devices. The use of standardised secure components makes the mass marketing of secure digital services possible, while bringing time and cost efficiencies to stakeholders within the ecosystem and enabling new business models. SEs can form the keystone for constrained IoT devices - balancing the flexibility of GlobalPlatform specifications, that cover a range of connectivity options including LoRaWAN and HTTPS, with the restrictions of low-end IoT devices using m-class processors.

The configuration supports root of trust (RoT) device identity, the protection of critical assets, state-of-the-art AES cryptography for device management

This entry-level configuration enables manufacturers to identify the best solution for devices with limited operating environments by providing the subset of specifications that they need to develop and deploy IoT devices and services. The configuration supports root of trust (RoT) device identity, the protection of critical assets, state-of-the-art AES cryptography for device management and authentication, allowing automatic enrolment to online cloud services.

Publish new interfaces

100% of SEs embedded in mobile devices are GlobalPlatform compliant. This shows that the SE configuration is perfectly fit-for-purpose for the mobile world, and GlobalPlatform expects the Compact IoT Configuration to achieve similar market penetration.

The next step for GlobalPlatform is to publish new interfaces that connect the SE to the rest of the platform and support the latest industry protocols” Gil continues. “This, along with a new standard for connecting embedded SEs to the device bus, will further enhance the integration of SEs into IoT devices and bring greater protection for services and IP.”

Download PDF version Download PDF version

In case you missed it

Bosch sells security unit to Triton for growth
Bosch sells security unit to Triton for growth

Bosch is selling its Building Technologies division’s product business for security and communications technology to the European investment firm Triton. The transaction enc...

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...

Marin Hospital enhances security with eCLIQ access control
Marin Hospital enhances security with eCLIQ access control

The Marin Hospital of Hendaye in the French Basque Country faced common challenges posed by mechanical access control. Challenges faced Relying on mechanical lock-and-key technol...

Quick poll
What is the most significant challenge facing smart building security today?