S 3 review of MEx E release 99

  • Slides: 17
Download presentation
S 3 review of MEx. E release 99 security Tim Wright, Vodafone UK 3

S 3 review of MEx. E release 99 security Tim Wright, Vodafone UK 3 GPP SA 3, ETSI SMG 10 timothy. wright@vf. vodafone. co. uk 17/11/99 S 3 and MEx. E 1

Contents • MEx. E refresher course • Specification history and S 3/SMG 10 involvement

Contents • MEx. E refresher course • Specification history and S 3/SMG 10 involvement • Break for clarification • Issues raised by Colin Blanchard and self • Questions and discussions 17/11/99 S 3 and MEx. E 2

MEx. E refresher course • Mobile Execution Environment • A spec to create a

MEx. E refresher course • Mobile Execution Environment • A spec to create a standardised execution environment on mobile terminals, similar to PDA, such as Palm, Psion • Classmark 1 is WAP • Classmark 2 is Java, specifically the Personal. Java virtual machine 17/11/99 S 3 and MEx. E 3

Execution domains • Operator, manufacturer and third party execution domains • Applications can only

Execution domains • Operator, manufacturer and third party execution domains • Applications can only execute in a domain if authorised for that domain • Broadly similar capabilities for each domain • Untrusted domain 17/11/99 S 3 and MEx. E 4

Domain authorisation • Apps that can run in a domain must have a a

Domain authorisation • Apps that can run in a domain must have a a digitally signature that can be verified by the terminal using valid certificates • Certificates are verified with root public keys for each domain • Operator and third party root keys can be on the SIM • Untrusted apps are unsigned 17/11/99 S 3 and MEx. E 5

Third party Administrator • Third party roots may be installed by manufacturer and user

Third party Administrator • Third party roots may be installed by manufacturer and user (and operator) • Operator may have no control over signing policy of a third party root controller • Therefore, Operator may (but is not obliged to) elect to be Administrator and can then control which Third Party roots are valid (but cannot delete or revoke) 17/11/99 S 3 and MEx. E 6

User permission • Apps cannot be installed without user permission • Apps cannot carry

User permission • Apps cannot be installed without user permission • Apps cannot carry out functions without user permission • Three types of user permission – Single action – Session – Blanket 17/11/99 S 3 and MEx. E 7

Specification history • MEx. E begun within ETSI in January 1998 • Stage 1

Specification history • MEx. E begun within ETSI in January 1998 • Stage 1 approved in February (March? ) 1998 • Release 98 stage 1 and 2 approved in July 1999 • Release 99 to be approved in December 1999 17/11/99 S 3 and MEx. E 8

S 3/SMG 10 involvement • Some review of specs since February • Little real

S 3/SMG 10 involvement • Some review of specs since February • Little real interaction until December 1998 • Productive MEx. E/SMG 10 meeting in February 1999 • S 3 took responsibility for MEx. E security in August 1999 17/11/99 S 3 and MEx. E 9

Goal of this session • MEx. E (and) WAP are powerful developments with enormous

Goal of this session • MEx. E (and) WAP are powerful developments with enormous potential to change the way phones are used • Security is a key issue • MEx. E has worked hard on security and deserve credit • Time, and last chance, for S 3 to take corporate responsibility 17/11/99 S 3 and MEx. E 10

Clarifications 17/11/99 S 3 and MEx. E 11

Clarifications 17/11/99 S 3 and MEx. E 11

Issues raised by CB • Application could be downloaded that would: – Eavesdrop on

Issues raised by CB • Application could be downloaded that would: – Eavesdrop on user – Perform internal denial of service – Make bogus calls and so complicate law enforcement 17/11/99 S 3 and MEx. E 12

Issues raised by CB • User would have to give permission for installation •

Issues raised by CB • User would have to give permission for installation • Process of giving permission by user must be clear - can this be ensured? • Above apps would have to be trusted • Issue of whether third parties can be trusted 17/11/99 S 3 and MEx. E 13

VF issues - Security table • Security table is currently very complex • List

VF issues - Security table • Security table is currently very complex • List actions that can be performed by each domain and that are forbidden for each domain • Status of actions not listed uncertain • Suggest - security table lists forbidden actions only • Would be clearer and more likely to be implemented 17/11/99 S 3 and MEx. E 14

VF issues - external port access • Difficult to manage permissions if don’t know

VF issues - external port access • Difficult to manage permissions if don’t know what is attached to the port • for example, location info in phone is forbidden to an app • but it can be accessed via port if GPS attached to phone • Have to rely on user/ • Warnings should be given 17/11/99 S 3 and MEx. E 15

VF issues - untrusted applications • Can acess screen and keyboard without user permission

VF issues - untrusted applications • Can acess screen and keyboard without user permission • Apps are long lived - Trojan horses • App could listen to keyboard and pick up PINs • Could interfere with UI and get user to perform actions they did not want 17/11/99 S 3 and MEx. E 16

VF issues - untrusted applications • But untrusted apps could be a popular market

VF issues - untrusted applications • But untrusted apps could be a popular market sector • What can be done? • Rules for precedence in screen access • Session user permission? • ? 17/11/99 S 3 and MEx. E 17

MATLAB MEX MEX Sun OS 4 x mexMATLAB MEX MEX Sun OS 4 x mex
So MEx Net Processus dexperimentation So MEx NetSo MEx Net Processus dexperimentation So MEx Net
Medical Systems Mex Medical Systems Mex es unaMedical Systems Mex Medical Systems Mex es una
Slow Release Controlled Release eg CRN Controlled ReleaseSlow Release Controlled Release eg CRN Controlled Release
Press Release Press Release The press release isPress Release Press Release The press release is
4 International Workshop Ch Ar MEx Trieste 204 International Workshop Ch Ar MEx Trieste 20
Mobile Station Application Execution Environment MEx E JavaMobile Station Application Execution Environment MEx E Java
COMPOSTI INORGANICI Mex OY O 2 METALLI OSSIDICOMPOSTI INORGANICI Mex OY O 2 METALLI OSSIDI
ESCUELA PREPARATORIA OFICIAL NO 29 TEPETLIXPA MEX ECONOMIAESCUELA PREPARATORIA OFICIAL NO 29 TEPETLIXPA MEX ECONOMIA
MEHANIKA I STATIKA MEX 1 16 17 PMEHANIKA I STATIKA MEX 1 16 17 P
Listado de SWAPS de TIIE en Mex DerListado de SWAPS de TIIE en Mex Der
Technical Analysis Advance Level RESEARCH DEVELOPMENT DEPARTMENT MEXTechnical Analysis Advance Level RESEARCH DEVELOPMENT DEPARTMENT MEX
Mercado de Derivados en Mxico Mex Der MercadoMercado de Derivados en Mxico Mex Der Mercado
Introduction MEX is the first Multi Commodity ExchangeIntroduction MEX is the first Multi Commodity Exchange
SDR Framework to Enhance MEx E John DSDR Framework to Enhance MEx E John D
Technical Analysis Basic Level RESEARCH DEVELOPMENT DEPARTMENT MEXTechnical Analysis Basic Level RESEARCH DEVELOPMENT DEPARTMENT MEX