As mobile devices become intrinsic to our daily lives, from storing data to accessing services, Christian Damour, FIME's security business line manager, looks at the security challenges facing the mobile services ecosystem.
Connected devices are revolutionising how people interact socially and professionally. Today, we use our mobile phones to undertake a range of functions from downloading information and making purchases, to accessing buildings and watching films. While this level of functionality brings significant everyday benefits, the connectivity required leaves mobile devices vulnerable to attacks.
Although mobile handsets today host multiple applications, many of these are non-sensitive; the personal or financial impact of any corruption to an individual would be minimal. As the mobile services marketplace starts to witness the deployment of an increasing amount of ‘secure' applications, such as identity, mobile wallets or corporate applications that operate and are executed within the device, the consequences of a malicious party hacking an individual's smartphone to source personal or corporate data could be serious.
Similar to a personal computer, a mobile device is vulnerable to malware that is likely to be downloaded inadvertently by the user during their everyday activities or through direct attack targeting the user (phishing). With the type of data stored becoming more appealing to criminals, the number of attacks targeted at the Android Rich Operating System (Rich OS) is growing exponentially.
Attacking the problem
Achieving the highest level of security, without compromising usability, is vital if consumers are to embrace mobile services. While software updates are issued to fix any bugs and vulnerabilities in the Rich OS, such activities require consumers to actively take this responsibility and ensure the update is completed correctly.
The mobile industry recognises that it needs to go beyond simple updates of one component within the mobile device and instead create a clearly defined and universally agreed ‘root of trust'. This comprises a set of functions that are trusted by all parties engaged in the delivery of the mobile service to maintain the integrity of the service and privacy of the consumer's data.
The trusted execution environment (TEE) is fundamental as a root of trust. Comprising hardware and software, it creates a secure area that resides in the main processor of a mobile device. Its role is to ensure that sensitive data is stored and processed in a contained and trusted environment. Unlike the openness of the Rich OS, the TEE offers protection, confidentiality, isolation and data access control to applications known as ‘trusted applications'.
Due to the ‘security barrier' created by the TEE, it can help the secure mobile services industry achieve three objectives:
Shield the ‘trusted applications' it is hosting against some software attacks that are generated in the Rich OS environment.
Isolate each ‘trusted application' from one another, protecting against illicit access to resource, memory or data, so that a corrupted ‘trusted application' cannot compromise the security of other applications.
Protect access to ‘trusted applications' and sensitive data. For example, this is important to premium content owners, such as films, music or e-books. These items are usually downloaded for a fee, and piracy is a key concern. At the same time, a high level of functionality is required to support the quality features expected by consumers. The TEE can support this level of functionality while ensuring that the content cannot be circulated or duplicated without the correct permissions.
Industry association, GlobalPlatform, has been instrumental in standardising TEE technology. In addition to realising a number of specifications to promote functional consistency, the body has also addressed security with the publication of the market's first TEE Protection Profile to define the level of security required. The document essentially combines the security requirements outlined by Common Criteria with the best practice specifications as defined by GlobalPlatform in relation to TEE architecture and interfaces.
This level of market interoperability is important as consumers typically have just one smartphone, which must be able to support all the services that they wish to use. A GlobalPlatform compliant TEE (regardless of manufacturer,) will sufficiently meet the technical and business requirements of different markets. Achieving a ubiquitous security baseline supports commercial efficiencies by bringing clarity to the ecosystem.
More and more applications will utilise the capabilities of the TEE, particularly within the internet of things space. As the number of service providers wishing to implement large scale ‘trusted' applications continues to gain traction, adoption and standardisation of the TEE in the market will make mass market deployments a reality.
Utilising the TEE certainly offers more serious mobile security.
FIME is a trusted consultant and advanced end to end testing services provider within the mobile telecom, payment, e-ID and transit sectors.