Presentation is loading. Please wait.

Presentation is loading. Please wait.

TM 1 Enhancing Trust for Governments using the Latest GlobalPlatform Standards Dongyan Wang GlobalPlatform Technical Program Manager Thursday 20 March.

Similar presentations


Presentation on theme: "TM 1 Enhancing Trust for Governments using the Latest GlobalPlatform Standards Dongyan Wang GlobalPlatform Technical Program Manager Thursday 20 March."— Presentation transcript:

1 TM 1 Enhancing Trust for Governments using the Latest GlobalPlatform Standards Dongyan Wang GlobalPlatform Technical Program Manager Thursday 20 March GP Confidential

2 TM GlobalPlatform Positioning Across several market sectors and in converging sectors GlobalPlatform is the standard for managing applications on secure chip technology Trusted Execution Environment Secure Element AND Premium Content

3 TM Our Collaborative Industry Partners

4 TM GlobalPlatform Members 4

5 TM Some Use Cases Consumer Government eGovernment Enterprise

6 TM Some Regulations Legal ActScope Regulation (EC) 45/2001On the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data Commission Decision 2001/497/EC On standard contractual clauses for the transfer of personal data to third countries, under Directive 95/46/EC Directive 2002/58/ECConcerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) Commission Decision 2002/16/ECOn standard contractual clauses for the transfer of personal data to processors established in third countries, under Directive 95/46/EC Commission Decision 2004/915/EC Amending Decision 2001/497/EC as regards the introduction of an alternative set of standard contractual clauses for the transfer of personal data to third countries Directive 2006/24/ECOn the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC COM(2007) 228 finalOn Promoting Data Protection by Privacy Enhancing Technologies (PETs) COM(2007) 87 finalOn the follow-up of the Work Program for better implementation of the Data Protection Directive COM(2012) 10 final 2012/0010 (COD) On the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data

7 TM Other Initiatives PIA working in practice globally – China’s legislature passed an amendment to the country’s Consumer Rights Protection Law (the ‘Amendment’), which introduces new data privacy protections in amended Consumer Protection Law, effective on March 15, 2014 – ICO (Information Commissioner Office) published Conducting privacy impact assessments code of practice - Data Protection Act v1.0 (effective February 25, 2014) – French Data Protection Authority (‘CNIL’) adopted several amendments to its Single Authorization AU-004 regarding the processing of personal data in the context of whistleblowing schemes (the ‘Single Authorization’) as published on February 11, ANR(Agence Nationality Research) Workshop on Privacy by Design in April – The Treasury Board of Canada Secretariat’s (TBS) Directive on Privacy Impact Assessment (effective April 1, 2010). – US Department Of Commerce PIA requirement based on Homeland Security Presidential Directive 12 (HSPD- 12), Policy for a Common, Identification Standard for Federal Employees and Contractors (August 27, 2004). – South Korea’s new Personal Information Protection Act came into force on September 30, – … Privacy Control Catalog, (Appendix J of Security Controls for Federal Information Systems and Organizations, NIST Special Publication , Revision 4). ENISA position paper, Privacy Features of European eID Card Specifications, Jan 27, 2009, Version 1.0.1, European Network&Information Security Agency. More…

8 TM GlobalPlatform and Privacy Multi-application platform introduces additional privacy challenges Different applications may have different privacy policies and levels, some of which may require remote management Cannot have leakage of data across applications and also from one application publishing the sensitive data In a multi-application provider context, privacy paradigm is contingent on providers adhering to a common framework So… There is a need for a platform approach to this privacy framework

9 TM Anonymity Properties (1 of 2)  Un-traceability – Ability to prevent user identification even if the secure platform issuer and the identity provider (IdP) or the service provider collude  Un-linkability – Ability to prevent the establishment of a link between different attributes presented by the same user: two credentials cannot be linked to the same user, even if issued by the same issuer (or IdP), at the same time and for the same purposes  Selective disclosure – Ability to disclose only the minimal amount of user identification data necessary for a selected action. e.g. user consent required upon each criterion  Usage confidentiality – The communicated data does not reveal the nature and details of the transaction, such as identification data, application identifier, execution success or failure  Pseudonym – Ability to generate a unique pseudonym which will identify the user in a unique way without disclosing his/her data  Forward secrecy – Limited risk in case of attack: ability to protect the secure channel exchange even if the service provider key is compromised at a later date

10 TM  Limited use – Ability to limit the use of credentials over a determined period of time or to restrict their use to a determined number of presentations  Predicate computation (proving computation on attributes) – Ability to prove computations on the attributes rather than disclosing the attributes themselves. The actual value of user identification attributes is not disclosed whereas the user can prove some computation on these attributes  Trusted third party disclosure – Ability to protect an attribute by allowing its disclosure only by a trusted third party (e.g. by encoding the attribute in the credential). The credentials can contain some verifiable encrypted attributes that can be checked by the service provider  Revocation – Ability to revoke a credential. This procedure MAY resort to authorized exchange of information leading to user identification in some cases  Secure messaging – Ability to provide secure messaging to protect commands exchange Anonymity Properties (2 of 2)

11 TM Summary of Main Requirements GlobalPlatform’s Government Task Force has developed a set of requirements including: – Support of a list of anonymity properties – Protection against card / user tracking – Protection against application identifier-based profiling – Registration with declared privacy level(s) – Protection against unauthorized inter-application data exchange – Privacy level implemented by GPP (Platform Global Privacy Protocol) and SPP (Application Specific Privacy Protocol)

12 TM Privacy Framework Requirements Released For the use by anyone developing to GlobalPlatform Specifications Useful for defining additional features to enable privacy sensitive applications on GlobalPlatform cards Government agencies benefit by knowing what can be expected from GlobalPlatform cards in the future in respect to privacy https://www.globalplatform.org/documents/GP_P rivacyFrameworkRequirements_v1.0.pdf

13 TM GlobalPlatform Privacy by Design Architecture The value proposition aims to define a migration path where the card platform provides: Support of current GlobalPlatform functions and secure channel protocols Card content management Incremental improvements – Reusing existing blocks – Not building a platform from scratch Privacy enforcement – Privacy enhanced services offered to all applications within a security domain – Choice of standalone privacy-enhanced protocols (host, card, and / or user authentication) – A privacy manager on-board confirming the platform meets the privacy rules established for it Lightweight solution – Easy migration for existing applications – Preventing environment complexity User consent scheme – User consent MAY be requested before or after authentication Privacy ecosystem – A platform that addresses privacy requirements and a deployment infrastructure

14 TM Market Impact Assessment of the impact of privacy is needed on all steps – When creating, loading, installing, using and deleting applications To allow further role separation of application providers, issuers and system providers by extending the separation to the privacy area, that is, avoid sharing privacy relevant data between these roles To guarantee that a given platform meets the necessary privacy requirements and thus establish a reference in terms of privacy levels GlobalPlatform Card Framework will facilitate implementation of applications with privacy requirements on a GlobalPlatform card, e.g. – Government applications – Machine readable travel documents – Driving licenses – National ID cards, etc.

15 TM Visit White Papers Specifications Become a Member Organization

16 TM Thank You! 16


Download ppt "TM 1 Enhancing Trust for Governments using the Latest GlobalPlatform Standards Dongyan Wang GlobalPlatform Technical Program Manager Thursday 20 March."

Similar presentations


Ads by Google