> Value Proposition
> Our Mission
> Operational Structure
> Board of Directors
> Executive Team
> Advisory Council
> Task Forces
> Industry Relationships
> Partner Comments
The aim of the GlobalPlatform Device Committee is:
- To define an open security architecture for consumer and connected devices based on a trusted execution environment (TEE) - enabling the development and deployment of security applications from multiple service providers including technical specifications compliance and security certification programs.
- To define on-device services necessary for the management of secure elements (SE) and secure interaction with SEs including the UICC, embedded SE and smart microSD
- To define a compliance program that helps handset manufacturers and speeds up the integration of GlobalPlatform device technologies.
- To support the GlobalPlatform TEE Security Evaluation Secretariat
The Device Committee is currently chaired by Christophe Colas from Trustonic.
- To manage, prioritize, develop, maintain and evolve specifications for the TEE.
- To advance and maintain the GlobalPlatform TEE Specifications to develop suitable services for trusted applications including their administration.
- To define, develop and maintain specifications related to the interaction between the TEE and SE.
- To advance and maintain the GlobalPlatform Device Compliance Program, to facilitate interoperability of device technologies on different handset implementations.
- To define, develop and progress the GlobalPlatform TEE Security Evaluation Program, to facilitate the security evaluations of TEE implementations.
- To maintain and evolve specifications for the GlobalPlatform Secure Element Remote Application Management Specification facilitating the connection of trusted service managers (TSMs) to SEs.
- To maintain and evolve specifications for the GlobalPlatform Secure Element Access Control Specification enabling the control of communication between device applications and TAs to SEs and including the related compliance program.
- To liaise, collaborate and / or coordinate Device Committee activities with other relevant industry and standardization groups which perform similar / complementary activities.
- To work with GlobalPlatform's Task Forces and Card and Systems Committees to ensure the alignment of smart device technology within the context of the wider GlobalPlatform infrastructure.
- To participate in the development of educational and promotional materials and events related to technology developed in the Device Committee.
Beneficiaries of the Committee Include:
- Device and chipset manufacturers looking for a standardized way to provide a TEE.
- Device manufacturers looking to implement and test device technology as defined in GlobalPlatform’ Specifications.
- Service providers who will benefit from the protection of secure applications within a single, standardized and interoperable environment.
- Application developers wishing to create interoperable yet sensitive applications, while enjoying the added support provided by the GlobalPlatform community.
- Service providers wishing to offer customers additional trust through a secure environment which is interoperable between various device platforms.
- TSMs that want to manage TAs remotely. All of the above parties that have an interest in having SE management components within a device.
Achievements to Date
- Publication of the TEE TA Debug Specification v1.0, which specifies the GlobalPlatform TEE debug interfaces and protocols.
- Release of the TEE Internal Core API v1.1, which defines a set of C APIs for the development of TAs running inside a TEE.
- Launch of the Secure Element Access Control Compliance Device Test Suite v1.1.0. The test suite describes the tests that are necessary to prove that a product is compliant with Secure Element Access Control (SEAC).
- Support the growth of the annual conference to promote the TEE and the security benefits it brings to connected devices, and encourage implementation within the marketplace.
- Release of the GlobalPlatform Secure Element Access Control Specification security mechanism, which prevents unauthorized applications residing in a mobile device communicating with an SE and SIMalliance Open Mobile APIs. The technical specification has been developed to ensure that legitimate secure services are not denied access to the SE due to malicious third parties.
- Launch of the GlobalPlatform Device Compliance Program. The certification of products to GlobalPlatform's Specification Suite will promote confidence within the advancing secure connected devices landscape by establishing an agreed industry framework.
- Publication of the TEE SE API v1.0, which specifies the syntax and semantics of the TEE SE API. The document is suitable for software developers implementing TAs running inside the TEE which need to expose an externally visible interface to client applications.
- Development of the Trusted User Interface API Specification v1.0. The technical specification is intended to support software developers implementing TAs running inside the TEE which need to display sensitive information to the user or retrieve sensitive data from the user.
- Release of the TEE Protection Profile v1.0. The specification constitutes the reference for the Common Criteria evaluation of GlobalPlatform’s TEE, which enables mobile security services such as content protection, rights management, corporate policies and payment.
2015 Activities and Priorities:
- To continue the advancement of specifications to address the administration of the TEE.
- To maintain and evolve TEE Internal APIs to add features including trusted user interface, biometry, secure channel protocol support, access to SEs, debug and networking.
- To support the evolution of the GlobalPlatform Device Compliance Program in collaboration with GSMA and Global Certification Forum (GCF).
- To define the TEE role and requirement during device boot.
- To investigate and define as relevant a secure channel between the TEE and SE.
- To enhance the Secure Element Access Control Specifications with the support of trusted applications running in the TEE.
- To establish a TEE Security Evaluation Program, which will aim to drive ‘practical’ TEE security certifications with short time-to-market constraints.
- To maintain and update all GlobalPlatform Device Specifications as appropriate.
- To address the requirements of GlobalPlatform’s Premium Content Task Force, and ensure alignment on work priorities.
- To engage with mobile network operators and key players in the web ecosystem to confirm industry requirements, as well as continue to serve the needs of specific use cases including premium content protection, identity, authentication and payment services.
- To host TEE seminars and workshops globally to communicate the value proposition of the technology (exact dates and locations TBC).
Device Committee Working Groups:
TEE Specifications Working Group
Device Compliance Working Group
- To create and maintain documentation defining the TEE, while ensuring consistency in the specifications and services.
- To ensure the long-term interoperability of GlobalPlatform’s Device Specifications by developing an open and thoroughly evaluated compliance ecosystem with test suites and qualified test tools.
- To test the functional behavior of a product against GlobalPlatform’s Device Specifications to achieve market interoperability and reduce ecosystem fragmentation.
TEE Security Working Group
- To define the level of security of the TEE technology for different market verticals and use cases addressed by GlobalPlatform and to ensure a security evaluation framework is in place.
TEE Roadmap Working Group
- To identify opportunities and strategic direction of GlobalPlatform's TEE Roadmap to meet market requirements.
SE Remote Administration Working Group
- To evolve as necessary the GlobalPlatform SE Remote Application Management Specification.
SE Access Control Working Group
- To standardize an SEAC concept based on policies.
- To gather use cases and requirements for the GlobalPlatform SEAC in devices.
- To define, maintain and evolve the architecture and interfaces for GlobalPlatform SEAC in devices and on SEs.
- To promote the GlobalPlatform SEAC in the industry.
Trusted Computing Group (TCG) Working Group
- To share expertise and collaborate around mobile device industry standards, including technical requirements, specifications and use cases.
- To ensure alignment between security topics in regards to the TCG Trusted Platform Module Mobile (TPM Mobile) and GlobalPlatform's TEE Specifications.
- To update the TCG and GlobalPlatform joint white paper to reflect current market conditions, and develop an implementation guide for TPM Mobile.