GlobalPlatform - Trusted Management Framework from Don Felton on 2017-02-10 (public-web-security@w3.org from February 2017)

From: Don Felton <don.felton@trustonic.com>
Date: Fri, 10 Feb 2017 14:24:13 +0000
To: Anders Rundgren <anders.rundgren.net@gmail.com>, "'public-hb-secure-services@w3.org'" <public-hb-secure-services@w3.org>, "public-web-security@w3.org" <public-web-security@w3.org>
CC: Richard Hayton <richard.hayton@trustonic.com>
Message-ID: <HE1PR06MB137151C355D6AD2C3C66EFA29B440@HE1PR06MB1371.eurprd06.prod.outlook.com>

Hi Anders and all,

Did anyone also post the link to the GlobalPlatform Trusted Management Framework (GP TMF)  when it was released last year?

While the OTrP people argue their (draft) solution is ideally suited to TEE in the IoT, my possibly biased opinion is that while it is an easy read, the result is relatively unaligned, heavyweight and inflexible compared to the (not draft) GP TMF standard. 

Sorry, but I don’t know of any pretty GP TMF slideware that is public.

The best I can do is the press release
https://www.globalplatform.org/mediapressview.asp?id=1284


I guess I should, for completeness, also point out that GlobalPlatform have for years provided the equivalent "GlobalPlatform Card Specification" for the same task area in the SmartCard space. Again I can't provide a link to slideware but the GP website has the specs.

GP TMF did leverage some of the ideas behind the GP Card Specification, but went to a lot of effort to revise the management model to enable more flexibility in what is potentially a multiple ownership device environment (e.g. OEM, ODM, MNO, and various service providers all wanting their own isolated and controlled slice of the action).

Finally I have to say that the OTrP slide deck is suffering from a common marketing mistake when relating to TEE's. They are equating a TEE to the Trusted OS, whereas GP define the TEE as bounded by a Common Criteria format Protection Profile, which in their case would include everything in the Secure World enabling the Trusted Applications.

Regards

Don
(I had better admit that I currently chair the group in GP that created the GP TMF.)

> -----Original Message-----
> From: Anders Rundgren [mailto:anders.rundgren.net@gmail.com]
> Sent: 09 February 2017 10:03
> To: 'public-hb-secure-services@w3.org' <public-hb-secure-services@w3.org>;
> public-web-security@w3.org
> Subject: Open Trust Protocol
> 
> Related to the Hardware Based Security Services:
> https://tools.ietf.org/html/draft-pei-opentrustprotocol-03

> https://s3.amazonaws.com/connect.linaro.org/las16/Presentations/Wednesday

> /Open%20Trust%20Protocol%20-%20LAS16-306.pdf
> 
> BTW, what's the status of HB Secure Services?
> 
> Anders

Received on Friday, 10 February 2017 14:25:34 UTC