Wireless Trust for Mobile Business - · PDF fileWireless Trust for Mobile Business ... Based on encryption by Corporate Access Point ... a public terminal in an airport:

1

www.wireless-trust.org

Wireless Trust for Mobile Business─ WiTness ─

Roger Kilian-KehrSAP Corporate Research

2WiTness Consortium

Wireless Trust for Mobile Business - WiTness 05/06/2003www.wireless-trust.org

Agenda

Enterprise security

Mobile applications infrastructure

Towards application-level security

WiTness project

WiTness federations + demonstration

3WiTness Consortium


Enterprise Security: The Model of the Past...

Basic Assumption: Everything Outside is Evil...Approach to Implementing Security:

1. Security is separated from applications, 2. Security technology is deployed at the infrastructure level

4WiTness Consortium


Mobile Applications: Backend PerspectiveDMZInternet

GSM

Web Server FarmWorkplace

Middlewarehttp-Proxies

NAT/LoadBalancer

WAP GW

RAS(ppp Dial-In)

Corporate Intranet

Middleware

Information Provider System

User-centricIntegration:

Portal

http(s) XML

Process-centricIntegration: Exchange

Web Services

GGSNSGSN

HLR

GPRS

NAT

Enterprises are confronted with a whole zoo of isolated “security islands”: security management is a nightmareComplex software architectures like Portals, Exchanges, Proxies,… prevent network-level end-to-end security solutions

Security on the network (infrastructure) level alone does not work!

5WiTness Consortium


Proaktive Approach:OS, Appl. Server, Applicationsprovide their own securityVision: Secure e-business without FirewallsIt matters what you do.

Proaktive Approach:OS, Appl. Server, Applicationsprovide their own securityVision: Secure e-business without FirewallsIt matters what you do.

Appl.-centered Security

Enterprise SecurityResour-

ces

Communi-cation

Applications

Defensive Approach:

Network and Device-oriented

Security and Applicationsare separatedIt matters where you areand how you do it.

Defensive Approach:

Network and Device-oriented

Security and Applicationsare separatedIt matters where you areand how you do it.

Perimeter Security

6WiTness Consortium


Mobile Security Strategy

Server ClientsAccessNetwork

Communi-cation

Platform(Web Browser)

AccessNetwork

Communi-cation

Platform(Web Server)

WEP, GEA1/2,...

IPSEC,...

Application ApplicationApp-level Sec.

HTTPS

Focus: ApplicationFocus: Application--level Securitylevel Security

7WiTness Consortium


WiTness: Project Overview

IST Project (funded by European Commission)Duration: 01/2002 – 04/2004Goals:

Contribute application-level security to 3G mobile businessBuild upon GSM/UMTS security infrastructures (not networks!)

Approach: Create and Combine Functions of

Devices (mediators to users)Smart Cards / SIMs (security platforms)Enterprise Software (application servers)

to Provide Security Services/Interfaces

8WiTness Consortium


Vision and Mission in a Nut Shell

Witness’ vision is a secure mobile wireless application computing world where business processes are not hindered by firewalls.

Witness aims at enabling secure mobile applications of third-party application providers in 3G wireless networks by providing technology for application level security.

Witness focuses on technology that allows application providers to set up their own security solutions for mobile applications. This will be achieved by defining security platforms and security services in mobile devices and smart cards.

9WiTness Consortium


Project Consortium

Lead: SAP Corporate Research (FR/DE)Team: J. Posegga, J. Haller, Ph. Robinson, L. Gomez, C. Hébert, R. Kilian-Kehr

Partners: EZOS (BE)Eurécom (FR), Team: R. Molva, Y. Roudier, L. Bussard, S. CrostaGiesecke und Devrient (DE)Microsoft Research (UK)NTT DoCoMo Labs (DE)T-Mobile (CZ) University of Frankfurt (DE)

10WiTness Consortium


Enterprise

Employee

provides Mobile Application

owns SIM; providesMobile Security Applet

MobileApplication

MSA

manages employee’s device

and deploysapplications

ApplicationProvider

uses

MobileOperator

Goal: Secure Mobile Business Landscape



Phys. SCard Interface

SIM Access (JSR 177)

Mobile Biz Application

Witness Framework

WiTness: A Technology Perspective

Mobile Business

Security Applet

Phys. SCard Interface

SIM Access API

Mobile Biz Application

Witness Framework

Server-side Application

Witness Server-side Framework

FEDERATION

WP2

WP3

WP1,5

WP4

WP6

WP7



Federation Concept - B2E scenarios

• Face-to-face liableinteractions(e.g. mobile work-flow)

• Ambient services / devices

• Access to group data(i.e. mobile groupware)

• Access to corporate dataand processes



WiTness Vision: Secure B2E Federations

EmpowermentExtend the way workers perform everyday tasks while being mobileEnvironment aware

SecurityDevices or communication channels do not necessarily belong to corporationPrevent malicious attacks on corporate data and processesTechnically ensure that users cannot inadvertently violate security policyProtection spectrum: channel security, data access control, user presence verification, transaction liability, network access, etc.

Secure B2E Federation = Corporation ControlledMobile Workforce Empowerment

Federation = environment made up of mobile and ambient devicesspontaneously collaborating in support of applications



Security vs. Flexibility

FlexibilityAutomation, Usability

Security Mobile access to corporate resources

Federated access to corporate resources

Secure federations

Ideal goal: self organising secure federation

WiTness: flexible secure federations

low high

low

high



{ … }K1< /---- >

EiPAQ{K1,K2}

Edisplay{K2}

<confidential/>----------------------------------------< /---- ><unclassified/>-------------------

{ … }K2

Corporate Security Policy EnforcementOnly trusted devices should process corporate data

Mandatory and automated enforcementBased on encryption by Corporate Access PointWith support from SIM as a security module (e.g. for key distribution)

DB1

DB2

DB3

Access Control:

Request + Authorization

XMLXML-encryption+ key distributionSecurity Policy

Trust:

Federation Credentials

operation request



Demonstration 1: Trust Based Data Access

Corporate e-mail carries confidential dataE.g. contract amounts, names of involved parties, etc.Protection of these data may be specified in security policyAccess will depend on device tamper-resistance, trust, context

An employee accesses his e-mail from:a workstation at a partner: confidential data about contracts with that partner can be displayed on the workstationa public terminal in an airport: confidential data will be displayed only on a device trusted by his company (e.g. his PDA with SIM module)



Demonstration 1: Trust Based Data AccessCorporate Domain

CAPBackend

Terminal

Personal DomainDevice

Item is requested to

backend Access Control

XMLTrust Control

Federate

display delegated



Demonstration 1: Trust Based Data AccessCorporate Domain

CAPBackend

Terminal

Personal DomainDeviceDecryption

Secret display

Item is requested to

backend Access Control

Trust Control

Data encrypted according to policy

XML



HCI and bandwidth limitations: Federations



Building a Federation

Federated device

delegation



Trusted Terminal

Partner terminal available(trusted)

Partner terminal booked(trusted)



Untrusted(public terminal)

Untrusted Terminal

Trusted(corporate PDA)



WiTness

Further information available athttp://www.wireless-trust.org

ContactDr. Roger Kilian-KehrPervasive Security GroupSAP Corporate [email protected]

Documents

Wireless Trust for Mobile Business - · PDF fileWireless Trust for Mobile Business ... Based on encryption by Corporate Access Point ... a public terminal in an airport: