This document and the information therein are the property of Safran. They must not be copied or communicated to a third party without the prior written authorization of Safran IoT Security of Things Event / 19th October 2016 / Telecom Business Unit 1

SECURE ELEMENTS FOR IOT SECURITY NICHOLAS VONDRAK, MARKETING MANAGER

10/19/2016

This document and the information therein are the property of Safran. They must not be copied or communicated to a third party without the prior written authorization of Safran

Why the discussion?

Month/day/year

IoT Security of Things Event / 19th October 2016 / Telecom Business Unit 2

Huge opportunity Tremendous risk

“~26 smart objects for every human being on Earth!” -Intel

This document and the information therein are the property of Safran. They must not be copied or communicated to a third party without the prior written authorization of Safran

IoT security challenges

Month/day/year

IoT Security of Things Event / 19th October 2016 / Telecom Business Unit

Identity: Authenticating Endpoints, services, and the customer or end-user operating the Endpoint

Security: Ensuring that system integrity can be verified, tracked, and monitored

Privacy: Reducing the potential for harm to individual end-users

Availability: Ensuring constant connectivity between Endpoints and their respective services

3

Inline with CIA (confidentiality, integrity, availability) information security goals

This document and the information therein are the property of Safran. They must not be copied or communicated to a third party without the prior written authorization of Safran

“A secure element (SE) is a tamper-resistant platform (typically a one chip secure microcontroller) capable of securely hosting applications and their confidential and cryptographic data (e.g. key management)”

-GlobalPlatform

A proposed solution

Month/day/year

IoT Security of Things Event / 19th October 2016 / Telecom Business Unit 4

“Because these devices are connected to the network, if they lack adequate security they offer the possibility of being used as an entry point to the network for attackers, who may have little interest in the device or service itself except as an entry point.”

-SIMalliance, An analysis of the security needs of the 5G market

1.eSIM 2.SIM 3.eSE

This document and the information therein are the property of Safran. They must not be copied or communicated to a third party without the prior written authorization of Safran

Secure element as one solution – use cases

Month/day/year

IoT Security of Things Event / 19th October 2016 / Telecom Business Unit 5

Communication cryptographic keys

Network & service authentication

credentials

Sensitive data protection (i.e. biometric templates)

Application

authenticity identifiers

Secure provisioning of unique device &

user identities

a SE as eSIM, eSE or SIM can address all of these needs

This document and the information therein are the property of Safran. They must not be copied or communicated to a third party without the prior written authorization of Safran

•  Balance between security, convenience and cost will continue to evolve

•  A solution will only be as secure as its weakest link… a secure element alone is not enough

•  Registration is just as important as authentication

•  As the evolution in capabilities of criminals evolves so must the advancements of technologists

Secure element as one solution - conclusion

Month/day/year

IoT Security of Things Event / 19th October 2016 / Telecom Business Unit 6

This document and the information therein are the property of Safran. They must not be copied or communicated to a third party without the prior written authorization of Safran Month/day/year

IoT Security of Things Event / 19th October 2016 / Telecom Business Unit 7

Nic Vondrak NORAM Marketing Manager | Safran Identity & Security nicholas.vondrak@safrangroup.com