Jump to content

Draft:GlobalPlatform

From Wikipedia, the free encyclopedia



Formation1999
TypeNonprofit
Legal statusAssociation
PurposePromotion of digital security technical standards
Region served
Worldwide
Websiteglobalplatform.org

GlobalPlatform, Inc. (formerly Visa OpenPlatform) is a non profit industry consortium for technical standards focused on the interoperability, management and security of embedded hardware such as smart cards.[1] The GlobalPlatform specifications are the de facto standard for remote management of smart card applications.[2]

GlobalPlatform has more than 100 members, including Visa, Mastercard, Qualcomm, T-Mobile US, Apple, and Samsung.[3] Membership tiers include full member, observer and public entities with fees based on the level of involvement.[4]

History

[edit]
Former logo of GlobalPlatform

Visa Inc. introduced the Visa OpenPlatform smart card specification in April 1998 to support the development of multi-application smart cards based on Java Card technology.[5] In 1999, Visa donated the specifications to the OpenPlatform Consortium in order to drive wider adoption. The OpenPlatform Consortium and the specifications themselves were renamed GlobalPlatform later that year.[1]

Specifications

[edit]

The specifications cover security, interoperability, and multi-application functionality. Key components include lifecycle management for secure application handling, a Card Manager for central control, and security domains for application isolation. The specifications also define secure channel protocols for data communication and offers an API.[4]

In recent years, GlobalPlatform has expanded its scope beyond physical smart cards to include other technologies or form factors that require a secure element. These include embedded SIMs (eSIMs), Trusted Execution Environments (TEEs) that provide a secure area independent of the device operating system, and IoT devices.[3]

The GlobalPlatform specifications and security frameworks are incorporated into other industry standards. For example, they form part of the ETSI/3GPP standards that define how SIM cards are used to authenticate users on mobile networks.[6][7] GlobalPlatform is also used within the EMV standard to secure card, contactless, and smartphone-based payments.[8]

See also

[edit]

Further reading

[edit]
  • Béguelin, Santiago Zanella (2006). "Formalisation and Verification of the GlobalPlatform Card Specification Using the B Method". In Barthe, Gilles; Grégoire, Benjamin; Huisman, Marieke; Lanet, Jean-Louis (eds.). Construction and Analysis of Safe, Secure, and Interoperable Smart Devices. Lecture Notes in Computer Science. Vol. 3956. Berlin, Heidelberg: Springer. pp. 155–173. doi:10.1007/11741060_9. ISBN 978-3-540-33691-4.
  • Bernabeu, Gil (2007-11-01). "GlobalPlatform – the future of mobile payments". Card Technology Today. 19 (11): 9. doi:10.1016/S0965-2590(07)70154-8. ISSN 0965-2590.
  • De Almeida Braga, Daniel; Fouque, Pierre-Alain; Sabt, Mohamed (2020-06-19). "The Long and Winding Path to Secure Implementation of GlobalPlatform SCP10". IACR Transactions on Cryptographic Hardware and Embedded Systems: 196–218. doi:10.46586/tches.v2020.i3.196-218. ISSN 2569-2925.
  • Avoine, Gildas; Ferreira, Loïc (2018-05-08). "Attacking GlobalPlatform SCP02-compliant Smart Cards Using a Padding Oracle Attack". IACR Transactions on Cryptographic Hardware and Embedded Systems: 149–170. doi:10.46586/tches.v2018.i2.149-170. ISSN 2569-2925.

References

[edit]
  1. ^ a b Mayes, Keith; Markantonakis, Konstantinos (2017). "3.2.2: The GlobalPlatform Card Specificiation". Smart Cards, Tokens, Security and Applications (2nd ed.). Springer International Publishing. pp. 73–81. ISBN 978-3-319-50500-8.
  2. ^ Sabt, Mohamed; Traoré, Jacques (2016). "Cryptanalysis of GlobalPlatform Secure Channel Protocols". In Chen, Lidong; McGrew, David; Mitchell, Chris (eds.). Security Standardisation Research. Lecture Notes in Computer Science. Vol. 10074. Cham: Springer International Publishing. pp. 62–91. doi:10.1007/978-3-319-49100-4_3. ISBN 978-3-319-49100-4.
  3. ^ a b Niwano, Eikazu (February 2019). "New Standardization Trends at GlobalPlatform--Secure Components for the IoT Era". NTT Technical Review. 17 (2): 63–69. doi:10.53829/ntr201902gls. ISSN 2436-5327.
  4. ^ a b Markantonakis, Konstantinos; Mayes, Keith (March 2003). "An overview of the GlobalPlatform smart card specification". Information Security Technical Report. 8 (1): 17–29. doi:10.1016/S1363-4127(03)00103-1.
  5. ^ "JavaCard - From Hype to Reality". IBM Zurich Research Lab. Retrieved 13 November 2024.
  6. ^ Welte, Harald (2024-06-02). GlobalPlatform in USIM and eUICC. Retrieved 2024-11-17 – via Osmocom.
  7. ^ "Smart Cards; Remote APDU structure for UICC based application" (PDF). ETSI. October 2022.
  8. ^ "A Guide to EMV Chip Technology". EMVCo. November 2014.
[edit]