Securing the storage, processing, and input and output of sensitive data on an open platform are of critical importance.
Also, isolation of applications that are managing (U)SIMs and (U)SIM readers, EAP-SIM and EAP-AKA protocols,
and SAP applications from untrusted applications is imperative. Protecting the interface between the trusted open
platform and the UICC is also of critical importance.
Therefore, it is very much desirable that the Open Platform must have secure authentication and authorization
mechanisms to protect against eavesdropping, and malicious modification of sensitive data and operator applications residing on the Open Platform.
Consequently, for the diverse 3GPP usage models of the Open Platform, such as the ones described in TS 33.234
, appropriate trust recommendations need to be outlined to counteract the threats. This document describes trust recommendations for the usage models described in 3GPP.
This technical report investigates relevant trust standards and technologies, both existing as well as the ones that are work-in-progress. It develops the recommendations for trusted open platforms for delivery of new applications and services to open platforms.