Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TR 22.857  Word version:  6.0.0

Top   Top   Up   Prev   None
1…   4…
4 Current Situation5 Reusable technology: An alternate approach6 Integrating the Runtime Independent Framework into the Current MExE Specification7 Additional open issues8 Out of scope issues9 ConclusionA Generic MExE Security$ Change history

 

4  Current Situationp. 7

4.1  Delaying new technology adoption into 3GPPp. 7

4.2  Unbounded specification growthp. 7

4.3  Inefficient use of 3GPP technical resourcesp. 7

4.4  Uncertain implementation requirementsp. 8

4.5  Potential fragmentation of the application marketp. 8

4.6  Unclear technology requirements for classmarksp. 8

4.7  Summary of current situationp. 9

5  Reusable technology: An alternate approachp. 9

5.1  Security infrastructurep. 9

5.1.1  Security modelp. 10

5.1.1.1  Application isolationp. 10

5.1.1.2  Domain definitionsp. 10

5.1.1.3  User permission typesp. 11

5.1.1.4  Control of application connections and network activityp. 11

5.1.2  Certificates and certificate managementp. 11

5.1.2.1  Certificate format requirementsp. 11

5.1.2.2  Domain-based certificate requirementsp. 11

5.1.2.3  Certificate chain structure and authorizationp. 11

5.1.2.4  Certification Configuration Message (CCM)p. 12

5.1.2.5  Handling of root public key stored on an installed security devicep. 12

5.1.3  Administrator rolep. 12

5.2  Service environmentp. 12

5.2.1  Capability negotiationp. 13

5.2.2  Provisioningp. 13

5.2.3  Management requirementsp. 13

5.3  Core software updatep. 13

5.4  Provisioning a runtime environmentp. 13

5.5  Multiple execution environment supportp. 13

6  Integrating the Runtime Independent Framework into the Current MExE Specificationp. 14

6.1  RTIF conformance requirementsp. 14

6.1.1  Runtime generic requirementsp. 14

6.1.2  Runtime mapping requirementsp. 14

6.2  UAProf extensionsp. 15

6.3  Other MExE specification changesp. 16

6.3.1  RTIF conformancep. 16

6.3.2  Multiple execution environment and runtime supportp. 16

7  Additional open issuesp. 16

7.1  Binding executables to certificates and metadatap. 16

7.2  Root key certificate packaging and metadatap. 17

7.3  Handling of existing MExE classmarksp. 17

8  Out of scope issuesp. 17

9  Conclusionp. 18

A  Generic MExE Securityp. 19

A.1  Introductionp. 19

A.2  MExE executable integrityp. 19

A.2.1  Full signature verificationp. 20

A.2.2  Optimised pre-launch signature verificationp. 20

A.3  MExE executable permissionsp. 20

A.3.1  MExE executable permissions for operator, manufacturer and third party security domainsp. 20

A.3.2  MExE executable permissions for untrusted MExE executablesp. 23

A.4  Handling of MExE executables when their valid root public key is not availablep. 25

A.4.1  Launching of MExE executables when their valid RPK is not availablep. 25

A.4.2  Currently executing secure MExE executables when their valid RPK is no longer availablep. 25

A.5  User permission typesp. 25

A.6  Root Public keysp. 26

A.6.1  Operator root public keyp. 26

A.6.1.1  Caching of root public keysp. 27

A.6.1.2  MExE device actions on detection of valid (U)SIM application and/or power upp. 27

A.6.2  Manufacturer root public keyp. 29

A.6.3  Third party root public keyp. 29

A.7  Certification and authorisation architecturep. 30

A.7.1  Certification requirementsp. 30

A.7.1.1  MExE terminal requirements for certificate processingp. 30

A.7.2  Certification administration requirementsp. 31

A.7.3  Example certification processp. 31

A.7.4  Certificate Chain Verificationp. 32

A.8  Usage of Signed Contentp. 34

A.8.1  Example of sSigned packages used for installationp. 34

A.8.2  Installation of root certificates in a signed data packagep. 35

6.8.3  Installation of other signed datap. 36

A.9  Certificate fFormatp. 36

A.9.1  Certificate extension for removal of network accessp. 36

A.9.1.1  X.509 version 3p. 36

A.10  Certificate managementp. 36

A.10.1  Certificate configuration message (CCM)p. 37

A.10.1.1  CCM numbering conventionp. 40

A.10.1.2  CCM order of transmissionp. 40

A.10.1.3  CCM field mapping conventionp. 40

A.10.1.4  Authorised CCM download mechanismsp. 40

A.11  Separation of I/O streamsp. 41

6.12  Core software downloadp. 41

A.13  Administrator Conceptp. 41

A.13.1  Administrator root public keyp. 41

A.13.2  Provisioned mechanism for designating administrative responsibilities and adding third parties in a MExE devicep. 42

A.13.3  MExE administrator determination mechanismp. 42

A.13.3.1  Determining the administrator of the MExE devicep. 42

A.13.3.2  Determining the administrator of the MExE device, for MExE-(U)SIM supporting third party certificatesp. 43

A.13.3.2.1  Administrator of the MExE device is the userp. 43
A.13.3.2.2  Administrator of the MExE device is not the userp. 44

A.13.4  Administrator root certificate download mechanismp. 45

$  Change historyp. 46

Up   Top