Information Technology Reference
In-Depth Information
Practices of USF in the
Pervasive FMC
USF Engines can be installed alternatively except
for the PKI Engine, the base engine.
The USF can provide lots of benefits to the
telephony companies, the customers and the ap-
plication developers. The USF brings benefits
to the telephony companies by supporting the
integrated service security framework controlled
and managed by themselves, providing their cus-
tomers with the highly secure, efficient, durable
and high-quality FMC services, reducing the
time and cost for development and verification of
the security logics and developing new business
models and services in the FMC environments.
The customers can enjoy the secure FMC services,
ensure the security of personal information stored
and managed in the terminals and preserve their
own sensitive information and the security-related
features without re-downloading them after chang-
ing the terminals. Finally, the developers can
concentrate on developing the products without
the consideration of security features.
Recently, we are developing the PKI feature
of the USF for commercialization in 2011. We
are currently developing the cryptographic
token applets on the basis of the USF; instead
of implementing full features of the USF, the
PKI Engine and the part of the PAL for the PKI
Engine are now being implemented as the form
of the applet since the PKI feature is essential in
Republic of Korea for the smart phone banking,
stock and other finance services. To interface with
the smart phone, the PKCS #11 library (Crypto-
graphic Token Interface Standard) is also being
implemented for the Google Android platform.
The PKCS #11, the one of the PKCS series of
RSA Laboratory, specifies an API called Cryptoki
to devices which hold cryptographic information
and perform cryptographic functions. With these
implementation, the cryptographic token applet
and the PKCS #11 library, the public certificates
can be issued by the UICC and also be utilized for
any purpose which requires the certificates such
as banking, stock, user authentication and so forth.
We describe the possible practices using the USF
in the pervasive FMC environments.
Integrated Personal Authentication
All kinds of services usually start from the user
authentications, which also provide the function
of key agreement among participating entities.
The Secure Channel Protocols also require the
user authentications along with the key agree-
ments, for example, TLS/SSL, PSK-TLS, IPSec,
etc. Therefore, the user authentication is not only
the start of the services but also the crucial and
important factor of the security. Especially in the
pervasive FMC environments, the integrated and
strong user authentication should be inevitable
since lots of the security threats are found in the
fixed and mobile networks.
The USF can be facilitated as the integrated
personal authentication in the pervasive FMC en-
vironments, as shown in Figure 7, since it embarks
the PKI Engine. The mobile terminals loaded with
the USF-powered UICC can be securely authenti-
cated using the public or private certificates with
all kinds of service infrastructures of banking,
stock, payment, DRM, IPTV, VoIP, etc. The UICC
applications based on the PKI Engine (and SC
Engine in the case of the secure communications)
for each service infrastructure can be installed on
UICC to handle the user authentications.
Multimedia Contents Sharing
The customer, who pays for the multimedia
contents via the mobile terminal, usually wants
to access them in other devices such as personal
computers, IPTV set-top box, etc. In the pervasive
FMC environments, this kind of customer require-
ments can increase drastically. For this, somebody
can try to copy the downloaded contents to other
Search WWH ::
Custom Search