Logo

Workpackages

WP1 Project Management
The objective of this WP is to ensure that the work conducted all along the project duration, keeps in line with the work plan and fulfils the deadlines for both the technical results and their potential usage for E-administration projects throughout Europe. It deals with the project coordination actions and processes needed to facilitate the elaboration and the implementation of a jointly agreed global strategy. WP1 includes, though its management structure, all necessary administrative responsibility in interfacing with the Catrene organization for reporting, review preparation, participation to Catrene events, etc) and the relevant Public Authorities.
Task Description
 
WP2 Security and Privacy modelling in Mobile devices
The objective of this task is to define and specify an extensive formal model related to security and privacy protection in mobile platforms, aimed at preparing the development of suitable HW/SW protection mechanism.
Task Description
 
WP3 HW/SW Mechanisms for security and privacy protection
The goal of this WP is to develop a set of powerful HW and SW mechanisms which can be easily integrated into mobile market platforms (Android, iOS, Windows..) and which will re-enforce security and privacy management in the next Smart-phone and/or Tablet generations.
Task Description
 

 

WP4 Usability, Security and Privacy mechanism Life Cycle Management
The goal of this WP is to develop all needed SW for efficient (remote) management and provisioning of the embedded HW and SW mechanisms developed in WP3. Another objective is to develop all advanced needed interfaces which will enable a seamless and easy management of the user of all functionality related to security and privacy management. Finally this WP will also address the subject of forensics investigation.
Task Description
 
WP5 Methodology and Certification
The goal of this task is to develop a reference scheme and some methodology tools enabling to assess in a quick and efficient way the security and privacy keeping nature of future mobile platforms. Furthermore, in a judiciary context, an investigation-dedicated methodology will be proposed to collect evidence taking into account regulatory and technical constraints on newly secured mobile environments.
Task Description
 
WP6 Scenarios set-up and demonstrators
This work-package consists in the demonstration of MobiTrust technical platforms with the required applications in the context of their respective dedicated use cases. At the end of the project a complete showcase, based on market platforms (Android, IoS, Windows…) as well as on a new generation tablet developed in the project and suitable for large project promotion will be elaborated.
Task Description
 
WP7 Dissemination and standardization
The goal of this WP is to ensure complete promotion of project results in the normative, scientific, industrial and Public Authorities communities.
Task Description

Events

  • Local 1st October 2019 - Coimbra, Portugal
  • Local F2F meeting took place on 2 May 2018 - Coimbra, Portugal
  • Local F2F meeting took place on 18 September 2017 - Coimbra, Portugal
  • MobiTrust 3rd Annual Review took place on 31 May 2017
  • 7th PMB/PTB meeting toke place on 30 May 2017 - La Ciotat, France
  • Local F2F meeting took place on 20 April 2017 - Coimbra, Portugal
  • 6th PMB/PTB meeting toke place on 29/30 March 2017 - Elancourt, France
  • 5th PMB/PTB meeting toke place on 14/15 December 2016 - Sophia-Antipolis, France
  • Local F2F meeting took place on 23 November 2016 - Aveiro, Portugal
  • Local F2F meeting took place on 11 October 2016 - Castelo Branco, Portugal
  • 4th PMB/PTB meeting took place on 14/15 September 2016 - Caen, France
  • Local F2F meeting took place on 29 July 2016 - Coimbra, Portugal
  • Local F2F meeting took place on 21 June 2016 - Coimbra, Potugal
  • MobiTrust 2nd Annual Review took place on 8/9 June 2016
  • 3rd PMB/PTB meeting took place on 3 July 2015
  • 2nd PMB/PTB meeting took place on 13 May 2015
  • 1st PMB/PTB meeting took place on 11 December 2014
X Close

WP1 General Information

Leader

Gemalto (France)

Partners

All

WP Objectives

The objective of this WP is to ensure that the work conducted all along the project duration, keeps in line with the work plan and fulfils the deadlines for both the technical results and their potential usage for E-administration projects throughout Europe.  It deals with the project coordination actions and processes needed to facilitate the elaboration and the implementation of a jointly agreed global strategy.
WP1 includes, though its management structure, all necessary administrative responsibility in interfacing with the Catrene organization for reporting, review preparation, participation to Catrene events, etc) and the relevant Public Authorities.

WP Period

From M1 to M30

WP Inputs

 

WP Output

Meeting reports, Change requests, Half year and yearly reports
X Close
  • Project Management Structure

    • Two different boards will be organized: the Project Management Board (PMB), meeting each 6 months, and the Project Technical Board (PTB) meeting each 3 month, for the whole duration of the project.
    The PMB will be constituted of one high-level representative per partner. It will plan for the management of knowledge, of intellectual property, and other innovation-related activities arising in the project. It will keep the consistency of the project with its initial goals, keep sure that the participants are committed to the tasks assigned to them, keep the global planning on track. It will also manage the relationship with other Medea + or European projects.
    The PTB will be constituted of the project and work package leaders(associated with a deputy WP manager dealing with Mobile Multimedia Topics) and of technical project managers from each partner and will control the progress and schedule of the technical work packages and the technical cooperation between the various teams involved.
  • Partners envolved
    Gemalto + all partners
X Close

WP2 General Information

Leader

Trusted Labs (France)

Partners

Gemalto, Nov'IT, Cassidian Cybersecurity, NXP Semiconductors France, Trustonic, Trusted Labs, Cryptolog
ZIGG, Telis, IMSPro

IT-PT, IPCB, OneSource

WP Objectives

The objective of this task is to define and specify an extensive formal model related to security and privacy protection in mobile platforms, aimed at preparing the development of suitable HW/SW protection mechanisms

WP Period

from M1 to M24

WP Inputs

WP6

WP Output

WP3,WP4,WP5,WP7
X Close
  • Task 2.1: Asset and ontology

    • The objective of this task consists in identifying the critical assets to be protected with respect to security and main privacy. Roughly, a data considered individually may not be viewed as an asset but aggregated in data collection in a specific context may become an asset with respect to privacy properties. For that, the ontologies will be built for each domain, i.e. each mobile device "owners" (MNO, OS/Platform manufacturer, Service supplier, end-user). OEM and silicon vendor domains may also be considered.

  • Partners envolved
    France: GTO, Nov'IT, CCS, NXP, TTO, TLA,CLG
    Portugal: IT-PT, OS
    Monaco: ZIGG, Telis
  • Task 2.2: Analysis of typical use cases

    • This task will analyze typical use-cases representatives from both the personal and professional domains and from then derive basic rules and principles related to security and privacy keeping. Typical use cases will include for example:

    • Mobile as a PC (VPN access, ciphered emails, ...)
    • Mobile as an authentication token
    • Mobile as professional terminals (transportation, health,...)
    • Forensics analysis
    • Vital infrastructure monitoring
    • Cloud-based services (personal, professional)
    • MOOC (Massive on line open course) or Mobile training for professional

  • Partners envolved
    France: GTO, Nov'IT, CCS, NXP, TTO, TLA, CLG
    Portugal: IT-PT, OS
    Monaco: ZIGG, Telis, IMSPro
  • Task 2.3: Threat and security policy definition

    • This task will provide an in-depth analysis of all processes related to data aggregation, manipulation, transmission during mobile service consumption in the above worked out use-cases and will elaborate the ad-hoc threat analysis and security policies. This analysis will identify the security risks for privacy protection resulting from these processes and will allow to refine and to complete the ontologies defined in task 2.1.

  • Partners envolved
    France: GTO, Nov'IT, TLA, CLG
    Portugal: IT-PT, IPCB, OS
    Monaco: Telis
  • Task 2.4: Security and privacy model calibration

    • This task will first investigate a formal approach for the modelling of security policies and will then provide an example of formal model for security and privacy management in mobile platforms, based on the results of the former tasks.
    It will define in a formal way all security and privacy-keeping policies and rules. The security rules will serve as a basis for the evaluation and validation methodology developed in the WP5.
    Such work will also be extended in the area of forensics analysis.
    • The development of cryptographic mechanisms suitable for mobile devices
    • The development of a low power consumption and fast, cryptographic accelerator for calculations on large numbers (finite and group operations) and for coupling if one of the protocols requires it.

  • Partners envolved
    France: Nov'IT, TLA, CLG
    Portugal: OS
    Monaco: ___
X Close
X Close

WP3 General Information

Leader

NXP Semiconductors (France)

Partners

Gemalto,Nov'IT, CEA, Cryptolog, NXP Semiconductors France, Trustonic
ZIGG, Telis, IMSPro

IT-PT, IPCB, OneSource

WP Objectives

Objective:
The goal of this WP  is to develop a set of powerful HW and SW mechanisms which can be easily integrated into mobile market platforms (Android, iOS, Windows..) and which will re-enforce security and privacy management in the next Smart-phone and/or Tablet generations

WP Period

from M3 to M30

WP Inputs

WP2

WP Output

WP4, WP5, WP6, WP7
X Close
    This WP will cover the development of all technology bricks which will be needed for the target mobile platforms, covering both HW, SW peripheral and Cryptographic levels. Of course lower layers from both HW and SW side will not be covered (as the project will work with off-the-shelf platforms) but the tighter possible integration of security/privacy features will be looked at. Key development foreseen concern:
  • Task 3.1:  HW level

    • This task will deal with the remote management of credentials (keys, certificates, user rights,..) that will be needed for using and/or deploying  in a secure manner the platforms developed in the project for the secure handling of the use cases proposed.
    Development/adaptation of OTA or OTI protocols or embedded agents for:
    • Mobile chipset security extensions
    • Embedding of mobile trusted mechanisms (secure screen,   keyboard..)
    • Inclusion of secure elements
    • Development of advanced biometric authentication capabilities through on-device available sensors(cameras, voice recognition, motion sensors, digital signature..)
    • Low-power management for side-channel attacks prevention
    • Design& assessment of security primitives on low power technologies like FDSoI

  • Partners envolved
    France: GTO, Nov'IT, CEA, NXP, TTO
    Portugal:IT-PT
    Monaco: ___
  • Task 3.2:  SW level

    • Secure boot mechanisms
    • Trusted Execution Environment
    • Support for level 1 or level 2 virtualization schemes  (cloisoning,
      multiple OS simultaneous support). This level may involve the evaluation and integration of external SW.
    • Hook with HW and dedicated SW for full browser security 
      protection against most malicious attacks on the client side
      such as:  Phishing, Man in Browser, Cross site Scripting, Code
      injection, Keyloggers & Screen capture (for passwords stealing)
    • Use of HTML5 for bootstrapping security or personalization
      in the browser
    • Use of HTML5 for user-centric acceptance, trace-ability,
      privacy, personal data storage capabilities
    •  Dedicated agents for privacy monitoring
    • Implementation and assessment of anonymity schemes using  
      secure cryptographic primitives based on Pairing.
    • Multti-SE Cryptographic Middleware, APIs and Drivers

  • Partners envolved
    France: GTO, Nov'IT, CEA, NXP, TTO
    Portugal: ___
    Monaco: ___
  • Task 3.3: Peripheral level

    • Secure High-speed NFC controller (based on VHDR layers) and secure NFC communication with an external SE
    • Secure secondary storage attachment

  • Partners envolved
    France: GTO, Nov'IT, NXP
    Portugal: ___
  • Task 3.4; Cryptographic level

    • The development of cryptographic mechanisms suitable for mobile devices
    • The development of a low power consumption and fast, cryptographic accelerator for calculations on large numbers (finite and group operations) and for coupling if one of the protocols requires it.

  • Partners envolved
    France: GTO, CLG, NXP
    Portugal: ___
    Monaco: ___
X Close
X Close

WP4 General Information

Leader

CEA (France)

Partners

Gemalto, Nov'IT, Cassidian Cybersecurity, CEA, NXP Semiconductors France, Trustonic, Cryptolog
ZIGG, Telis

IT-PT, IPCB, OneSource

WP Objectives

The goal of this WP is to develop all needed SW for efficient (remote) management and provisioning of the embedded HW and SW mechanisms developed in WP3. Another objective is to develop all advanced needed interfaces which will enable a seamless and easy management of the user of all functionality related to security and privacy management. Finally this WP will also address the subject of forensics investigation.

WP Period

from M3 to M27

WP Inputs

WP2, WP3,WP5

WP Output

WP6,WP7
X Close
  • Task 4.1; Life Cycle Management

    • This task will deal with the remote management of credentials (keys, certificates, user rights,..) that will be needed for using and/or deploying  in a secure manner the platforms developed in the project for the secure handling of the use cases proposed.
    Development/adaptation of OTA or OTI protocols or embedded agents for:
    • Security/privacy Mechanisms provisioning, update, revocation
    • Remote diagnosis
    • Deployment of cryptographic keys
    • Mobile credential
    The potential use of TSM (Trusted Service Manager) for these deployment/life-cycle management could also be investigated.

  • Partners envolved
    France: GTO, Nov'IT, NXP, TTO, CLG
    Portugal: IT-PT, IPCB, OS
    Monaco: ZIGG
  • Task 4.2: advanced end-user interfaces

    • This task will address the subject of presenting security and privacy keeping features to the user in an understandable and easy to use manner. The use of technologies such as HTML5 for developing specific user-centric features (and especially Trusted User Interfaces)  will be looked at and especially linked to:
    • user-centric acceptance,
    • opt-in, opt-out mechanisms
    • Federated ID and Single Sign on
    • Personal data management
    • Preference customization
    • Trace-ability

  • Partners envolved
    France: GTO, Nov'IT, NXP, CLG
    Portugal: ___
    Monaco: ZIGG, Telis
  • Task 4.3: Forensics tools

    • This task will concern the critical problem of managing the complex security/privacy/trace-ability paradigm for giving a judiciary or police authority the power to recover critical information related either to some erroneous, fraudulent or even criminal transactions. This, should be done according to the EU regulation on privacy, with full-proof capability from the judiciary stand-point (non destructive approach):
    • Development of a complete set of HW and SW tools enabling to the judiciary or legal administrations to perform an analysis of transactions  in a Mobile terminal
    • Validation of the law-compliance of the tool-chain
    • Development of tools for the physical extraction of data from mobile phones’ non volatile memories.
    • Development of tools for extracting cryptographic keys from the latest mobile phones and tablets based on side channel information leakages

  • Partners envolved
    France: GTO, Nov'IT, CCS, CEA, NXP
    Portugal: OS
    Monaco: ___
X Close
X Close

WP5 General Information

Leader

Cassidian Cybersecurity (France)

Partners

Gemalto, Cassidian Cybersecurity, CEA, NXP Semiconductors France, Trusted Labs, Cryptolog, Nov'IT

OneSource

WP Objectives

The goal of this task is to develop a reference scheme and some methodology tools enabling to assess in a quick and efficient way the security and privacy keeping nature of future mobile platforms. Furthermore, in a judiciary context, an investigation-dedicated methodology will be proposed to collect evidence taking into account regulatory and technical constraints on newly secured mobile environments.

WP Period

from M1 to M30

WP Inputs

WP2, WP3, WP4

WP Outputs

WP6, WP7
X Close
  • Task 5.1: methodology and tools for security/privacy validation and forensics

    • This task will analyze which methodological advances will need to be defined in order to enable certain further levels of certification for some critical parts of the platforms developed in the project. Focus will be on optimizing the time/cost/certification trade-off according to the target final usage scenarios. Specific point of innovation will address compositional evaluation for the security standpoint, privacy, forensics capabilities:

    • Analysis of existing tools: checklists, grids...
    • Needed extensions/adaptations  of classical schemes such as Common Criteria
    • Development of the needed assessment tools
    • Definition of a forensics methodology compliant with regulation and able to get usable evidence in a highly secured environment

  • Partners envolved
    France: GTO, CCS, CEA, TLA, CLG
    Portugal: OS
    Monaco: ___
  • Task 5.2: Evaluation of critical bricks

    • This task will provide the reference framework for evaluation of the platforms developed, based on the results from task 5.1:
    • Definition of a reference security/privacy evaluation platform and associated criteria
    • Definition of a reference for evaluating the safety and traceability of a process of signing mobility
    • Development of various test benches
    • Evaluation results for some critical bricks(this part may include some confidential data)

  • Partners envolved
    France: GTO, CEA, TLA, CLG
    Portugal: OS
    Monaco: ___
  • Task 5.3: Regulatory Framework

    • The purpose of this task will be to perform the appropriate liaison with the relevant regulatory or standardization bodies and to push some project proposals in these bodies:
    • Complete analysis of the proposed methodologies and tools from regulatory, economical and societal perspective
    • Liaison with national & European regulatory bodies involved in the security certification of information systems (e.g. French ANSSI, CESTI certification labs’ meetings, BSI in Germany) or in organizations dealing with privacy (e.g. CNIL in France)

  • Partners envolved
    France: GTO, CCS, TLA, Nov'IT
    Portugal: ___
    Monaco: ___
X Close
X Close

WP6 General Information

Leader

Gemalto (France)

Partners

Gemalto, Nov'IT, Cassidian Cybersecurity, Cryptolog, NXP Semiconductors France, Trustonic
ZIGG, Telis, IMSPro

IT-PT, IPCB, OneSource

WP Objectives

This work-package consists in the demonstration of MobiTrust technical platforms with the required applications in the context of their respective dedicated use cases. At the end of the project a complete showcase, based on market platforms (Android, IoS, Windows…) as well as on a new generation tablet developed in the project and suitable for large project promotion will be elaborated.

WP Period

from M6 to M30

WP Inputs

WP2, WP3, WP4, WP5

WP Output

WP7
X Close
  • Task 6.1; Set-up of scenarios

    • The purpose of this task is to elaborate some scenarios and the related scripts enabling to exercise the technology bricks developed in the project in several platform environment demonstrating some of the use cases worked –out in WP2 in real environments. These scenarios will relate to al either stand-alone use-cases or combinations of them in a more complex environment. The targeted capabilities include:
    • Demonstration of a complete Tablet platform suitable for personal and professional usage
    • Professional applications:, VPN, secure mail, signature(including mobile fleet management)
    • Remote credential/application provisioning and management
    • Complete mobile credential management schemes
    • Use of mobile platforms for professional applications in replacement of specific terminals Secure group messaging
    • Cloud services: Id.aaS
    • MMOC/Electronic distribution of content
    • Forensics in secured mobile environment
    • Crypto capabilities: Pairing-based anonymityUsing / Creating safe proven cryptographic primitives adapted to SP6 scenario

  • Partners envolved
    France: GTO, Nov'IT, CCS, CLG, NXP
    Portugal: IT-PT, IPCB, OS
    Monaco: ZIGG, Telis, IMSPro
  • Task 6.2: definition of integration methodology

    • This task will address the integration methodology (user tests, functional tests, integration tests, validation methodology) which will be needed to put in place the scenarios defined in task 6.1. Key activities include:
    • High-level definition of scenarios (with possible high-level modelling of scripts)
    • API and interface precise specification
    • Elaboration of testing templates
    • Integration workbenches
    • Validation methodology

  • Partners envolved
    France: GTO, Nov'IT, CCS, CLG, TTO, TLA
    Portugal: IT-PT, IPCB, OS
    Monaco: ZIGG, Telis, IMSPro
  • Task 6.3: demonstrators and test-benches

    • The purpose of this task will be to develop all needed SW for the final integration of scenarios in real (or representative from real) environments. This task will also include the preparation of basic material for preparing project communication tools.
    • integration of various components into real cases demonstrators
    • project “showcase” elaboration and demonstration

  • Partners envolved
    France: France: GTO, Nov'IT, CCS, CLG, NXP, TTO
    Portugal: IT-PT, IPCB, OS
    Monaco: ZIGG, Telis, IMSPro
X Close
X Close

WP7 General Information

Leader

Instituto de Telecomunicaöes Aveiro (Portugal)

Partners

Gemalto, Nov'IT, Cassidian Cybersecurity, CEA, Cryptolog, NXP Semiconductors France, Trustonic, Trusted Labs
ZIGG, Telis, IMSPro

IT-PT, IPCB, OneSource

Objectives

 

The goal of this WP is to ensure complete promotion of project results in the normative, scientific, industrial and Public Authorities communities

WP Period

from M1 to M30

WP Inputs

WP2, WP3, WP4, WP5, WP6

WP Output

Publication, Contribution to standardisation bodies
X Close
  • Task 7.1: Dissemination

    • This task includes the following set of activities:
    • Project web site
    • Scientific communications
    • Participation to key exhibition and conferences (Cartes, European Nanoelectonics Forum, Chip to Cloud event),...)
    • Project white book, leaflets,
    • Focus groups in the professional/government communities
    • Press material
    • Specialized workshops (on Cryptography)

  • Partners envolved
    All partners
  • Task 7.2: Standardization

    • Project results will be promoted in the following normalization committees:
    • GSM-A security working group(which should be the natural way to disseminate project results in the MNO community)
    • Global platform (TEE Specification)
    • 3GPP-TS.33.220-Generic bootstrap architecture
    • 3GPP-TS.33.820- Access security review
    • 3GPP-TS.33.918:-HTTPS connection between UICC and NAF
    • 3GPP-TS.33.980: Liberty Alliance 3GPP security inter-working
    • OMA Security working group
    • Trusted Computing Group (TCG)
    • FIDO consortium (consortium on authentication for internet systems, ,…).
    • EMVCo
    • ETSI / Groupe ESI
    • AFNOR GE16 : e-sign
    • CEN
    • PC334 : e-invoice
    • WG17 : Protection Profiles in the context of SSCD
    • WG16 : Application Interface for smart cards used as SSCD

  • Partners envolved
    France: GTO, Nov'IT, CLG, NXP, TTO, TLA
    Portugal: IT-PT
    Monaco: ___
X Close

Scenarios & Demonstratores

Mobile as an authentication factor

Use of a Mobile as authentication factor

 

Mobile as a PC

 

Target is to have access to the same corporate services (secure email, intranet, ...) on a mobile or a tablet than on a PC with the same level of security and secure services (Signature, VPN access…).

Prosumer model for baking transactions

 

 

Moving Cash dispenser user interface to the mobile phone

 

 

Document Mobile Signature Architecture