CFRG Working Group P. Urien Internet Draft Telecom ParisTech Intended status: Experimental February 7 2015 Expires: August 2015 Cloud of Secure Elements(CoSE) draft-urien-cfrg-cose-02.txt Abstract This document describes an architecture named "Cloud of Secure Elements (CoSE)" whose goal is to strengthen the Internet trust. A Secure element (SE) provides secure services thanks to various means such as tamper resistant technologies or software virtualization techniques. Secure elements are hosted in dedicated servers (i.e. Trusted Secure Elements Servers, TSES); they provide secure storage facilities or compute cryptographic procedures. Secure elements resources are identified by dedicated URIs and should also support HTTP interface. Users are equipped with "Access Credential" and thanks to the Secure Transport Protocol (STP-TSES) remotely access to Secure Element embedded resources. The RACS (Remote APDU Call Secure) and its associated framework protocol is an early proof of concept of the CoSE concept. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on August 2015. Urien Expires August 2015 [Page 1] Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Urien Expires August 2015 [page 2] CoSE February 2015 Table of Contents Abstract........................................................... 1 Requirements Language.............................................. 1 Status of this Memo................................................ 1 Copyright Notice................................................... 2 1 Overview......................................................... 4 2. Architecture.................................................... 5 2.1 Trusted Secure Element Servers (TSES)....................... 5 2.2 Secure Transport Protocol (STP-TSES)........................ 6 2.3 Users and Administrators.................................... 6 3. Remote APDU Call Secure (RACS).................................. 7 4 Security Considerations.......................................... 7 5 IANA Considerations.............................................. 7 6 References....................................................... 8 6.1 Normative References........................................ 8 6.2 Informative References...................................... 8 7 Authors' Addresses............................................... 8 Urien Expires August 2015 [Page 3] CoSE February 2015 1 Overview Internet technologies are more and more pervasive. Connected users and devices produce and consume data that are exchanged over the network and stored in data centers. The IETF has defined multiple standards providing secure features such as authentication, privacy or data integrity. However the Internet suffers from a lack of trust. Recent facts were reported by the press about pervasive surveillance over Internet users; even if Internet protocols support privacy features, these procedures require secret keys and strong cryptographic algorithms. There is a trust issue towards all entities that provide cryptographic facilities and secure storage of sensitive data. It makes may wonder how trust these services are; in other words who may access to secret values storage and use?. In this document we discuss an architecture draft, named "Cloud of Secure Elements (CoSe)", whose goal is to strengthen the Internet trust. Trust is a complex concept. A banknote is the root of trust for commercial exchanges in a set of countries. Trust relies on national, cultural, educative, social or professional beliefs. For the most part, Internet trust relies on secure storage of passwords both on users and servers sides. The basic idea of the proposed architecture is to deploy Trusted Secure Element Servers (TSES), whose trusted internal components (the secure elements) could be used and managed by human or software entities. This functional granularity is a key feature for the CoSE paradigm. TSES servers are managed by a plurality of entities and realized security services for isolated users or numerous users. They could be fitted for individual or worldwide needs. TSES servers are accessed thanks to a Secure Transport Protocol (STP-TSES), which always works with a strong mutual authentication, which is used both for service and administration purposes, and which is interoperable with all TSES. Users or administrators are connected to TSES servers thanks to the STP-TSES protocol. They need Access Credentials (AC) for mutual authentication with TSES. Cryptographic procedures, long term secrets, sensitive data are executed or stored in TSES. Users work with multiple terminals with different level of trust and security. These devices remotely access to critical data and procedures thanks their Access Credentials; this feature implies native traceability and easy revocation for lost or compromise terminals. Urien Expires August 2015 [Page 4] CoSE February 2015 2. Architecture Trusted Secure Elements +------+---+ Server TSES | | S | +------------------+ | User | T +------------------+ | | | AC | P | | | +----+ +----+ | +------+---+ | +---| | SE | | SE | | Secure +--| S | +----+ +----+ | Access Credential(AC) Transport | T | SEP | Protocol +--| P | +----+ +----+ | +---------------+---+ STP-TSES | +---| | SE | | SE | | | AC | S | | | +----+ +----+ | | Administrator | T +--------------+ | | | | P | +------------------+ +---------------+---+ Secure Element Protocol The Cloud of Secure Elements comprises the following components: - A set of Trusted Secure Element Servers (TSES). - Secure Transport Protocol (STP-TSES), working with all TSES. - Users and administrators, implementing STP-TSES, and equipped with Access Credentials (AC). 2.1 Trusted Secure Element Servers (TSES) A Trusted Security Server manages a set of trusted entities called Secure Elements (SE). A secure element provides secure services thanks to various means such as tamper resistant technologies or software virtualization techniques. The main hypothesis is that users trust the SEs hosted in the TSES. Secure Elements realizes services such as secure storage or cryptographic procedures. These services are remotely installed, updated or deleted by management entities. Therefore SEs work according to two functional planes, - An administrative plane. - A user plane. According to the CoSE model, the SE MUST provide isolated and safe computing environment, according to criteria (for example certifications) that are trusted by the users. SEs entities are accessed via physical or logical protocols referred as Secure Element Protocol (SEP). Urien Expires August 2015 [Page 5] CoSE February 2015 There are two classes of SEP: - Protocols (SEP-BER) based on well-known binary encoding rules (BER), for example ISO7816 commands [ISO7816] exchanged with secure ISO7816 microcontrollers. - Protocols (SEP-API) based on the transport of application programming Interface (API), for example the PKCS#11 [PKCS#11] API usually referred as "cryptoki" widely used for the interface of hardware secure module (HSM). 2.2 Secure Transport Protocol (STP-TSES) The Secure Transport Protocol (STP-TSES) drives the data exchange between users and TSES servers. It MUST enforce a strong mutual authentication between these entities, and also support identity protection features on the client side. The STP-TSES creates a secure session with the TSES server. The STP-TSES mainly provides two services: - The inventory of SEs hosted in TSES servers - The transport of SEP messages, and their routing towards the targeted Secure Element. Each SE is identified by a secure element identifier (SEID). STP-TSES services SHOULD be compatible with the [REST] (Representational State Transfer) architecture. Secure elements resources SHOULD be identified by dedicated URIs (Uniform Resource Identifier). An HTTP interface SHOULD be also supported. 2.3 Users and Administrators Users and administrators drive the data exchanges with TSES via the STP-TSES protocol. There are equipped with Access Credentials (AC) needed for mutual authentication with the TSES. A secure tunnel is opened with the TSES. Thanks to their ACs attributes, users and administrators privileges, dealing with the two functional planes (user and administrative), are established by the TSES. Because Secure Elements handle cryptographic facilities, a second secure channel MAY be opened between users (or administrators) and SEs. Urien Expires August 2015 [Page 6] CoSE February 2015 3. Remote APDU Call Secure (RACS) RACS stands for "Remote APDU Call Secure" [RACS]. It is an early proof of concept of the Cloud of Secure Elements. The RACS framework enables secure remote access of data and cryptographic procedures hosted in the CoSE. These elements are identified by URIs and also support an HTTP interface. In the RACS context, a Secure Element (SE) is a tamper resistant microcontroller equipped with host interfaces such as ISO7816, SPI (Serial Peripheral Interface) or I2C (Inter Integrated Circuit). The typical area size of these electronic chips is about 25mm2. They comprise CPU (8, 16, 32 bits), ROM (a few hundred KB), nonvolatile memory (EEPROM, FLASH, a few hundred KB) and RAM (a few ten KB). Security is enforced by multiple hardware and logical countermeasures. These Secure Elements are hosted in servers, whose commercial appliances are usually referred as SIM-Servers. The RACS protocol, is transported over the TLS protocol [TLS 1.0] [TLS 1.1] [TLS 1.2], and works with a mandatory mutual authentication. Both server and client are equipped with certificates and associated private keys. RACS is used for the transport of SEP messages; it also supports features for the SEs inventory. The SE protocol is based on the ISO7816 protocol, which defines the binary encoding rules for request and response packets exchanged with SE, refereed as APDUs (Application Protocol Data Unit). The administration is compliant with a set of Global Platform [GP] standards, which controls the lifecycle of SE embedded software, i.e. application downloading, activation and deletion. 4 Security Considerations To be done. 5 IANA Considerations To be done. Urien Expires August 2015 [Page 7] CoSE February 2015 6 References 6.1 Normative References [TLS 1.0] Dierks, T., C. Allen, "The TLS Protocol Version 1.0", RFC 2246, January 1999 [TLS 1.1] Dierks, T., Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.1", RFC 4346, April 2006 [TLS 1.2] Dierks, T., Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.1", draft-ietf-tls-rfc4346-bis-10.txt, March 2008 [ISO7816] ISO 7816, "Cards Identification - Integrated Circuit Cards with Contacts", The International Organization for Standardization (ISO) 6.2 Informative References [PKCS#11] PKCS#11, "Cryptographic Token Interface Standard", RSA Laboratories. [REST] Fielding, R., "Architectural Styles and the Design of Network-based Software Architectures", 2000, http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm [GP] Global Platform Standards, http://www.globalplatform.org [RACS] Remote APDU Call Secure (RACS), draft-urien-core-racs-00.txt 7 Authors' Addresses Pascal Urien Telecom ParisTech 23 avenue d'Italie 75013 Paris Phone: NA France Email: Pascal.Urien@telecom-paristech.fr Urien Expires August 2015 [Page 8]