Printer friendly version
Three leading digital security companies team up to bring strong software protection to mobile devices
25 April 2014
The massive adoption of mobile computing platforms creates the urgent need for secure application execution on such platforms. Unfortunately, today’s mobile platforms do not support strong security solutions equivalent to smartcards in set-top boxes or to dongles to reliably control licensing terms. Furthermore, many of these mobile devices are shared for professional and private applications, and are thus intrinsically hard to control and secure.
Michael Zunke, chief technology officer of SafeNet’s Software Monetization Business Unit states that "Security is ever more essential as an enabler for the sustainable innovation of mobile applications and services. Security solutions based on custom hardware security components like dongles and smart cards are not a natural fit for these mobile environments. The industry therefore needs a comprehensive security framework in which software protection is the key ingredient."
According to Brecht Wyseur, NAGRA's security architect, the big challenge in the next years will be to increase the security level of software solutions to allow for both cost effective deployment and long-term renewability, either stand-alone or in combination with a hardware root of trust.
Hence, more research is needed to come up with a solution that is strong enough to be a viable solution for an increasing number of applications in which privacy and security are essential. The ASPIRE project will create the ASPIRE software security framework which will develop, combine and integrate five different types of software protection techniques into one easy to use framework. It will deliver comprehensive, effective security metrics and a decision support system to assist the software developer. “The integrated tool chain will allow service providers to automatically protect the assets in their mobile applications with the best local and network-based protection techniques,” notes Bjorn De Sutter, coordinator of the project, adding that "ASPIRE will make mobile software more trustworthy by leveraging the available network connection and by developing a layered security approach of strong protections. We will also make it measurable by developing practical, validated attack and protection models and practical metrics."
ASPIRE is an FP7 collaborative research project that brings together three market leaders in security ICT solutions. Gemalto SA is the world leader in the smart card business. SafeNet is the world leader in software protection, licensing, and entitlement management, providing solutions to software companies globally. NAGRA, the digital TV division of the Kudelski Group (SIX:KUD.S), provides security and multiscreen user experience solutions for the monetization of digital media.
The project runs from November 2013 until October 2016 and has a total budget is €4.6M and has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grant agreement number 609734. It is coordinated by Ghent University. See also www.aspire-fp7.eu.