CLP.12-v1.0 CN

GSM
CLP.12 -

1.02016 02 08
GSMA
2016 GSM
GSM
GSM
V1.0 1 59
GSM
CLP.12 -
1 4
1.1 GSMA 4
1.2 4
1.3 5
1.4 5
1.5 6
1.6 7
2 8
3 10
3.1 12
3.2 13
3.3 15
3.4 15
3.5 15
3.6 16
3.7 16
4 17
4.1 17
4.2 17
4.3 18
4.4 19
4.5 19
4.6 20
4.7 20
4.8 20
4.9
21
4.10
22
4.11 22
4.12 23
4.13 23
5 24
5.1 24
5.2 25
5.3 26
5.4 27
5.5 28
5.6 29
5.7 30
5.8 31
5.9 32
5.10 33
V1.0 2 59
GSM
CLP.12 -
5.11 33
5.12 34
6 36
6.1 36
6.2 36
6.3 38
6.4 39
6.5 40
6.6 41
6.7 41
6.8 42
6.9 43
6.10 44
6.11 45
6.12 47
6.13 47
6.14 48
7 50
7.1 50
7.2 51
7.3 APN 51
7.4 53
7.5 53
8 55
8.1 Rowhammer 55
8.2 55
8.3 API 56
8.4 / 56
9 58
A 59
A.1 59
A.2 59
V1.0 3 59
GSM
CLP.12 -
1.1 GSMA
GSMA (loT)
GSMA CLP.11
[1]
CLP.11
CLP.14

CLP.12 CLP.13

1 - GSMA
GSMA
CLP.14[4]
1.2
V1.0 4 59
GSM
CLP.12 -
1.3

-

-

-
-
1.4
UICC (eUICC) GSMA UICC
CLP.11 [1]
V1.0 5 59
GSM
CLP.12 -

(M2M)
CLP.11 [1]
(TCB) TCB

TCB
TCB TCB TCB

ETSI TS 102 221

UICC ETSI TS 102 671

VPN
(VPV)

1.5

3GPP 3
ACL
API
APN
CERTS
V1.0 6 59
GSM
CLP.12 -

CLP GSMA
DDoS
GSMA GSM
HSM
IoT
IP
SQL
TCB
VM
VPN
WAF
1.6

[1] CLP.11
[2] CLP.12
[3] CLP.13
[4] CLP.14
[5] OWASP Secure Application Design Project https://www.owasp.org
[6] TCG Trusted Platform Module http://www.trustedcomputinggroup.org
[7] TCG Guidance for Securing IoT http://www.trustedcomputinggroup.org
[8] OAuth 2.0 http://oauth.net/2/
[9] OpenID Foundation http://openid.net/foundation/
[10]
[11] GSMA Mobile Connect https://mobileconnect.io/
GlobalPlatform Card Specification

[12] GPC_SPE_034
www.globalplatform.org/specificationscard.asp
GlobalPlatform TEE Internal Core API Specification
[13] GPD_SPE_010
www.globalplatform.org/specificationsdevice.asp
V1.0 7 59
GSM
CLP.12 -
Web
Web
2 -

Web
V1.0 8 59
GSM
CLP.12 -
3-
V1.0 9 59
GSM
CLP.12 -
Web

Web
4 -
API
API API
V1.0 10 59
GSM
CLP.12 -
5 -
(ACL)
API
ETSI M2M TS 102 690

ETSI M2M TS 102 921
3GPP TS 33.220 (GBA)
(DDoS)

Web (WAF)
V1.0 11 59
GSM
CLP.12 -

NIST
(FedRAMP)

3.1
6 -
(MITM)
(TCB)
V1.0 12 59
GSM
GSM
CLP.12 -

Wi-Fi

(BGP) (DNS)

3.2

(VM)
VM

V1.0 13 59
GSM
CLP.12 -
VM
VM VM VM
7 - VM
VM VM
VM
VM
VM
VM

VM
VM
VM
VM
VM
VM
VM VM
V1.0 14 59
GSM GSM
CLP.12 -

VM

3.3

OWASP
[5]
3.4
/

API

3.5

(CDN)

V1.0 15 59
GSM
CLP.12 -
Java
Java Java
(HTML)
Adobe FlashJava
3.6
M2M API
API
3.7
V1.0 16 59
GSM
CLP.12 -
IT
IT
4.1
CPU
4.2
TCB
V1.0 17 59
GSM
CLP.12 -
TCB TCB
/
TCB
4.3

APN
/
V1.0 18 59
GSM
CLP.12 -
4.4

APN
/
4.5
V1.0 19 59
GSM
CLP.12 -
4.6
4.7
Unikernel

APN
4.8
V1.0 20 59
GSM
CLP.12 -
Unikernel
4.9
V1.0 21 59
GSM
CLP.12 -
4.10
Web
(VPN)
APN

APN
4.11
Web

Rowhammer

V1.0 22 59
GSM
CLP.12 -
4.12

API
4.13
(Dos) (DDoS)
V1.0 23 59
GSM
CLP.12 -
5.1
(TCB) TCB
TCB
TCB
TCB
TCB
TCB

(VM)

TCB

TCB

GlobalPlatform Card Specification [12]

Trusted Computing Group's TPM Specification [6]
GlobalPlatform TEE Internal Core API Specification [13]
V1.0 24 59
GSM
CLP.12 -
5.1.1
TCB
5.2
(HSM)
/

TCB

V1.0 25 59
GSM
CLP.12 -

TPM [6]
TCG [7]
ISO 11889
PKl
RFC 2510
RFC 3647
5.2.1
5.3
TCB
API
API

V1.0 26 59
GSM
CLP.12 -
API
5.3.1
5.4
DDoS

Web

V1.0 27 59
GSM
CLP.12 -
IPv4 IPv6
TCP (SCTP)
API
Amazon Best Practices for DDoS Resiliency

https://d0.awsstatic.com/whitepapers/DDoS White Paper June2015.pdf
Arbor Networks DDoS Mitigation Best Practices
https://www.arbornetworks.com/images/documents/Arbor%20Insights/AI DDoSMi
tigation EN2013.pdf
Cisco DDoS Defence Guide
http://www.cisco.com/web/about/security/intelligence/guide_ddos_defense.html
5.4.1
DDoS
DDoS
5.5
V1.0 28 59
GSM
CLP.12 -
5.5.1
5.6
VPN
VM
(SSH) API CPU
V1.0 29 59
GSM
CLP.12 -

(2FA)

5.6.1
5.7
(lT)
DDoS
IT

CPU
GPU GPU CPU

V1.0 30 59
GSM
CLP.12 -
Amazon EC2 Monitoring Documentation

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring_ec2.html
Google Cloud Monitoring
https://cloud.google.com/monitoring/
Microsoft Azure Monitoring
https://azure.microsoft.com/en-us/documentation/articles/best-practices
- monitoring/
DigitalOcean Monitoring Tutorials (General)
https://www.digitalocean.com/community/tags/monitoring?type=tutorials
5.7.1
5.8
(LEO)
V1.0 31 59
GSM
CLP.12 -
CERT Recommendations for Creating a CSIRT

http://www.cert.org/incident-management/products-services/creating-a-csirt.cfm
5.8.1
5.9
5.9.1
V1.0 32 59
GSM
CLP.12 -
5.10
5.10.1
5.11
V1.0 33 59
GSM
CLP.12 -
-
-
-
-
5.11.1
5.12
V1.0 34 59
GSM
CLP.12 -
5.12.1
V1.0 35 59
GSM
CLP.12 -
6.1
GUI
6.1.1
6.2

TLS

Pin

V1.0 36 59
GSM
CLP.12 -
RC4 RC4
RC4 AES-256 RC4
Diffie Hellman UICC
Pin
Pin
LZObase64ROT13 XOR
ISO 18033-1:2015 -
ISO 18033-2:2015 -
ISO 18033-3:2015 -
www.owasp.org/index.php/Guide to Cryptography
csrc.nist.gov/publications/nistpubs/800-57/sp800-57 part1 rev3 general.pdf
csrc.nist.gov/groups/ST/toolkit/key management.html
6.2.1
V1.0 37 59
GSM
CLP.12 -
6.3
TLS
IBM/Samsung ADEPT
Tilepay
(OCSP)
V1.0 38 59
GSM
CLP.12 -
CafeSoft Apache
http://www.cafesoft.com/products/cams/ps/docs32/admin/ConfiguringApache2For
SSLTLSMutualAuthentication.html
6.3.1
6.4
UICC
(3GPP TS 33.220)
M2M SM (ETSI TS 102 921)
TCB
API
6.4.1
UICC
V1.0 39 59
GSM
CLP.12 -
6.5
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-40r3.pdf
6.5.1
V1.0 40 59
GSM
CLP.12 -
6.6
TCB
URL

http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-40r3.pdf
6.6.1
(DNS)
(BGP)
6.7
V1.0 41 59
GSM
CLP.12 -
6.7.1
6.8
V1.0 42 59
GSM
CLP.12 -
6.8.1
6.9
Web

API

base64
V1.0 43 59
GSM
CLP.12 -
6.9.1
OWASP 10
SQL (SQLi)
6.10
JSON JavaScript
GUI
HTML
6.10.1
V1.0 44 59
GSM
CLP.12 -
6.11
2FA
V1.0 45 59
GSM
CLP.12 -
(2FA)
Web Web
6.11.1
V1.0 46 59
GSM
CLP.12 -
6.12
SQL
API
OAuth 2.0 [8]

OpenID Foundation [9]
GSMA Mobile Connect [11]
6.12.1
6.13
V1.0 47 59
GSM
CLP.12 -
(VPN)
6.13.1
6.14
V1.0 48 59
GSM
CLP.12 -
iOS Wi-Fi
Wi-Fi
802.15.4Wi-Fi
6.14.1
V1.0 49 59
GSM
CLP.12 -
(RTOS)
7.1
PHP Ruby
GoLang Erlang
TCB
OWASP [5]
7.1.1
Metasploit
V1.0 50 59
GSM
CLP.12 -
7.2
7.2.1
A
B A
B
7.3 APN
APN
(VPN) APN
APN APN

APN
APN APN
V1.0 51 59
GSM
CLP.12 -
APN
APN
APN
APN
A B APN APN
B A A B
7.3.1
APN APN
V1.0 52 59
GSM
CLP.12 -
7.4
7.4.1
7.5

GUI
V1.0 53 59
GSM
CLP.12 -
7.5.1
V1.0 54 59
GSM
CLP.12 -
8.1 Rowhammer
RAM (DRAM) (SRAM)
DRAM SRAM
DRAM SRAM
sandboxed GoLangPythonErlang
8.1.1
8.2
V1.0 55 59
GSM
CLP.12 -
8.2.1
8.3 API
API
API GUI
8.3.1
8.4 /
V1.0 56 59
GSM
CLP.12 -
8.4.1
V1.0 57 59
GSM
CLP.12 -
V1.0 58 59
GSM
CLP.12 -
A.1
/
1.0 2016 2 8 PRD CLP.12 PSMC Ian Smith

GSMA

Don A. Bailey Lab
Mouse Security
A.2

GSMA
Ian Smith - GSMA

PRD@gsma.com
V1.0 59 59

CLP.12-v1.0 CN

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CLP.12-v1.0 CN

Uploaded by

Copyright:

Available Formats

GSM

UICC (eUICC) GSMA UICC

ETSI TS 102 221

[5] OWASP Secure Application Design Project https://www.owasp.org

[6] TCG Trusted Platform Module http://www.trustedcomputinggroup.org

[7] TCG Guidance for Securing IoT http://www.trustedcomputinggroup.org

[8] OAuth 2.0 http://oauth.net/2/

[9] OpenID Foundation http://openid.net/foundation/

[11] GSMA Mobile Connect https://mobileconnect.io/

GlobalPlatform Card Specification

ETSI M2M TS 102 690

GlobalPlatform Card Specification [12]

Amazon Best Practices for DDoS Resiliency

Cisco DDoS Defence Guide

Amazon EC2 Monitoring Documentation

CERT Recommendations for Creating a CSIRT

OAuth 2.0 [8]

1.0 2016 2 8 PRD CLP.12 PSMC Ian Smith

Ian Smith - GSMA

You might also like