How to manage secure NFC services in a mobile network Hajo Sandschneider

How to manage secure NFC
services in a mobile network
Hajo Sandschneider
Head of PU NFC & Interoperability Testing
WIMA 2013, Monaco
Agenda
 Introduction
 Shuffling the puzzle pieces
 Explaining the building blocks
 Painting the full picture
 An automated testing approach for NFC
services
Examples of NFC services and applications
Pictures: NFC Forum
Building blocks of secure NFC services
WAN /
Internet
mSD
GP GlobalPlatform
Pctures: Global Platform
GP – Application sandboxes on SmartCards
• GP World: One physical
Smart Card BUT:
• Many independent
applications realms (sand
boxes aka hardware
firewall) running on top of
card OS
• Uniform mechanism to
manage these applications
remotely
• Two levels: Card Content
and Remote Application
Management
Service A
Service B
Service C
GlobalPlatform components
OS and transmission protocols
Integrated circuit
OTA – Over The Air





Over The Air provisioning of a UICC
Remote Application Management (RAM)
Load, configure, delete card applications
Remote File Management (RFM)
Create, update, delete card files
TSMs and MNOs
• Customers want multiple services out of different hands
• MNOs become TSM or cooperate with them in opening parts of their
OTA infrastructure to them
TSM – Trusted Service Manager
•
•
•
Handles customer’s subscriptions
Manages business relationships between service providers
Integrates services from different vertical industries
Putting the pieces together
How to test such services
How to automate testing
 Using emulators allows scripting and remote testing on each interface
 Merging the individual controllers to one powerful master allows full test
coverage of all components with little to no need for manual interference
during the test execution
Taking automation one step further
Former procedure
Simplified procedure




Setup DTA environment

Optional: review already
condensed debug statements
Set up DTA environment
Repeat for each test case


Look for DTA script file (manual
process)


load and start the file

Configure and start it
Look for the matching test case
(manual process)
Optional: merge debug
statements
Select and run one or more test
case(s)
How did we do it?
 Create a header format
 Use a central software unit that
 Exchanges bi-directional data with the DTA running on the
implementation under test, configuring the test scenarios and
potentially exchange debug information
 Controls the test system
 Test results stored in one location, enabling comprehensive reports
 This allows to create automated test plans in an instant
Making NFC Forum testing childishly
simple as it should be!
Thanks for your attention!