2020-09-27 Version 2.3.3
Simple Search | Advanced Search | Pre-Defined Reports | Help

Details of 'DTS/CYBER-0052' Work Item
Work Item Reference ETSI Doc.
Number
STF Technical Body
in Charge
Standard Not
Ready For
Download
  DTS/CYBER-0052 TS 103 732   CYBER
  Current Status
(Click to View Full Schedule)
Latest
Version
Cover Date Standstill Creation Date
  Early draft (2020-09-02) 0.0.3 Draft   View Standstill Information 2019-11-05
  Rapporteur Technical Officer Harmonised Standard
  Linyi Gao Sonia Compans No
 
Title CYBER Security and Evaluation Requirements for Consumer Mobile Device
Evaluation Consumer Mobile Devices 
Scope and Field
of Application
The intention of this work item is to deliver a set of security and evaluation requirements to be used in consumer mobile devices security assessment. Increasing services and features on consumer mobile devices make them more attractive for attackers. It is necessary to identify key assets on the consumer mobile devices to be protected and the main security threats to these key assets in consumer scenario. The specification will also define security objectives, that when fulfilled, the security threats could be dramatically decreased. Security functions should be implemented by the consumer mobile device, in order to protect key assets, address the security threats and fulfill the security objectives. The requirements for these security functions will also be defined in the specification. At last, security assurance requirements are needed for testing and assessment of mobile device security.

The work item will take provisions in TS 103 645 / EN 303 645 which are applicable to consumer mobile devices as high level guidance and will define detailed security requirements following those provisions. In addition, this work item will also define requirements which are not covered by TS 103 645 / EN 303 645.

Radio aspects as well as features specific to some network technologies (e.g. use of UICC in 3GPP) are excluded from the scope of this WI.

Similar works in other SDOs (e.g. ISO/IEC JTC1 SC17, GSMA) will be considered to ensure consistency.

The specification should be structured as following:
ToE definition and usage; Security threats (e.g. network eavesdropping, physical assess, flawed applications); Security objectives (e.g. protected communications, protected storage, mobile device integrity, end user privacy); Security functional requirements (e.g. TLS support, key management, data anonymization, authentication, application isolation, secure boot); Security assurance requirement (e.g. guidance documentation, lifecycle support, independent testing); Additional information, optional requirements, use cases, etc.

This document is intended for consumer mobile device manufacturer, implementing those best practices recommendations, and as a guideline for 3rd parties, looking to assess the security functions on mobile consumer devices, e.g. evaluators.

In the context of this work item the term consumer mobile device refers to a class of devices with mobile connectivity capabilities, high computation power and rich user interface such as smartphones or tablets used for personal purpose by the individual owner. 
Supporting
Organizations
Huawei Tech.(UK) Co., Ltd, CAICT, Sony Europe B.V., Brightsight B.V. 

 

Keywords Projects Clusters Frequencies Mandates Directives
      Security
     
Official Journal
     
Remarks
2020-09-02 gaoliny Draft contributed - V 0.0.3 contributed for Discussion in CYBER(20)021017 as Early draft
2020-09-02 gaoliny A new draft is uploaded - V 0.0.3 with status: Early draft
2020-07-30 gaoliny Early draft proposal in contribution CYBER(20)20d006 was Revised by CYBER
2020-07-14 gaoliny Draft contributed - V 0.0.2 contributed for Discussion in CYBER(20)20d006 as Early draft
2020-07-14 gaoliny A new draft is uploaded - V 0.0.2 with status: Early draft
2020-05-11 gaoliny Draft contributed - V 0.0.1 contributed for Discussion in CYBER(20)020023 as Early draft
2020-05-11 gaoliny A new draft is uploaded - V 0.0.1 with status: Early draft
2019-11-26 GAOLINY TB adoption of WI CYBER, see contribution CYBER(19)018012r2
2019-11-15 GAOLINY WI proposed to TB CYBER, see contribution CYBER(19)018012r2
2019-11-15 GAOLINY WI proposed to TB CYBER, see contribution CYBER(19)018012r1
2019-11-05 GAOLINY WI proposed to TB CYBER, see contribution CYBER(19)018012
 

  Work Item Aspects
Key requirements Accessibility and usability
User security
Privacy
Security aspects Addresses consumer mobile device security
Displaying Item 7 of 70...

ETSI Home Page Any comments or problems with this application? Please let us know...