1.2.1 Background and Advances

The development of wireless communications, especially the security aspects of it, has been relatively stable compared to the overall issues in the public Internet via fixed access until early 2000. Nevertheless, along with the enhanced functionalities of smart devices, networks and applications, the number of malicious attacks has increased considerably. It can be estimated that security attacks, distribution of viruses and other illegal activities increase exponentially in a wireless environment along with the higher number of devices and users of novelty solutions. Not only are payment activities, person‐to‐person communications and social media types of utilization under constant threat, but furthermore one of the strongly increasing security risks is related to the Machine‐to‐Machine (M2M) communications which belong in the IoT realm. An example of a modern threat is malicious code in an Internet‐connected self‐driving car. In the worst case, this may lead to physically damaging the car’s passengers.

There is a multitude of ideas to potentially change the role of the current Subscriber Identity Module (SIM), or Universal Integrated Circuit Card (UICC) which has traditionally been a solid base for the 3rd Generation Partnership Program (3GPP) mobile communications as it provides a highly protected hardware‐based Secure Element (SE). Alternatives have been presented for modifying or for replacing the SIM/UICC concept with, e.g., cloud‐based authentication, authorization and payment solutions. This evolution provides vast possibilities for easing the everyday life of end‐users, operators, service providers and other stakeholders in the field, but it also opens unknown doors for security threats. The near future will show the preferred development paths, one of the logical possibilities being a hybrid solution that keeps essential data like keys within hardware‐protected SEs such as SIM/UICC cards while, e.g., mobile payment would benefit from the flexibility of the cloud concept via dynamically changing tokens that have a limited lifetime.

In the near future, the penetration of autonomously operated devices without the need for human interactions will increase considerably, which results in much more active automatic communication, e.g., the delivery of telemetric information, diagnostics and healthcare data. The devices act as a base for value‐added services for vast amounts of new solutions that are still largely under development or yet to be explored. Nevertheless, the increased share of such machines attached to networks may also open new security threats if the respective scenarios are not taken into account in early phases of the system, hardware (HW) and software (SW) development.

The field of new subscription management, along with the IoT concept, automatised communications and other new ways of transferring wireless data, will evolve very quickly. The updated information and respective security mechanisms are highly needed by the industry in order to understand better the possibilities and threats, and to develop ways to protect end‐users and operators against novelty malicious attempts. Many of the solutions are still open and under standardization. This book thus clarifies the current environment and most probable development paths interpreted from the fresh messages of industry and standardization fields.

1.2.2 Statistics

In the mobile communications, wireless Local Area Networks (LANs) are perhaps the most vulnerable to security breaches. Wi‐Fi security is often overlooked by both private individuals and companies. Major parts of wireless routers have been equipped in advance with default settings in order to offer fluent user experience for installation especially for non‐technical people. Nevertheless, this good aim of the vendors leads to potential security holes for some wireless routers and access points in businesses and home offices due to poor or non‐existing security. According to Ref. [21], around 25% of wireless router installations may be suffering from such security holes. From tests executed, Ref. [21] noted in 2011 that 61% of the studied cases (combined 2133 consumer and business networks) had a proper security set up either via Wi‐Fi Protected Access (WPA) or Wi‐Fi Protected Access, enhanced (WPA2). For the rest of the cases, 6% did not have security set up at all while 19% used low protection of Wired Equivalent Privacy (WEP), 11% used default credentials, and 3% used hidden Service Set Identifier (SSID) without encryption.

Ref. [26] presents recent statistics of Internet security breaches, and has concluded that the three most affected industries are public, information and financial services. Typical ways for illegal actions include the following:

• Phishing. Typically in the form of email, the aim is to convince users to change their passwords for banking services via legitimate‐looking web pages. The investigations of Ref. [26] shows that phishing is nowadays more focused and continues being successful for criminals as 23% of users opened the phishing email, and 11% clicked the accompanying attachments.
• Exploitation of vulnerabilities. As an example, half of the common vulnerabilities and exposures during 2014 fell within the first two weeks which indicates the high need for addressing urgent breaches.
• Mobile. Ref. [26] has noted that Android is clearly the most exploited mobile platform. Not necessarily due to weak protection as such, but 96% of malware was focused on Android during 2014. As a result, more than 5 billion downloaded Android apps are vulnerable to remote attacks, e.g., via JavaScript‐Binding‐Over‐HTTP (JBOH) which provides remote access to Android devices. Nevertheless, even if the mobile devices are vulnerable to breaches, after filtering the low‐grade malware, the amount of compromised devices has been practically negligible. An average of only 0.03% of smartphones per week in the Verizon network during 2014 were infected with higher grade malicious code.
• Malware. Half of the participating companies discovered malware events during 35 or fewer days during the period of 2014. Malware is related to other categories like phishing which is the door for embedding malicious code to user’s devices. Depending on the industry type, the amount of malware varies, so, e.g., financial institutes protect themselves more carefully against phishing emails which indicates a low malware proportion.
• Payment card skimmers and Point‐of‐Sale (POS) intrusions. This breach type has gained big headlines in recent years as there have been tens of millions of affected users per compromised retailer.
• Crimeware. The recent development indicates the increase of Denial‐of‐Service (DoS) attacks, with Command and Control (C2) continuing to defend its position in 2014.
• Web app attacks. Virtually all the attacks in this set, with 98% share, have been opportunistic in nature. Financial services and public entities are the most affected victims. Some methods related to this area are the use of stolen credentials, use of backdoor or C2, abuse of functionality, brute force and forced browsing.
• Distributed Denial‐of‐Service (DDoS) attacks. This breach type is heavily increasing. Furthermore, DDoS attacks are being prepared increasingly via malware. The attacks rely on improperly secured services like Network Time Protocol (NTP), Domain Name System (DNS) and Simple Service Discovery Protocol (SSDP) which provide the possibility to spoof IP addresses.
• Physical theft and insider misuse. These are related to human factors; in general, this category belongs to the ‘opportunity makes theft’, which is very challenging to remove completely as long as the chain of trust relies on key personnel who might have the possibility and motivation to compromise or bypass security. Detecting potential misuse by insiders is thus an important role to prevent and reveal fraudulent attempts early enough. This detection can be related to deviation of the data transfer patterns, login attempts, time‐based utilization and, in general, time spent in activities that may indicate dissatisfaction at the working place.
• Cyber espionage. According to Ref. [26], especially manufacturing, government and information services are noted to be typical targets of espionage. Furthermore, the most common way to open the door for espionage seems to be the opening of an email attachment or link.
• Any other errors that may open doors for external or internal misuse.

More detailed information about data breach statistics and impacts in overall IT and wireless environments can be found in Ref. [26].

1.2.3 Wireless Threats

1.2.4 M2M Environment

One of the basic benefits of IoT is to facilitate always‐connected devices to automatically control and report without human interaction. A simple example of this M2M communications is a refrigerator alerting about food items that require replenishing. The IoT environment also includes human interactions with machines and systems, e.g., making it possible to turn lights on and off remotely. The environment may include awareness of various environmental and user‐related items. For instance, when a user visits a supermarket, stored information about recently purchased items may trigger reminders on the mobile device as the user walks nearby, to suggest repurchasing the same products. The IoT environment also helps to optimize the logistics chain, presenting items that purchasers are able to carry home and highlighting heavier and less frequently purchased items which may be transported via alternative ways. This environment with everything connected (connected society) in an intelligent way (intelligent homes, offices and transportation) is actually a groundbreaking step in human history. It leverages the automatized Information and Communications Technology (ICT) society to the next level, optimizes the techno‐economics and influences positively on the green values as energy consumption and transportation of goods and people is minimized via high level of awareness. This awareness is possible in real time due to collected data and post‐processed information of IoT devices as they communicate with each other and systems. IoT is the next big thing to change our living and working environments.

IoT comprises this advanced environment, with a huge amount of networked devices, and objects and users enabling and benefiting from data. Nevertheless, IoT is still in a relatively early stage. The first concrete solutions that are starting to form IoT include smart devices, the cloud and sensors. The combination of various access technologies like RFID, wireless and cellular connectivity, as well as the evolved, miniature components and devices are essential enablers for advancing the connected IoT world. The sub‐categories of IoT include industrial Internet and M2M communications, and smart consumer environments with devices and services like health devices and smart wristwatches which are easing mobile banking and many other daily functions.

The M2M environment is currently developing strongly with new, evolved technologies and services coming into commercial markets. It creates a great deal of challenges especially for the management of such a huge amount of always‐connected device subscriptions and traffic, and for the security of the communications.

1.3.1 The Open Mobile Alliance (OMA)

The OMA is a non‐profit organization producing open specifications. The aim of the OMA is to create interoperable, end‐to‐end global services on any bearer network. The OMA was formed in 2002 by the key mobile operators, device and network suppliers, information technology companies and content and service providers. The OMA’s specifications support fixed and mobile terminals, such as established cellular operator networks as well as emerging networks with M2M device communications. The OMA drives service enabler architectures and open enabler interfaces independently from the underlying wireless platforms, and has developed programs for testing the interoperability of new products [28].

In addition, the OMA has integrated the WAP Forum, Location Interoperability Forum (LIF), SyncML Initiative, Multimedia Messaging Interoperability Process (MMS‐IOP), Wireless Village, Mobile Gaming Interoperability Forum (MGIF), and the Mobile Wireless Internet Forum (MWIF) into the OMA for promoting end‐to‐end interoperability across different devices, geographies, service providers, operators and networks. The OMA drives the development of mobile service enablers such as Device Management (DM), M2M communications, Application Programming Interfaces (APIs) and Augmented Reality.

The Device Management Working Group of the OMA (DM WG) specifies protocols and mechanisms to achieve the management of mobile devices, services access and software on connected devices [29]. The OMA’s suite of DM specifications includes 21 mobile service enablers and more than 60 management objects that provide ways to deploy new applications and services with low risk. There are an additional 21 management objects defined by other standards organizations and forums in cooperation with the OMA to minimize fragmentation. As an example, the OMA Diagnostics and Monitoring Management Object is used by 3GPP and WiMAX Forum, and other industry bodies have extended the OMA DM to the IP environment for use with remote sensors and in automotive scenarios. The aim of the OMA DM is to manage converged and multi‐mode devices in technology‐agnostic networks, including devices that do not have a SIM card which makes the OMA DM also suitable for M2M communications [30].

1.3.2 The International Organization for Standardization (ISO)

The ISO together with the International Electrotechnical Commission (IEC) are worldwide standard‐setting bodies for smartcards, among various other technologies related to electronics. They jointly have an important role in the standardization of the SIM card, which is the variant if smartcards are adapted into mobile communications systems. The SIM was introduced along with the 2G systems, firstly via the GSM, and it has been further developed in 3G systems which apply the 2G SIM and 3G Universal SIM (USIM) functionalities representing applications within the UICC.

The ISO provides an open process for participating stakeholders with the aim to facilitate the creation of voluntary standards. ISO 7816 defines Integrated Circuit Cards (ICCs), commonly called smartcards as defined in Refs. [37] through [53]. This standard defines contact cards, which means that the communication between the card and external devices like card readers happens via the electrical circuit contacts of the card. It also functions as a base for the contactless cards extended via the ISO 14443 standard, which defines the communications via the RF channel. The contactless card is based on Near Field Communications (NFC). Both ISO 7816 and ISO 14443 are provided by the American National Standards Institute (ANSI).

The key standards for smartcards are ISO/IEC 7816, ISO/IEC 14443, ISO/IEC 15693 and ISO/IEC 7501. The ISO/IEC 27000 series is also relevant to smartcards, describing information security management [90]. A complete list of the ISO/IEC JTC1/SC17 working groups and respective ISO standards can be found in Ref. [91].

ISO/IEC 7816 includes multiple parts from which Parts 1, 2 and 3 are related to contact cards and their essential aspects for interfaces, dimensions and protocols whereas Parts 4–6, 8, 9, 11, 13 and 15 include definitions for both contact and contactless card, e.g., for file and data element structures of the cards, API commands for the card use, application management, biometric verification, cryptographic functions and application naming. Part 7 defines a secure relational database for smartcards via Structured Card Query Language (SCQL) interfaces. Part 10 is related to applications of memory cards, including pre‐paid telephone and vending machine cards.

The most important reference for the SIM/UICC card used in mobile communications systems is ISO 7816. Parts 1, 2 and 3 define the physical and communications characteristics as well as the application identifiers for embedded chips and data. This standard creates the base for mobile communications smartcards and is referenced in major part of the other standards. Moreover, ISO/IEC 7816 describes, among other definitions, the fundamental physical and logical aspects of the smartcard, voltage levels and file systems. Table 1.2 details the definitions of ISO/IEC 7816. ISO/IEC 7816 is jointly defined by the ISO and IEC, and edited by the Joint Technical Committee (JTC) 1 and Sub‐Committee (SC) 17, Cards and Personal Identification [1] and adapted by ETSI, 3GPP and 3GPP2. More details about ISO/IEC 7816 sub‐standards can be found in Chapter 4.

ISO/IEC 14443 defines the interfaces of contactless smartcards that are used in NFC within about 10 cm from the respective reader. It includes the electrical and RF interfaces as well as the communications protocols. The cards operate on a 13.56 MHz frequency. This standard is the base for the contactless environment in access control, transit and financial applications as well as in electronic passports and in Federal Information Processing Standards (FIPS) 201 PIV cards.

ISO/IEC 15693 defines the so‐called vicinity cards, including the base for the physical aspects, RF power, interface levels, collision management and protocols. The idea of vicinity cards is to operate from a maximum distance of 1 m from the reader. ISO/IEC 7501, in turn, has descriptions for machine‐readable travel documents.

1.3.3 The International Telecommunications Union (ITU)

The ITU is a worldwide organization that takes care of the global requirements of telecommunications. The ITU belongs to the United Nations (UN) and is specialized for Information and Communication Technologies (ICT). The tasks of the ITU include the allocation of global radio spectrum and satellite orbits, and development of technical standards. In addition, the ITU paves the way to enhance globally the access to ICTs to underserved communities. The ITU facilitates people’s right to communicate via the developed communications [3]. The ITU is divided into three sectors from which the ITU‐T concentrates on the standardization of the telecommunications area whilewhile the ITU‐R standardizes the radio area, and the ITU‐D focuses on the development of the telecommunications area. The recommendations of the ITU‐T can be found in Ref. [4] and the set of recommendations of the ITU‐R is located in Ref. [5]. The most relevant documentation of the ITU for the security aspects of telecommunications is found in the ITU‐T series X, which describes data networks, open system communications and security.

1.3.4 The European Telecommunications Standards Institute (ETSI)

ETSI produces globally applicable standards for ICT including fixed, mobile, radio, broadcast, internet, aeronautical and other areas. ETSI created the first GSM and UMTS standards. The GSM standardization work was executed in various groups under the Special Mobile Group (SMG) until the 3GPP took over the major part of GSM and UMTS development in 1999. Nevertheless, an important part of the security aspects of mobile communications remains under ETSI [62]. This can be clearly seen from the continuum of the 13‐series standards in ETSI. In practice, the security definitions of, e.g., UICC for GSM, 3G and advanced LTE systems are in fact found as a combined set of ETSI and 3GPP specifications.

As for the SIM/UICC, some of the most important ETSI standards are ETSI 102 221 (UICC definition) and ETSI 102 241 (UICC), which are based on the original GSM standards for the SIM as defined in TS 11.11 and TS 11.14.

The European Union recognizes ETSI as an official European standards organization, and one of the aims of ETSI is to provide access to European markets. ETSI clusters represent ICT standardization activities which are divided into Security, Home and Office, Better Living with ICT, Content Delivery, Fixed Networks, Wireless Systems, Transportation, Connecting Things, Interoperability, and Public Safety. ETSI executes standardization work under all of these clusters in various Technical Committees (TCs) and Working Groups (WGs).

As an example of SIM development, ETSI TS 103 384 defines the embedded UICC. It is aligned with the SIMalliance interoperable profile specification v1.0 and GSMA eSIM Technical Specification for M2M v2.0. There is also new development in the field such as the AppleSIM, and open items for handling the SIM‐related data beyond SMS as in the case of IP‐only remote management via the Bearer‐Independent Protocol (BIP), which has been an active discussion topic at 3GPP SA2. The development of the embedded SIM solutions by ETSI and other parties is highly relevant for both consumer and M2M environments along with IoT and new types of end‐user devices like wearables. This topic thus falls into the area of interoperable subscription management which is discussed in more detail later in this book.

1.3.5 The Institute of Electrical and Electronics Engineers (IEEE)

The IEEE provides a range of publications and standards that make the exchange of technical knowledge and information possible among technology professionals. One of the most important areas of IEEE standards is the IEEE 802 series, which defines a set of wired and wireless networks, including the Wireless Local Area Network (WLAN). IEEE publications and standards can be accessed via Refs. [6,7].

The IEEE is involved in standardization activities related to network and information security as well as in anti‐malware technologies. Areas include encryption, fixed and removable storage, hard copy devices, and applications of these technologies in smart grids [8]. The IEEE Computer Society has a technical committee focused on computer security and privacy, with respective publications. IEEE also has an Industry Connections Security Group for tackling the malware environment. Some of the relevant IEEE standards in encryption domain are presented in Table 1.3.

Furthermore, the IEEE produces a multitude of standards for fixed and removable storage, security for hardcopy devices and Network and Information Security (NIS) for smart grids.

1.3.6 The Internet Engineering Task Force (IETF)

The IETF is an international and open community of network operators, vendors, designers and researchers. The task of the IETF is to be actively involved in the evolution of Internet architecture. The outcome of the work of the IETF is documented as recommendations, which are numbered as RFC n, where n is an integer number referring to a specific area of the definition. The list of documents can be found in [10], and the specific documents can be searched in [9,12].

The way of work of the IETF is based on email lists and exchanging comments online. This method greatly differs from the more formal approach of other international standardization organizations. The IETF also organizes meetings, though only three times per year. In addition to the actual standardization, the IETF performs tasks like assignment of parameter values for Internet protocols, which is taken care of in a centralized way by the Internet Assigned Numbers Authority (IANA), chartered by the Internet Society (ISOC). For more detailed information of the work and structure of IETF, Ref. [11] presents useful guidelines.

Specifically related to working group information sharing of Internet security, the IETF has a dedicated web page named the IETF Security Area [13].

1.3.7 The 3rd Generation Partnership Project (3GPP)

The 3GPP was established by several standardization bodies in 1998. Its original aim was to develop and enhance the 3G mobile communications systems. The current cooperating parties within 3GPP are the Association of Radio Industries and Businesses (ARIB), ATIS (Alliance for Telecommunications Industry Solutions), CCSA (China Communications Standards Association), ETSI, TSDSI (Telecommunications Standards Development Society of India), Telecommunications Technology Association (TTA) and Telecommunications Technology Committee (TTC). In addition to the set up of the 3GPP, there is also a group that takes care of the American variant – the 3GPP2.

Since the first introduction of the GSM‐based SIM card, the concept has been further developed. Along with the handover of the mobile communications standardization work from the ETSI SMG group to the 3GPP, with the exception of few security‐related items that still are taken care of by ETSI, the mobile communications part of the SIM card is included to an extended version of the original, UICC, which contains mobile communications functionalities per radio network type treated as separate applications. Not only the technical aspects have been enhanced, but also the SIM card’s frame materials have been evolved, and there are e.g. eco‐friendlier cards in the market nowadays [36].

Currently, the 3GPP is formed by a Project Coordination Group (PGC) and a total of five sub‐groups which are: Services and System Aspects (SA), Radio Access Network (RAN), Core Network (CN), Terminals (T) and GSM EDGE Radio Access Network (GERAN). The original GSM standardization work of ETSI was taken over by the 3GPP GERAN almost completely in July 2000, excluding some of the security‐related topics. The security algorithm specification work is not public. The User Equipment (UE), SIM and USIM specifications are listed in the original 11‐series, and in the 34‐series in later phases. Some relevant 3GPP specifications for the mobile communications security aspects can be found in 3GPP TS 42.009, V4.1.0, 23 June 2009 (security aspects). The security aspects of 3GPP are taken care of by SA working group 3.

The complete set of 3GPP technical specifications and recommendations as well as study reports can be found in Ref. [18]. For the LTE phase, Refs. [19,20,22] present overall security aspects. Furthermore, some of the most relevant 3GPP LTE security specifications are listed in Tables 1.4 and 1.5.

To summarize, a few of the highest level requirements of the 3GPP specifications, most importantly, the continued usage of current USIM needs to be ensured. The earlier USIM still needs to be able to access the EPS network of the LTE/LTE‐A to ensure that previous USIM variants are also functional in future 3GPP networks. Furthermore, the level of the security should be at least equal or better compared to the UMTS.

In principle, the 3GPP specifications are the root information sources for the GSM, UMTS and LTE security aspects. Ref. [20] presents general aspects of the 3GPP security, and more detailed security aspects of the 3GPP systems are discussed in Chapter 2 in this book. The following sections detail further some of the key aspects of the SIM/UICC specifications defined by 3GPP.

The GSM triggered the introduction of the SIM for storing subscription related data. In the beginning, as defined in the first phase ETSI standard TS 11.11, the SIM was merely a physical card that represented the GSM application. Along with the 3G system development, the SIM was enhanced and took the term of UICC. It refers to a physical card that contains logical functionality as described in 3GPP TS 31.101. Furthermore, the USIM refers to the 3G application residing on the UICC as defined in 3GPP TS 31.102. In addition to the 3G‐USIM application, the UICC is capable of storing various other applications, among which the SIM, or 2G‐SIM, is used for GSM, and the IMS SIM (ISIM) is used for the IP Multimedia Subsystem (IMS) of the LTE/LTE‐A. With the further development of the 3GPP system, the UICC still continues to be the trusted element for the LTE/SAE user domain, including newly evolved applications and security. In fact, the importance of the role of the UICC is increasing as of the Release 8 features.

The following sections summarize some of the key aspects in the development path of the SIM/UICC up to the 3GPP Release 12.

1.3.8 The 3rd Generation Partnership Project 2 (3GPP2)

The 3GPP2 is a 3G telecommunications specifications project meant for the North American and Asian markets. It works in cooperation with 3GPP, and its aim is to develop global specifications for ANSI/TIA/EIA‐41 ‐based 3G cellular radio telecommunications evolution and global specifications for the Radio Transmission Technologies (RTTs) supported by ANSI/TIA/EIA‐41.

In addition to the communications with the 3GPP, the 3GPP2 is a collaborative effort between five officially recognized standardization development organizations, or Organizational Partners (OPs): Japanese Association of Radio Industries and Businesses (ARIB), TTC, Chinese China Communications Standards Association (CCSA), North American Telecommunications Industry Association (TIA) and Korean Telecommunications Technology Association (TTA). The Technical Specification Groups (TSGs) of 3GPP2 are TSG‐A (Access Network Interfaces), TSG‐C (CDMA2000), TSG‐S (Services and Systems Aspects), and TSG‐X (Core Networks). As is the case for freely downloadable specifications and reports of 3GPP, each 3GPP2 TSG has a dedicated section on the website which can be accessed for the downloading of specifications and reports. More information about the 3GPP2 can be found in Ref. [89].

1.3.9 The GlobalPlatform

The GlobalPlatform is an industry organization which consists of several committees for the standardization of subscriber cards and systems [55]. The GlobalPlatform is an internationally recognized non‐profit association with the aim to establish, maintain and promote adoption of interoperable infrastructure standards for smartcards, devices and systems. The focus of the GlobalPlatform is to simplify and speed up the development, deployment and management of interoperable security applications and solutions. The GlobalPlatform standards establish mechanisms and policies for enabling secure communications, and many banks have adopted them at a global level for cryptographic data loading based on JavaCard.

One of the focus areas of the GlobalPlatform is secure deployment and management of multiple applications on secure chip technology by using standardized infrastructure, providing service providers means to develop digital services and deploy them uniformly across different devices and channels. This interoperable approach in security and privacy parameters enables dynamic combinations of secure and non‐secure services from multiple providers on the same device. The GlobalPlatform is thus an international industry standard for trusted end‐to‐end secure deployment and management solutions, aiming for global adoption across finance, mobile and telecommunications, government, premium content, automotive, healthcare, retail and transit sectors via interoperability and scalability of application deployment and management through its secure chip technology open compliance program. the GlobalPlatform has over 120 members working on the alignment with existing and emerging market requirements. The GlobalPlatform’s interoperability solves service provider issues in ensuring compatibility with different security architectures and APIs which are meant for secure access services offered by devices. The aim of the GlobalPlatform is thus to eliminate compatibility and scalability issues via standardized infrastructure and APIs for the management of applications on secure chips compatible with connected devices.

A concrete example of the recent work by the GlobalPlatform is the development of the interoperable Subscription Management (SubMan) standard. Some other key areas of GlobalPlatform’s work are the following.

First, service providers’ services rely on a backend server which is under their control. This solution ensures the respective end‐point’s security level. The GlobalPlatform further gives possibility for service providers to establish a second trusted and secure endpoint, which is a secure chip of the end user’s device. This second trusted endpoint provides the service provider and the end‐user with end‐to‐end security.

Secondly, the GlobalPlatform defines two secure components based on the SE and TEE. In addition to protecting service providers and consumers from external hackers, these secure components prevent competing service providers or the consumer from accessing sensitive application information. Each service provider may load secret keys into the SE to protect its own applications.

Thirdly, the GlobalPlatform messaging technology standardizes messaging to ensure the correct utilization of data and formats to load and provision a service into a secure component.

1.3.10 The SIMalliance

The SIMalliance is a global, non‐profit industry association with the aim to simplify SE implementation and thus to drive the creation, deployment and management of secure mobile services. The SIMalliance also promotes the useful role of the SE in delivering secure mobile applications and services across all devices with an access to wireless networks. It also identifies and addresses SE‐related technical issues, clarifies and recommends existing technical standards relevant to SE implementation, and promotes an open SE ecosystem to facilitate and accelerate delivery of secure mobile applications globally [56]. As is the case with the GlobalPlatform and GSMA, the SIMalliance is also involved in the development of interoperable subscription management solutions.

1.3.11 The Smartcard Alliance

The Smartcard Alliance is a multi‐industry association focusing on the information sharing, adoption, use and application of smartcard technology. The Smartcard Alliance coordinates projects such as education programmes, market research, advocacy, industry relations and open forums and eases the networking and innovation of its members and cooperating parties. The Smartcard Alliance acts thus as a centralized industry interface for smartcard technology, and follows the impact and value of smartcards in the United States and Latin America. The worldwide coverage of members include representatives from financial, government, enterprise, transportation, mobile telecommunications, healthcare and retail industries, and therefore has views from issuers and adopters of smartcard technology to understand the implementation of smartcard based systems for secure payments, identification, access and mobile communications [73].

1.3.12 The GSM Association (GSMA)

The GSMA has a long history, going back to the early days of GSM development. Its roots originate from the GSM Memorandum of Understanding (MoU), which was the basis for the agreement of the GSM standards in a form of an association representing the participating operators [58].

Currently, the GSMA represents the interests of mobile operators worldwide. There are about 800 operators and 250 companies involved, including handset and device manufacturers, software companies, equipment providers, Internet companies and other related industry sectors [57]. Some of the concrete key areas of the GSMA are the following.

The first item is the spectrum for mobile broadband. The GSMA is involved in spectrum initiatives to ease the mobile broadband deployments. The GSMA investigates the importance of future availability of affordable, ubiquitous, high‐speed mobile broadband services. It can be estimated that the industry is likely to require around 1600–1800 MHz of spectrum to ensure widespread access to mobile broadband services. Also, the data traffic may increase by nearly 10 times by 2019 according to Ref. [70], which is a report authored by GSMA Intelligence, a source of global mobile operator data, analysis and forecasts.

Secondly, the GSMA is involved with public policy. The GSMA contributes, e.g., to the Mobile Policy Handbook and policy case studies and is active in areas of capacity building in mobile sector regulation, privacy in the mobile environment, mYouth, energy efficiency, roaming, health, connected society, mobile commerce and economy such as payment, retail and transport, as well as utilities and disaster response.

Thirdly, the GSMA is involved with Network 2020 which is paving the way for the forthcoming 5G, including evolved items such as Voice over LTE (VoLTE), Rich Communications, HD Voice and IP Interconnect.

The fourth key item is Connected Living, which covers a variety of topics such as automotive, health, transport, utilities and trackers. In addition, there are also numerous other activities such as globally recognized events.

Apart from the above‐mentioned items, the GSMA actively contributes to subscription management development, and is also involved with the embedded SIM development for the M2M environment. As an example, GSMA eSIM (M2M) Technical Specification v2.0, together with the contribution of the SIMalliance interoperable profile specification v1.0, resulted in the GSMA eSIM (M2M) TS v3.0 in 2015, combined with the ideas of SCP03t‐version for the secure channel.

1.3.13 The National Institute of Standards and Technology (NIST)

The US National Institute of Standards and Technology (NIST), together with various industries, develops a voluntary, non‐regulatory cyber‐security framework to address critical infrastructure and new challenges especially as a result of the IoT and M2M. The NIST Framework was initiated officially in 2014. The NIST Framework development has involved a Presidential Executive Order, the mobile industry and the telecommunications sector. The focus of the framework is thus on the security and privacy for the evolution of M2M and IoT [23,24].

1.3.14 The National Highway Transportation and Safety Administration (NHTSA)

The focus of the NHTSA is on improving safety and mobility on US roadways. One of its topics is wirelessly connected vehicle technology which involves vehicles such as cars and trains, and facilitates the communication of safety and mobility information to each other. The ultimate aim of the initiative is to help save human lives, prevent injuries, ease traffic congestion and improve the environment. The NHTSA is thus remarkably engaged with vehicle cyber security [25].

1.3.15 Other Standardization and Industry Forums

1.3.16 The EMV Company (EMVCo)

Europay, MasterCard and Visa have formed the EMV Company (EMVCo) and produced the Integrated Circuit Card Specifications for Payment Systems, based on the ISO/IEC 7816 standard. The aim of this initiation is to ease the card and system implementation of a stored value system [63].

1.3.17 The Personal Computer/Smartcard (PC/SC)

The PC/SC is an international specification for cards and readers, and is applicable to contact cards. The further evolution of v2.0 also introduces a PIN pad for the card communications. Various Operations System (OS) companies support the PC/SC, and it is currently a common middleware interface for PC logon applications.

1.3.18 The Health Insurance Portability and Accountability Act (HIPAA)

HIPAA is an umbrella for national US standards for the implementation of electronic health transaction systems in a secure way. Some examples of the respective transaction functions include patient claims, enrolment, eligibility, payment and benefit coordination. HIPAA sets requirements for smartcards in this environment to ensure data security and patient privacy.

1.3.19 The Common Criteria (CC)

The CC refers to an international security evaluation framework. The basic idea of the CC is to provide reliable IT product evaluation for the security capabilities. These products include the hardware of the secure integrated cards as well as the software of smartcard operating systems and applications. The CC is thus used for an independent assessment with the result indicating the ability of the product to comply with security standards. As the CC is globally recognized and established, it is especially useful for customers requiring very high security, such as governments that increasingly want the CC certification as a part of their security solution investments. Furthermore, the CC allows the vendors to tackle security solutions based on concrete needs more efficiently while offering a broad set of products. The CC is thus an international standard for computer security certification, including evaluation of information technology products and protection profiles [59].

1.3.20 The Evaluation Assurance Level (EAL)

An important security‐related topic for UICC security is compliance with the CC. It refers to standards denoting the EAL from 1 through 7 as summarized in Table 1.6. The SIM/UICC complies with the level 4 EAL which makes it one of the most protected solutions in mobile communications.

The EAL indicates a numeric value that is based on the completion of a CC evaluation, the higher values meaning more enhanced assurance levels. It should be noted that the value of EAL does not explicitly indicate the absolute security level as such but it states at which level the system has been tested to meet specific assurance requirements.

1.3.21 The Federal Information Processing Standards (FIPS)

FIPS are a set of standards developed by the Computer Security Division within the National Institute of Standards and Technology (NIST). FIPS are designed to protect federal assets, including computer and telecommunications systems. FIPS 140 (1–3) and FIPS 201 apply to smartcard technology and pertain to digital signature standards, advanced encryption standards and security requirements for cryptographic modules.

FIPS 140 (1–3) contains security requirements related to the secure design and implementation of a cryptographic module. The items include cryptographic module specification, cryptographic module ports and interfaces, roles, services and authentication, finite state model, physical security, operational environment, cryptographic key management, Electromagnetic Interference (EMI), Electromagnetic Compatibility (EMC), self‐tests, design assurance and mitigation of other attacks.

FIPS 201 specification includes aspects for the multifunction card utilization in US government identity management systems [61].

1.3.22 Biometric Standards

The importance of biometrics as a part of the secure ID environment is increasing steadily. Some examples of the development include the wider utilization of fingerprint and eye iris scanning for identifying legitimate users. Thus, various current secure ID system implementations rely on biometrics as well as smartcards in order to provide increased levels of security and privacy. The following sections summarize some of the respective standards.

1.3.23 Other Related Entities

The International Civil Aviation Organization (ICAO) provides guidance on the standardization and specifications for Machine Readable Travel Documents (MRTDs) such as passports and visas. ICAO has also published specifications for electronic passports based on contactless smartcards.

MiFare is a technology involving ticketing applications, which has a major part of the total contactless transit ticketing card market. Other variants in this domain include, e.g., Cipurse [69].

The Payment Card Industry (PCI) Security Standards include the Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA‐DSS) and PIN Transaction Security (PTS) [65].

The NFC Forum is an NFC industry association. It promotes specification and use of NFC short‐range wireless interaction in consumer electronics, mobile devices and PCs [64].

The other documents that are related in one or another way with wireless security include Information Technology Security Evaluation Criteria (ITSEC) security standards [67] which have been largely replaced by the CC, as well as industry initiatives such as MULTOS [66] and the Open Card Framework (OCF) [68].

For the IoT environment, one of the relevant parties is the IoT Security Foundation [82].

1.4.1 General

The security and safety in wireless environment do not differ too much from wired set ups. The current smart devices are actually kinds of powerful miniature computers, so basically the executable software may have the very same vulnerabilities that we have seen in the personal computer environment. The official app store concept of testing and pre‐authorization aims to minimize the potential threats with malicious code hidden in the applications, but as indicated in various instances with all the operating systems, this is not bullet‐proof.

As indicated in Ref. [27], typical attacks from outside the networks are not the only issue, there also exist concrete new forms of threats related to consumer devices via embedded malware. According to this reference, there have been incidents of malware‐infected consumer hardware and software products, and even tainted peripheral devices. Some examples of pre‐loaded malware environments include products like USB sticks, microchips, cameras, battery chargers, digital photo frames, webcams, printers, cell phones, motherboards, system boards and hard drives.

1.4.2 Regulation

The security assurance for wireless networks as well as for the fixed environment is largely related to the protection of user devices and network elements. Some of the integral tasks of the assurance include the protection of the networks, devices and applications. A systematic and controlled way to execute the protection via security architecture design already in an early phase (standardization, research and prototyping) is highly recommended, as well as in all further phases like network planning, deployment, installation, and configuration. As a useful tool for all this is the security process which applies to the testing, certification and other security phases.

These tasks are done by the involving parties such as device manufacturers and mobile network operators based on the available tools and processes. The operators may and typically will create specific requirements that the equipment manufacturers must comply with. Additional help in this can be provided by the regulation with the respective policies.

One example of the fulfilment of regulatory policies and rules imposed is NERC CIP 5 which refers to CIP V5 Transition Program in the United States. It is designed to protect the bulk power system against cyber‐security compromises that without proper protection could lead to misbehaviour or instability. This critical infrastructure protection cyber‐security standard set represents the progress in mitigating cyber risks to the bulk power system which, in fact, can be an Achilles’ heel for the wireless communication networks as for the remote base station powering.

1.4.3 Security Architectures

There are various wireless systems’ security architectures outlined throughout this book. The security can be related to the internal protection mechanisms of the networks such as authentication, authorization and encryption of the communication, as well as the supporting functions such as subscription management which requires secure data transfer in a subscription’s profile activation and – as supported by the very latest technologies – more advanced data transfer such as the complete SIM/UICC card OS download in a protected way.

1.4.4 Algorithms and Security Principles

Crypto techniques have improved considerably over time, originating from such ancient methods for hidden writing (steganography) documented by Johannes Trithemius in 1499 (and published in 1606), leading gradually to the most modern methods for actually encrypting the contents. In modern mobile communications, it is logically challenging to apply steganography even if the basic principle is that the encrypted text is typically easy to spot and hard to make plain, whereas the text hidden by steganography is hard to find but relatively easy to interpret once spotted. If not exactly in the mobile communications, modern steganographic techniques are used, e.g., for manipulating pixels of visual contents such as images by applying very small changes to the values that define the colour of the pixel. As an example, a 24‐bit image pixel is based on information on the grade of red, green and blue colours. A small deviation to each pixel value modifies the colour but human eye cannot distinguish the difference from the original. The unscrambling of the contents from such an image requires the original reference image to reveal the additional information hidden in the pixel value altering. These techniques are typically called least significant bit insertions for transporting secret messages.

As for standardized mobile communications systems, the steganographic methods are not practical for the encryption of the communications, but they may be used by end‐users on the application level. Instead, the algorithms that are applied to the modern mobile communications environment consist of both non‐public and public variants of encryption. In general, it is thought that the publicly exposed algorithms provide the most efficient protection as they have been under the hardest and widest testing, and any possible remaining flaws have been encountered more efficiently simply due to the large size of the test community compared to the very limited resources of non‐public variants. As an example, the original GSM A5/1 algorithm for encrypting the radio interface communications was kept confidential, which was thought to protect against attacks, but, at the same time, it limited the number of experts for proofing the adequate security level. This non‐public approach may be the reason for the eventual exposure of the weaknesses of the algorithm to attacks, including the easier resolution of the contents by knowing the bit‐by‐bit form of the encrypted initialization message. Nevertheless, regardless of the public or non‐public approach, the security of the algorithms needs to be revised every now and then as code‐breaking techniques evolve and computer processing power increases.

The basic categorization of the current algorithms can be divided into symmetric and asymmetric variants. The symmetric approach has been applied in the securing of messages for the last two thousand years or so, including modern mobile communications systems like GSM and UMTS. One example of symmetric encryption is the AES algorithm. The drawback of symmetric encryption is that the same key is used for encrypting and decrypting the message, and thus the key delivery in a secure manner may cause vulnerabilities in this method. Code makers or code breakers have been, one at the time, leading the advances in this era.

The asymmetric approach refers to the security system that uses different keys for encrypting and decrypting the messages. One example of asymmetric ciphering techniques is RSA. In practice, the current asymmetric encoding solutions rely on the modular functions that are based on prime numbers and a pair of public and private keys [2]. The mathematical principles of prime numbers provide the possibility to make the encryption in such a way that the reverse analysis for finding the used prime numbers and for eavesdropping is not feasible in practice for sufficiently big numbers, whereas the legitimate receiving party can decrypt the message by knowing the pair of his/her own public key (which the sending party utilized as a part of the encryption) and own private key (which others are not aware of). Thus, once the sending party encrypts the message, they cannot decrypt it any more as it only opens in a feasible manner with the private key paired with the public key.

Table 1.7 lists and compares some of the most relevant ciphering techniques used in mobile and wireless communications today.

More background information about crypto techniques in general and in the mobile communications environment can be found, e.g., in references [2,20–23,27,71,72].