Device API access control gets easier with new MNO tool
Wednesday, January 31, 2018
Austin Harris |
Mobile device API access control tool has been released by GlobalPlatform to provide mobile network operators the ability to access OS sensitive APIs.
GlobalPlatform has defined a specification that enables mobile network operators (MNOs) to access certain aspects of the mobile device operating system (OS), which are by default not accessible for security reasons. The specification has received input and support from MNO industry body GSMA and device manufacturers, who recognize that MNOs need this advanced access to ensure customers are receiving optimum network management connectivity.
“MNOs want access to mobile device parameters to ensure customers are receiving the best possible service,” explains Gil Bernabeu, GlobalPlatform’s Technical Director. “These low-level services are used to adapt device parameters to the MNO network capabilities. At present, it is expensive and timely to customize each device OS to enable individual MNOs to access sensitive APIs.”
The GlobalPlatform Device API Access Control v1.0 defines a generic mechanism that enables MNOs to access sensitive APIs in a mobile device OS based on authorization rules pre-stored in a SIM card (Secure Element). Once inserted or active in the mobile device, the MNO applications are authorized to access specific sensitive APIs on the device.
This specification is intended primarily for SIM card manufacturers, handset manufacturers, and MNOs. This version supports device applications running in the rich execution environment, including Android environments.
Gil concludes: “Establishing a device trust architecture that is accessible to authorized parties is critical if the functionality of a mobile device is to achieve its potential. To realize this, collaboration across stakeholders is essential. The publication of this specification is just one example of the work GlobalPlatform is doing to promote collaboration and open ecosystems where digital services and devices can be managed securely, while bringing efficiencies to stakeholders.”
“MNOs want access to mobile device parameters to ensure customers are receiving the best possible service,” explains Gil Bernabeu, GlobalPlatform’s Technical Director. “These low-level services are used to adapt device parameters to the MNO network capabilities. At present, it is expensive and timely to customize each device OS to enable individual MNOs to access sensitive APIs.”
The GlobalPlatform Device API Access Control v1.0 defines a generic mechanism that enables MNOs to access sensitive APIs in a mobile device OS based on authorization rules pre-stored in a SIM card (Secure Element). Once inserted or active in the mobile device, the MNO applications are authorized to access specific sensitive APIs on the device.
This specification is intended primarily for SIM card manufacturers, handset manufacturers, and MNOs. This version supports device applications running in the rich execution environment, including Android environments.
Gil concludes: “Establishing a device trust architecture that is accessible to authorized parties is critical if the functionality of a mobile device is to achieve its potential. To realize this, collaboration across stakeholders is essential. The publication of this specification is just one example of the work GlobalPlatform is doing to promote collaboration and open ecosystems where digital services and devices can be managed securely, while bringing efficiencies to stakeholders.”
Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.
MEMBERS GET ACCESS TO
- - Exclusive content from leaders in the industry
- - Q&A articles from industry leaders
- - Tips and tricks from the most successful developers weekly
- - Monthly issues, including all 90+ back-issues since 2012
- - Event discounts and early-bird signups
- - Gain insight from top achievers in the app store
- - Learn what tools to use, what SDK's to use, and more
Subscribe here