- A world first: Operating system kernel protects confidential documents
- Telekom relies on German innovation for security
- Latest-generation "Merkel phone" is based on Samsung Galaxy S3
Deutsche Telekom’s SiMKo 3 security smartphone has successfully withstood testing by the German Federal Office for Information Security (BSI). This latest generation high-security cell phone, affectionately known as the "Merkel phone" after the German Chancellor, has officially obtained approval for security level VS-NfD (classified information for business use only). Members of the federal govern-ment and employees of ministries and federal authorities will therefore for the first time have access to a mobile device that incorporates the newly developed L4 high-security microkernel as its operating system for transmitting classified information. The microkernel contains just 10,000 lines of program code in contrast to standard commercially available smartphones, which use millions of lines of code. Stephan Maihoff, who is responsible for SiMKo at Telekom, points out that "It is practically impossible to test such large operating systems which are also constantly being modified by subsequent development work. You cannot exclude the possibility of back doors. To counter the risk of hacking, we use a transparent kernel that leaves no hiding places for surprises and offers security from the inside out." The microkernel and security technology are made in Germany. Telekom exclusively uses companies based in Germany for the SiMKo 3's kernel and security technology. Certgate crypto cards are used and NCP ensures encrypted connections, both firms are based in Nuremberg. The L4 microkernel system was jointly developed by Dresden Technical University, Dresden start-up Kernkonzept, Telekom Innovation Laboratories and Berlin start-up Trust2Core. Samsung intends to push ahead with secure telephony and surfing. It was only possible to implement the kernel as a result of particularly close cooperation with Samsung. "Thanks to extensive cooperation between the SiMKo 3 project team and our development department, together we have managed to bring a high-security smartphone based on the GALAXY S3 to market. Customers who have exacting security requirements can now use one of the most successful smartphones in Germany as a mobile work device," says Dongmin Kim, President of Samsung Electronics Germany. "As the market leader, we are committed to taking secure telephony and data transmission forward." L4 kernel makes two devices in one case possible - but keeps them strictly separate. The sophisticated security technology in the new SiMKo is already up and running as soon as the smartphone is switched on and boots up. The L4 kernel immediately takes over complete control of the device and only permits operations that are secure. Another new feature of the SiMKo is the fact that it combines a secure device and an open device in one case. By simply swiping the screen, the user can toggle between secure and open operating modes in order to switch from composing a confidential message to obtaining train or flight information for instance. The L4 kernel makes sure that the open part of the smartphone does not pose a security risk. It makes it possible for the SiMKo 3 to run two separate operating systems that behave like two completely independent devices. Data on the open and on the secure side are strictly segregated thanks to the high level of isolation ensured by the microkernel. The user can install applications for both the open and the secure area. Programs can either be downloaded from a specially protected Telekom app store or from the customer's own servers. Encrypted phone calls, remote deletion. The SiMKo 3 is not only designed to handle data applications such as e-mail, calendar, contacts and tasks. It can be used out of the box as a tap-proof crypto phone which will in future offer encrypted phone calls based on Voice over IP using highly secure encryption methods. In addition, development of the government's official SNS Standard (Secure Multi-Network Voice Communication) will be completed in the next few months. If a device is lost, nobody can see what is stored in it. The Certgate crypto card takes care of user authentication and encrypts all data on the device. In addition, the content of the device can be deleted remotely. Further development - SiMKo with LTE, tablets and notebooks. The new SiMKo 3 is available right now and costs EUR 1,700 with a two-year contract. Telekom is already working on a SiMKo product range that includes tablets and notebooks for working from home. A SiMKo 3 model that supports the high-speed LTE wireless standard is coming soon. Telekom's SiMKo devices are aimed at both the public sector and industry. Almost 90 percent of all companies equip their staff with mobile devices so that they can access corporate data from anywhere. However, many companies do not secure mobile data access adequately. If sensitive corporate data falls into the wrong hands this can have serious economic consequences as well as raising personal liability issues. Mobile networks experience 30,000 attacks a month. In 2012, Telekom's IT security experts logged 30,000 attacks against mobile networks every month on average, with the preferred means of attack via mobile devices. Hackers are becoming ever more systematic in their methods. Instead of generally watching for the weak points of smartphones and tablets, as was normal in the past, attackers now try to selectively read entire address books via mobile devices with the aim of stealing data or uploading a malware code in order to misuse the devices for their own purposes without being noticed.
About Deutsche Telekom Deutsche Telekom is one of the world’s leading integrated telecommunications companies with more than 131 million mobile customers, 33 million fixed-network lines and over 17 million broadband lines (as of September 30, 2012). The Group provides fixed-network, mobile communications, Internet and IPTV products and services for consumers, and ICT solutions for business and corporate customers. Deutsche Telekom is present in some 50 countries and has over 230,000 employees worldwide. The Group generated revenue of EUR 58.7 billion in the 2011 financial year - over half of it outside Germany (as of December 31, 2011). About T-Systems Drawing on a global infrastructure of data centers and networks, T-Systems operates information and communication technology (ICT) systems for multinational corporations and public sector institutions. On this basis, Deutsche Telekom’s corporate customers unit provides integrated solutions for the networked future of business and society. Some 48,200 employees at T-Systems combine industry expertise with ICT innovations to add significant value to customers’ core business all over the world. The corporate customers unit generated revenue of around EUR 9.2 billion in the 2011 financial year. About Samsung Electronics Samsung Electronics Co., Ltd. is a global leader in technology, opening up new possibilities for people everywhere. Through relentless innovation and discovery, we are transforming the worlds of televisions, smartphones, personal computers, printers, cameras, home appliances, LTE systems, through to medical devices, semiconductors and LED solutions. We employ 236,000 people across 79 countries with annual sales of US$187.8 billion. To discover more, please visit http://www.samsung.com About certgate GmbH Certgate supplies security solutions for mobile devices. The company has specialized in smartcard-based technology since 2008. Our young team in Nuremberg is at the forefront of innovation in mobile IT security. Certgate developed and patented the first smartcard in microSD format. Our cooperation with international partners including integrators, mobile communication specialists and application providers has produced products and solutions such as the "Merkel phone". These Certgate products support customers' mobility strategies all over the world. For more information, visit: www.certgate.com About Kernkonzept L4Re from Kernkonzept is an operating system platform that allows systems to be flexibly constructed and on which several applications can run simultaneously with different security or real-time requirements. L4Re was originally developed at Dresden Technical University and has undergone continuous enhancement since 1997. It comprises a secure L4 microkernel, a programming and runtime environment for native L4 applications and L4Linux, a paravirtualized Linux kernel. Kernkonzept, founded by L4Re system architects in Dresden in April 2012, focuses on enhancing the system platform and advises customers who wish to implement this in their own products. More information: www.kernkonzept.com About Dresden Technical University TU Dresden, a university of excellence since 2012, is one of the top universities in Germany and Europe. It is strong on research, first-class in diversity and the quality of study programs and has close ties to culture, the economy and society. Its operating system research group is doing pioneering work in the research and development of L4 microkernels. Their groundbreaking contributions include the initial implementation of an L4 kernel in a high-level language, its initial use with a paravirtualized Linux kernel and several prototypes for systems with small trusted computing bases for use in highly secure systems. About NCP In most IT departments, remote access to central data bases and company resources is still top of the agenda. The market offers a huge variety of remote access solutions, with each solution reflecting the strategical orientation of its producer. NCP designs its products only according to the wishes of customers, the usability of the solution, its compatibility and the profitability of all remote access components in a Virtual Private Network (VPN). Our passion is to develop universally applicable software components that allow for highly secure integration of mobile and stationary telework terminals into a central data network. Numerous national and international reference projects, awards and case studies underpin our expertise in remote access. For this, NCP provides everything from one source with its next generation network access technology. About Telekom Innovation Laboratories Telekom Laboratories (T-Labs) is the central research and innovation (R&I) unit of Deutsche Telekom. In terms of organization, they are the responsibility of the Chief Product and Innovation Officer. The business mandate of the T-Labs is to work closely with Deutsche Telekom’s operational units to deliver new ideas and provide support when it comes to developing and rolling out innovative products, services and infrastructures in our growth areas. With sites in Berlin, Darmstadt, Bonn, Beer Sheva and Tel Aviv (Israel), and Mountain View (United States), T-Labs’ focus is on medium-term projects and on technologies that have convincing USPs and generate new business for Deutsche Telekom. Around 360 experts, researchers in a variety of disciplines from more than 25 nations, and young entrepreneurs work here side by side. About Trust2Core GmbH Trust2Core GmbH was founded in June 2012 as a technology spin-off of Deutsche Telekom AG. Our Milos product implements secure software systems on standard hardware from the consumer market. Milos is a microkernel-based multi-OS platform which uses highly advanced virtualization technologies. Our specific expertise in the configuration of such systems enables our customers to meet all security requirements ranging from private to highly secure levels. We port our security architecture to a wide portfolio of current devices made by renowned manufacturers and are able to address diverse use cases such as devices for secure mobile communications, corporate devices and mobile payment terminals.