CO-TSM: A Flexible Model for Secure Embedded Device Ownership and Management

Abstract

Highlights: What are the main findings? CO-TSM enables decentralised application management across smart cards, embedded devices, HCE-TEE smartphones, IoT devices, and RFID-enabled supply chains. The model enhances security through continuous evaluation and remote attestation while empowering users with greater device control. What is the implication of the main finding? CO-TSM can revolutionize secure embedded device management by addressing market fragmentation and interoperability challenges. Its adoption could lead to more flexible, scalable, and user-centric approaches in managing secure applications across industries. The Consumer-Oriented Trusted Service Manager (CO-TSM) model has been recognised as a significant advancement in managing applications on Near Field Communication (NFC)-enabled mobile devices and multi-application smart cards. Traditional Trusted Service Manager (TSM) models, while useful, often result in market fragmentation and limit widespread adoption due to their centralised control mechanisms. The CO-TSM model addresses these issues by decentralising management and offering greater flexibility and scalability, making it more adaptable to the evolving needs of embedded systems, particularly in the context of the Internet of Things (IoT) and Radio Frequency Identification (RFID) technologies. This paper provides a comprehensive analysis of the CO-TSM model, highlighting its application in various technological domains such as smart cards, HCE-based NFC mobile phones, TEE-enabled smart home IoT devices, and RFID-based smart supply chains. By evaluating the CO-TSM model’s architecture, implementation challenges, and practical deployment scenarios, this paper demonstrates how CO-TSM can overcome the limitations of traditional TSM approaches. The case studies presented offer practical insights into the model’s adaptability and effectiveness in real-world scenarios. Through this examination, the paper aims to underscore the CO-TSM model’s role in enhancing scalability, flexibility, and user autonomy in secure embedded device management, while also identifying areas for future research and development.