Karl Weaver of Rivetz spoke about provable cybersecurity using blockchain and trusted computing at CES Asia in Beijing at the end of June.

1. Rivetz – A Block Chain Smartphone’s
Secret Sauce
Provable Cybersecurity with Block Chain
and Trusted Computing
Karl J. Weaver 魏卡爾

2. What is Rivetz Security Architecture all about?
• Rivetz Developer Tools – already built for TEE usage with ARM’s Trustzone and
all Global Platform compliant secure architectures.
• Rivetz delivers 3rd party digital asset protection services for multiple assets,
including a user’s bitcoin wallet with backup/restore, authentication services
across devices.
• We are pioneering the concept of Dual independent Roots of Trust per mobile
device with dual private key verification, authentication, attestation and
encryption processes utilizing our Rivetz Trusted Applications combining the
TEE and uSIM/eSIM security.
• We will Ensure the quality of your transactions, and help manage your assets
across your collection of Smart & Connected Mobile Devices

3. eUICC OS designed, embedded into Device Hardware
eUICC OS directly
embedded into
baseband chip, like
Qualcomm SPU, like
inSE
eSIM OS embedded
into M2M eUICC card
eSIM OS embedded into
eUICC SIM Module(MFF2)
UICC OS soft SIM
embedded into the TEE
+ ARM Trustzone
eSIM OS as soft
SIM using TEE to
port into ARM
Trustzone for
Tamper Resistant
Security
The term iUICC is a
new term for
embedding an
eUICC directly into
a mobile Apps
Processor chip in a
security container
NFC Controller chip
CLF with embedded
SE & eSIM Plug-in
Virtual

4. The Rivetz
Network
Registry &
Notary
Services
Collections
Management
Attestation &
Policy
Control
Confirm
Services
Migration
&
Recovery
Digital Asset
Management
Digital
Asset
Escrow
Threat
Detection and
Remediation
Identity
Services
Rivetz
Registrar
Utility Token
Services
Cyber
Deadbolt
Social Security
These are all the services that the
Rivetz toolkit natively supports.
Rivetz registrar is the TAM for all the
Rivetz network, trusted services
manager, trusted application
manager,
We want to put 3rd party services like
someone’s bitcoin wallet to help
backup/restore, authentication
services across devices,

5. • The Rivetz Toolkit is the collection of software, documentation, and support
which allows access to the Rivetz Network in mobile, desktop, and IoT
applications
• The Rivetz Toolkit enables trusted processing for device applications
• A special combination of hardware/firmware/software is used to create a protected environment for the
storage and use of hardened digital assets
• Access, Usage, and Recovery policies can be individually applied to these assets
• The V1.0 Rivetz Toolkit enables access to the Rivetz Registrar and the Rivetz Network Attestor
• Device Registration
• Service Provider Registration
• HDAs with {Policy}
• Device quality (health) metrics can be collected
• Changes to the device state can deny access to sensitive material
• Permits immutable device Wellness information to be recorded on the blockchain, alongside the actual
transaction
Rivetz Corp Developer Tool Kit

6. Decentralized Security
• Enabling a new model of shared control
• Reduce single points of failure
• Increase systems trust
• Enable new control models
• Reduce single vendor risk for critical systems

7. Introducing Dual Roots of trust
• An application for Sim / eSIM/eUICC and TEE
• Tee + eSIM provide advanced encryption and authentication
• Dual supply chains for key management
• Isolated roots of trust
• Bi-directional attestation

9. Shared control
• Trusted App in TEE
• Provides full attestation and key
management
• Provisioned through device enabled
trust network
• Applet in SIM/Esim
• Provides full attestation and key
management
• Provisioned through MNO trust
network
TEE
Rivet TA
Device Application
½ secret
APPLET
Rivetz
Applet
½ secret
SIM/UICC
APPLET
eSIM/eUICC
½ secret

10. TEE& uSIM/eSIM opportunitiesShared control
• Trusted App in TEE
• Provides full attestation and key
management
• Provisioned through device enabled
trust network
• Applet in SIM/Esim
• Provides full attestation and key
management
• Provisioned through MNO trust
network
TEE
Rivet TA
Device Application
½ secret
APPLET
Rivetz
Applet
½ secret
SIM/UICC
APPLET
eSIM/eUICC
½ secret

11. Decentralized Security applications
• State of the art protection for
• Identity
• Blockchain applications
• Messaging
• IoT
• Enterprise
• Multiple trust authorities assure provable trust
• Enable strong GDPR controls
• Dramatically reduce the risk of supply chain failure
• Achieve higher assurance and certification levels

12. Blockchain delivered controls
• Enable decentralized controls for multiple
service providers
• Enable Supply chain reference measurements
• Enhance application operations and controls
• Reduce MNO Risk exposure
• Deliver new revenue streams and use cases
• Assured logging and controls from multiple
services and trust systems

13. The Rivetz Network provides:
• Device and Service Provider Registration
• Device Identity and Device Collections
• Hardened Digital Asset Protection
• Transaction Ledgering & Notary
• Device Health/Wellness
• Threat Detection and Remediation
• HDA backup/recovery/migration
• HDA escrow
The Rivetz Network intends to support a variety of trustworthy execution
technologies in the support of Hardened Digital Asset management:
• GP Compliant Trusted Execution Environments (TEE)
• Intel Software Guard Extensions (SGX)
• AMD Secure Encrypted Virtualization (SEV)
• Subscriber Identity Modules (SIM)
• Secure Elements (SE)
• Secure OS (Integrity, LynxSecure, etc)
• Software Obfuscation
• other native platform enclaves
The Rivetz Network offers a variety of RvT (token) usage models:
• Per Event
• Per Device
• Per Collection
• Per Enterprise
The Rivetz Network
APPLET
SIM/UICC
Secure
Element

14. Telefónica & Rivetz Collaborate on
Decentralized Security for Mobile Users
• RICHMOND, Mass., May 10, 2018 /PRNewswire/ -- Rivetz
Corp. and Telefónica today announced an agreement to
collaborate on the development of advanced mobile security
protocols for blockchain transactions and messaging. The
solution expects to leverage dual encryption, supporting
both the Trusted Execution Environment embedded by
multiple device manufacturers and the advanced encryption
on SIMs deployed by Telefónica.
• Rivetz Corp – www.rivetz.com

15. Karl J. Weaver 魏卡爾
OEM Biz Dev Director - China/Asia-Pacific Region
Rivetz Corp www.rivetz.com 电子邮件 : kweaver@rivetz.com 微信手机号码： +1-425-647-9315
Karl J. Weaver is a wireless and mobile device ecosystem specialist in the Smart Card sector of the wireless industry.
Karl is China/Asia-Pacific Business Development Director for Rivetz Corp to provide embedded mobile device
security of Smartphones for the Block Chain using Rivetz developer tools for the TEE. He recently worked as OEM
Biz Dev Director at ARM /Simulity Labs for design-in of eSIM and iSIM for On-Demand Connectivity (RSP) solutions
for IoT, M2M and Wearables smart and connected device manufacturers. Simulity was bought by ARM last July,
2017. Karl also spent 5 years working in China for Gemalto (and Trustonic) as Rainmaker for design in of embedded
Mobile NFC Payments & TEE security technologies to the OEM Smartphone/Tablet PC ecosystem. He is a Globally-
trained, bilingual Mandarin Chinese speaking senior mobility executive with vast experience selling wireless &
mobile device technologies from both sides of the Pacific Rim to the global OEM/ODM handset/tablet PC ecosystem
supply chain. He possess a B.S degree in Business Management from Salve Regina University, Certification in
Mandarin Chinese Language, Customs and Culture from National Taiwan Normal University – Mandarin Training
Center and Certification in Broadband wireless communications from University of Washington (Seattle). Many
presentations on Smartphone technologies can be viewed on You Tube, Youku and Tudou video streaming web sites
在优酷网站查询魏卡尔，谢了！