The role of secure memory in a trusted execution environment
By Venkat Natarajan, Spansion Inc.
December 19, 2007 -- mobilehandsetdesignline.com
Today's mobile phones are used for a myriad of new applications that involve storing sensitive data and providing such secure services as mobile payments. With phones storing more critical information than ever before, it is increasingly important to keep them safe from rogue software that can steal or abuse credit card numbers or encryption keys associated with valuable digital content.
Mobile phones require a trusted execution environment (EE) to guarantee that sensitive data is stored and processed without abuse. A trusted EE is a computing environment where execution takes place as expected. The Trusted Computing Group (TCG) uses the notion of behavioral reputation when it refers to "trusted computing" in its documents Trusted behavior is an essential element of security since it allows one to reason about the behavior of an EE with confidence, which in turn allows one to analyze the security aspects of the environment. Having a complete understanding of how to create and maintain a trusted EE will help make mobile phone applications like mobile payment more secure. Once customers, banks and businesses can fully trust that these applications are protected, adoption will increase.1
In the book "Security for Mobility," Chris J. Mitchell refers to the following as the main security services related to mobile computing: authentication, data integrity, data confidentiality and non-repudiation2. This paper will show how secure memory plays a critical role in offering these services as part of a trusted EE, including rich access control mechanism that supports multiple stakeholders.
December 19, 2007 -- mobilehandsetdesignline.com
Today's mobile phones are used for a myriad of new applications that involve storing sensitive data and providing such secure services as mobile payments. With phones storing more critical information than ever before, it is increasingly important to keep them safe from rogue software that can steal or abuse credit card numbers or encryption keys associated with valuable digital content.
Mobile phones require a trusted execution environment (EE) to guarantee that sensitive data is stored and processed without abuse. A trusted EE is a computing environment where execution takes place as expected. The Trusted Computing Group (TCG) uses the notion of behavioral reputation when it refers to "trusted computing" in its documents Trusted behavior is an essential element of security since it allows one to reason about the behavior of an EE with confidence, which in turn allows one to analyze the security aspects of the environment. Having a complete understanding of how to create and maintain a trusted EE will help make mobile phone applications like mobile payment more secure. Once customers, banks and businesses can fully trust that these applications are protected, adoption will increase.1
In the book "Security for Mobility," Chris J. Mitchell refers to the following as the main security services related to mobile computing: authentication, data integrity, data confidentiality and non-repudiation2. This paper will show how secure memory plays a critical role in offering these services as part of a trusted EE, including rich access control mechanism that supports multiple stakeholders.
To read the full article, click here
Related Semiconductor IP
- Chiplet Die-to-Die Interconnect IP Solution
- High speed MACsec Engine 100G/200G/400G/800G/1.6T
- Temperature/Voltage sensors
- AMBA Bus Host to eSPI Controller/Target
- AMBA Bus Host to eSPI Controller
Related Articles
- Secure Virtualization as an Enabler of Trusted Execution Environments in Embedded Computing
- Anti-fuse memory provides robust, secure NVM option
- Reconfiguring Design -> Development environment crucial for PLD-based processors
- Custom processors rev Java execution
Latest Articles
- ZK-Flex: A Flexible and Scalable Framework for Accelerating Zero-Knowledge Proofs
- ITP-STDP: An Intrinsic-Timing Power-of-Two Learning Engine for On-Chip SNN Training
- OpenEye: A Scalable Open-Source Hardware Accelerator for DNNs
- CHIMERA: A Flexible and Scalable 3.1 TOPS/W AI-MCU with Transformer Accelerator and 563 Gb/s Shared-L2 Memory Subsystem with QoS Guarantees
- CXL-ClusterSim: Modeling CXL-based Disaggregated Memory Cluster for Pooling and Sharing using gem5 and SST