• Home

  • Documents

  • Supporting the use of the Trusted Execution Environment (TEE)
7
Supporting the use of the Trusted Execution Environment (TEE) Kevin Gillick Executive Director, GlobalPlatform SCA 2012 Payments Summit 9 February 2012 Salt Lake City, Utah, USA

Supporting the use of the Trusted Execution Environment (TEE)

  • Upload
    others

  • View
    3

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Supporting the use of the Trusted Execution Environment (TEE)

Supporting the use of the Trusted Execution Environment (TEE)

Kevin Gillick Executive Director, GlobalPlatform SCA 2012 Payments Summit 9 February 2012 Salt Lake City, Utah, USA

Page 2: Supporting the use of the Trusted Execution Environment (TEE)

GlobalPlatform Positioning

Across several market sectors and in converging sectors

GlobalPlatform is the standard for managing applications on secure chip technology

Trusted Execution

Environment

Secure Element

AND

Page 3: Supporting the use of the Trusted Execution Environment (TEE)

What is a TEE?

•  TEE provides hardware-based isolation from rich operating systems (OS) such as Android, Windows Phone and Symbian

•  TEE runs on the main device chipset

•  TEE has privileged access to device resources (user interface, crypto accelerators, secure elements…).

3

Hardware Platform

Rich OS Application Environment

Rich OS

Trusted Execution Environment

Trusted CoreEnvironment

GlobalPlatformTEEInternalAPI

TrustedFunctions

Payment Corporate

Client Applications

TrustedApplication

DRM

TrustedApplication

Payment

TrustedApplicationCorporate

HW Secure Resources

GlobalPlatformTEE Internal

TEE Kernel

APIGlobalPlatform TEE Client API

Open to malware and rooting / jail breaking

Isolation of sensitive assets

Page 4: Supporting the use of the Trusted Execution Environment (TEE)

Why do we need a TEE?

4

•  More mobile services are emerging that require a greater level of security •  With more users, there is a greater need for protection from malware / viruses

Page 5: Supporting the use of the Trusted Execution Environment (TEE)

TEE Use Cases

5

Content Protection

•  IP streaming

•  DRM…

•  Key protection

•  Content protection

Mobile Financial Services

•  mBanking

•  Online payment…

•  User authentication

•  Transaction validation

Corporate

•  Secure networking

•  Secure email

•  User authentication

•  Data encryption

Page 6: Supporting the use of the Trusted Execution Environment (TEE)

TEE Standardization Principles

•  Create a standardized ecosystem for the service provider, enabling them to develop and deploy across markets and across platforms

•  Offer standard interfaces that can be used across devices and when devices are changed

•  Technology agnostic

•  Resistant to local and remote attacks

6

Page 7: Supporting the use of the Trusted Execution Environment (TEE)

GlobalPlatform APIs for TEE

7

Hardware Platform

Rich OS Application Environment

Rich OS

GlobalPlatform TEE Client API

Trusted Execution Environment

Trusted Core Environment

GlobalPlatform TEE Internal API

Trusted Functions

Payment Corporate

GlobalPlatform TEE Functional API


ROTE: Rollback Protection for Trusted Execution

ROTE: Rollback Protection for Trusted Execution

Documents
Intel Trusted eXecution Technology

Intel Trusted eXecution Technology

Technology
HKG15-505: Power Management interactions with OP-TEE and Trusted Firmware

HKG15-505: Power Management interactions with OP-TEE and Trusted Firmware

Software
Intel Trusted Execution Technologie: cloudu...Intel Trusted Execution Technologie: Cesta k vyššímu zabezpečení dat v cloudu Cloud4com, a.s. October 2014 Secure compute platform

Intel Trusted Execution Technologie: cloudu...Intel Trusted Execution Technologie: Cesta k vyššímu zabezpečení dat v cloudu Cloud4com, a.s. October 2014 Secure compute platform

Documents
Information Flow Control for Distributed Trusted Execution

Information Flow Control for Distributed Trusted Execution

Documents
Trusted Execution Environments - asokan.org · Trusted Execution Environments Summer School, 2014 ... (MTM) Simple smart cards Java Card ... Dissertation, Aalto University

Trusted Execution Environments - asokan.org · Trusted Execution Environments Summer School, 2014 ... (MTM) Simple smart cards Java Card ... Dissertation, Aalto University

Documents
RECKITT BENCKISER (RB.L) TRUSTED BRANDS AND EXECUTION

RECKITT BENCKISER (RB.L) TRUSTED BRANDS AND EXECUTION

Documents
Intel Trusted Execution Technology White Paper

Intel Trusted Execution Technology White Paper

Documents
Confidential Computing: Hardware-Based Trusted Execution

Confidential Computing: Hardware-Based Trusted Execution

Documents
On-board Credentials with open provisioning · On-board user credentials: design goals •Credential programs can be executed securely • Use a trusted execution environment (TEE)

On-board Credentials with open provisioning · On-board user credentials: design goals •Credential programs can be executed securely • Use a trusted execution environment (TEE)

Documents
The Trusted Execution Environment - GlobalPlatform · 2018-04-17 · The Trusted Execution Environment (TEE) offers the best route to meeting these security objectives and simultaneously

The Trusted Execution Environment - GlobalPlatform · 2018-04-17 · The Trusted Execution Environment (TEE) offers the best route to meeting these security objectives and simultaneously

Documents
Survey on trusted execution environment (TEE)xli/presentations/tee.pdf · Root of trust The unattested data/code used to establish trust in other components Including initial state+code;

Survey on trusted execution environment (TEE)xli/presentations/tee.pdf · Root of trust The unattested data/code used to establish trust in other components Including initial state+code;

Documents
Trusted Execution Environment Provisioning (TEEP ... · Trusted Execution Environment Provisioning (TEEP) Architecture draft-ietf-teep-architecture-00.txt Abstract A Trusted Execution

Trusted Execution Environment Provisioning (TEEP ... · Trusted Execution Environment Provisioning (TEEP) Architecture draft-ietf-teep-architecture-00.txt Abstract A Trusted Execution

Documents
Intel Trusted Execution Technology (Intel TXT) · PDF fileDocument: 315168-014. Intel ® Trusted Execution Technology (Intel ® TXT) Software Development Guide . Measured Launched

Intel Trusted Execution Technology (Intel TXT) · PDF fileDocument: 315168-014. Intel ® Trusted Execution Technology (Intel ® TXT) Software Development Guide . Measured Launched

Documents
LCU14-103: How to create and run Trusted Applications on OP-TEE

LCU14-103: How to create and run Trusted Applications on OP-TEE

Software
TEE Management Framework: Open Trust Protocol (OTrP ... · 2 The GlobalPlatform TEE Management Framework (TMF) defines standard methods to administer a Trusted 3 Execution Environment

TEE Management Framework: Open Trust Protocol (OTrP ... · 2 The GlobalPlatform TEE Management Framework (TMF) defines standard methods to administer a Trusted 3 Execution Environment

Documents
Rapid AIX Security Hardening with Trusted Execution (TE) · PDF fileRapid AIX Security Hardening with Trusted Execution (TE) AIX schnell absichern mit Trusted Execution Andreas Leibl,

Rapid AIX Security Hardening with Trusted Execution (TE) · PDF fileRapid AIX Security Hardening with Trusted Execution (TE) AIX schnell absichern mit Trusted Execution Andreas Leibl,

Documents
Intel® Trusted Execution Technology: Software Development Guide

Intel® Trusted Execution Technology: Software Development Guide

Documents
The Untapped Potential of Trusted Execution Environments ... · Trusted Execution Environments on Mobile Devices ... – Mobile hardware security APIs ... The Untapped Potential of

The Untapped Potential of Trusted Execution Environments ... · Trusted Execution Environments on Mobile Devices ... – Mobile hardware security APIs ... The Untapped Potential of

Documents
Intel Trusted Execution Technologyclass.ece.iastate.edu/tyagi/cpre681/papers/iTXT31516804.pdf · Intel® Trusted Execution Technology Intel® Trusted Execution Technology - Preliminary

Intel Trusted Execution Technologyclass.ece.iastate.edu/tyagi/cpre681/papers/iTXT31516804.pdf · Intel® Trusted Execution Technology Intel® Trusted Execution Technology - Preliminary

Documents
Preliminary Study of Trusted Execution Environments on

Preliminary Study of Trusted Execution Environments on

Documents
FUMIYUK KATO, YANG CAO, and YOSHIKAWA MASATOSHI, … · 2021. 2. 16. · 111 PCT-TEE: Trajectory-based Private Contact Tracing System with Trusted Execution Environment FUMIYUK KATO,

FUMIYUK KATO, YANG CAO, and YOSHIKAWA MASATOSHI, … · 2021. 2. 16. · 111 PCT-TEE: Trajectory-based Private Contact Tracing System with Trusted Execution Environment FUMIYUK KATO,

Documents
Intel Trusted Execution Technology - Iowa State University

Intel Trusted Execution Technology - Iowa State University

Documents
Trusted Execution Environments · On-board Credentials First part Second part NIST. MOBILE HARDWARE SECURITY What constitutes a TEE? 10 1. Platform integrity 2. Secure storage 3

Trusted Execution Environments · On-board Credentials First part Second part NIST. MOBILE HARDWARE SECURITY What constitutes a TEE? 10 1. Platform integrity 2. Secure storage 3

Documents
SeCReT: Secure Channel between Rich Execution Environment ... · A Trusted Execution Environment (TEE) that is isolated from a Rich Execution Environment (REE) aims to protect assets

SeCReT: Secure Channel between Rich Execution Environment ... · A Trusted Execution Environment (TEE) that is isolated from a Rich Execution Environment (REE) aims to protect assets

Documents
Computing on Encrypted Data using Trusted Execution

Computing on Encrypted Data using Trusted Execution

Documents
The Untapped Potential of Trusted Execution Environments on Mobile Devices · Trusted Execution Environments on Mobile Devices ... – Mobile hardware security APIs ... The Untapped

The Untapped Potential of Trusted Execution Environments on Mobile Devices · Trusted Execution Environments on Mobile Devices ... – Mobile hardware security APIs ... The Untapped

Documents
Introduction to Trusted Execution Environments (TEE) – IY5606

Introduction to Trusted Execution Environments (TEE) – IY5606

Documents
A Method for Comparative Analysis of Trusted Execution

A Method for Comparative Analysis of Trusted Execution

Documents
TEE: A virtual DRTM based execution environment for secure cloud

TEE: A virtual DRTM based execution environment for secure cloud

Documents