jspωiki
Trusted Execution Environment

Overview#

Trusted Execution Environment is a secure area on any device that ensures that sensitive data is stored, processed and protected in a trusted environment.

Mobile Device #

Most Mobile Device specifications are driven by GlobalPlatform.

Trusted Execution Environment (TEE) is a secure area that resides in the main processor of a smartphone or any mobile device and ensures that sensitive data is stored, processed and protected in a trusted environment.

Trusted Execution Environment is defined in the Global Platform Specifications.

Trusted Execution Environment's ability to offer safe execution of authorized security software, known as 'trusted applications', enables it to provide end-to-end security by enforcing protection, Confidentiality, Integrity and data access rights.[1]

Trusted Execution Environment is an element within the Mobile Security Framework within a Mobile Device.

Trusted Execution Environment consists of software and hardware which offers a level of protection against software attacks, generated in the Rich Operating System environment.

Trusted Execution Environment assists in the control of access rights and houses sensitive applications, which need to be isolated from the Rich Operating System.

For example, Trusted Execution Environment is the ideal environment for content providers offering a video for a limited period of time that need to keep their premium content (e.g. HD video) secure so that it cannot be shared for free.

  • TPM (Trusted Platform Module) is a Piece of Hardware specifically created to do Crypto calculation with. It is physically isolated from the rest of the processing system and is almost always a separated IC on the mainboard to be so..
  • TEE ([{$pagename}]) is an area on a SOC that works like a TPM, but is not physically isolated from the rest of the chip.
  • SE (Secure Element) is a temper-resistant secrets store, much like a Smart Card or SIM-card. SE main purpose is to store cryptographic secrets in such a way that illicit use is hard or impossible to do. An example of this technology in major use is the EMV chip on payment cards.
When comparing the definitions that these 3 items are different, but share a common goal. The difference between a TPM and a TEE is mainly in how its implemented (purely Hardware or hard and software combo). The Secure Element has a different function that can be part of the function of a THM and/or a TEE, by being a 'safe' place to store cryptographic secrets.

Humor on Terms#

Is there ever a NOT Trusted Execution Environment?

Would anyone use an Operating System that was NOT Trusted?

More Information#

There might be more information for this subject on one of the following: