Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
Wird geladen in …3
×
1 von 32

ARM: Trusted Zone on Android

7

Teilen

Herunterladen, um offline zu lesen

Introduce TEE of ARM's TrustedZone on Android

Ähnliche Bücher

Kostenlos mit einer 30-tägigen Testversion von Scribd

Alle anzeigen

Ähnliche Hörbücher

Kostenlos mit einer 30-tägigen Testversion von Scribd

Alle anzeigen

ARM: Trusted Zone on Android

  1. 1. Trusted Zone In Trusted Execution Environment (TEE) 2012/10/17 John
  2. 2. Preface As the mobile market matures and expands, an increasing number of security concerns demand attention. With end-users using their smart-phone for a variety of “lifestyle” applications, there is a proliferation of security needs that result from the use of an open environment. Content protection, corporate environments, connectivity, and the rise of financial transactions in the mobile market exacerbate these security concerns, which are relevant not just to the end- user. Service providers, mobile network operators, OS and application developers, device manufacturers, platform providers, and silicon vendors are all key stakeholders in this market—and thus have a vested interest in seeing proper security implemented.
  3. 3. Trusted Execution Environment(TEE) GlobalPlatform, the organization which standardizes the management of applications on secure chip technology, has published a white paper that outlines the benefits of introducing and standardizing the Trusted Execution Environment (TEE) in mobile devices. Trusted Zone(TZ) The security technology from ARM that enables the construction of a Normal world and a Secure world. Trusted Foundation(TF) Trusted Foundations is the leading and proven Trusted Execution Environment (TEE), which protects any application or service through hardware- based security by Trusted Logic Mobility.
  4. 4. Overview TrustZone® to separate the “Secure World” from the “Normal World”: ● The Secure World contains the Trusted Execution Environment that runs Secure Services; ● The Normal World runs Client Applications that access the secure services. The product includes built-in services that provide off-the-shelf security functionality, such as secure data storage and a cryptographic provider. The product also allows deployment of custom services, which can, for example, implement the heart of a Digital Rights Management scheme.
  5. 5. Overview
  6. 6. Overview
  7. 7. Overview
  8. 8. Boot Process For the overall security of the device, it is important that the device implements a Secure Boot process and that the debug interface is controlled. This usually implies that the OEM: ● burns some key and other ids during the device manufactory, ● signs the bootloader and the Trusted Foundations image with a secure boot key, ● disables the JTag interface. This list is not exhaustive; the OEM should contact Nvidia for further details on how to enable the Secure Boot proce ss and how to configure the hardware at the manufactory to reach the appropriate security level.
  9. 9. Boot Process
  10. 10. Building Secure Service
  11. 11. Building Secure Service
  12. 12. Building Secure Service
  13. 13. Integration into normal world OS
  14. 14. Texas Instruments - M-Shield Mobile Security Technology
  15. 15. Texas Instruments - M-Shield Mobile Security Technology
  16. 16. Nvidia - Tegra TEE
  17. 17. Nvidia - Tegra TEE
  18. 18. Qualcomm - SecureMSM Qualcomm SnapDragon™ provides a fully certifiable security on basis of the ARM® TrustZone® technology.
  19. 19. Example, Netflix Netflix revolutionizes the way people watch TV shows and movies With more than 27 million streaming members in the United States, Canada, Latin America, the United Kingdom, Ireland and the Nordics, Netflix, Inc. (NASDAQ: NFLX) is the world's leading internet subscription service for enjoying movies and TV programs. For one low monthly price, Netflix members can instantly watch movies and TV programs streamed over the internet to PCs, Macs and TVs. Among the large and expanding base of devices streaming from Netflix are the Microsoft Xbox 360, Nintendo Wii and Sony PS3 consoles; an array of Blu-ray disc players, internet-connected TVs, home theatre systems, digital video recorders and internet video players; Apple iPhone, iPad and iPod touch, as well as Apple TV and Google TV. In all, over 800 devices that stream from Netflix are available.
  20. 20. Example, Netflix
  21. 21. Example, Netflix
  22. 22. Example, Netflix
  23. 23. Example, Netflix
  24. 24. Example, Netflix
  25. 25. Example, Netflix
  26. 26. Example, Netflix
  27. 27. Example, Netflix
  28. 28. Example, Netflix
  29. 29. Example, Netflix
  30. 30. Example, Netflix
  31. 31. Example, Netflix

×