Skip to main content

Trusted Execution Environment Protocol

This talk explains the concept of TrustZone (as one example of a widely deployed technology offering sandboxing) and the Open Trust Protocol.

Chips used on smart phones, tablets, and many consumer appliances today have built-in support for a so-called Trusted Execution Environment (TEE). The Tis a security concept that separates normal operating systems, like Linux, from code that requires higher security protection, like security-related code. The underlying idea of this sandboxing approach is to have a smaller codebase that is better reviewed and test and to provide it with more rights. They run on the so-called Secure World (in comparison to the Linux operating system that would run in the Normal World).

TEEs have been on the market for a while and have been successfully used for a number of applications, such as payment. However, the technology hasn't reached its full potential the market is quite fragmented with vendors offering a larger number of real-time operating systems running in a TEE.

With the Open Trust Protocol we have been trying to develop an application layer security protocol that allows the management (install, update, delete) of trusted applications running on the TEE.