Chips used on smart phones, tablets, and many consumer appliances today have built-in support for a so-called Trusted Execution Environment (TEE). The Tis a security concept that separates normal operating systems, like Linux, from code that requires higher security protection, like security-related code. The underlying idea of this sandboxing approach is to have a smaller codebase that is better reviewed and test and to provide it with more rights. They run on the so-called Secure World (in comparison to the Linux operating system that would run in the Normal World).

TEEs have been on the market for a while and have been successfully used for a number of applications, such as payment. However, the technology hasn't reached its full potential the market is quite fragmented with vendors offering a larger number of real-time operating systems running in a TEE.

With the Open Trust Protocol we have been trying to develop an application layer security protocol that allows the management (install, update, delete) of trusted applications running on the TEE.

In this talk we will explain the concept of TrustZone (as one example of a widely deployed technology offering sandboxing) and the Open Trust Protocol.