Creating a security baseline for connected devices
In one of our previous blog posts we introduced Trusted Execution Environment (TEE) technology and described its applications. Here, we further explore TEE technology, examine how it can be used to secure mobile applications, and highlight how the GlobalPlatform Security Certification Scheme will help the ecosystem.
The main advantage of TEE technology is that it allows Trusted Applications (TAs) to use the full power of the device CPU within a secure processing environment that has exclusive access to privileged system resources. TEE protects each TA from other applications, and isolates their data. We can summarise the key features of the TEE as follows:
- Secure consumer interactions – Through specific secure drivers, the TEE secures the physical user interactions and securely transfers them to the confines of a secure environment for processing. This protects TAs from malware spying on user interactions. This is a very impactful feature that closes a major security gap
- A secure environment to execute protected applications (‘Trusted Applications’ or TAs) and store their data – Only authorized applications running within the ‘standard’ mobile OS environment can interact with TAs under strict security rules implemented by a specific set of APIs.
- Secure communication with Service Providers – TEE technology can secure the end point of a service by leveraging the cryptographic capabilities of the TEE, establishing a secure communication path tunnel from the TA to the Service provider.
TEE technology can create a secure communication tunnel between the user and Service provider. It can be used to authenticate a user to their device and secure the communication path to a Service provider. Other technologies are capable of delivering this functionality but such a feature has to be developed specifically for each service.
How can standardisation help?
Technology providers, such as Handset manufacturers, have already developed and deployed proprietary versions of TEE technology, resulting in each deployment supporting slightly different API functionality. This presents application developers with a significant challenge to overcome: each proprietary TEE solution requires a different version of the same application. In addition, the process for provisioning and managing applications on each TEE solution will be different as well. To address this, GlobalPlatform have defined:
- Technical specifications and APIs providing a common framework to deploy secure services.
- A functional compliance program to ensure each TEE implementation supports a minimum set of functions that can be commonly addressed.
- A security evaluation and a Common Criteria protection profile – Product vendors can now submit their solutions for a formal security evaluation at an independent lab providing assurance and confidence.
This approach aims at limiting market fragmentation, increasing stability and enhancing trust in the TEE ecosystem, a pre-requisite for this technology to become mainstream.
How does a TEE compare to software-based security and to “traditional” secure elements?
TEE technology provides a balance of performance and security. When comparing TEE against secure elements and software-only applications, it provides superior security than software-only applications but is not as secure as a secure element (SE) – in particular it is not tamper-proof. It provides a better user experience and processing performance than SE-based solutions – with which it can usefully be combined to keep the best of both worlds when it comes to security-critical applications. Finally, only the TEE allows secure access to user interaction points such as touchscreens or fingerprint sensors.
During our recent TEE Webinar, GlobalPlatform described how the TEE can be used to secure applications and devices, what security features the technology offers and how it can be certified.Back