298
edits
RidgeRun Platform Security Manual/Platform Security/TEE: Difference between revisions
RidgeRun Platform Security Manual/Platform Security/TEE (view source)
Revision as of 22:49, 7 March 2025
, 7 Marchno edit summary
No edit summary |
No edit summary |
||
| Line 12: | Line 12: | ||
Applications that reside inside of a TEE are known as Trusted Applications or TAs. They are considered secure since they are encrypted to the outside world. This means that data handled by a TA can only be accessed by certain components of the system so data processed by a TA can not be manipulated or altered. | Applications that reside inside of a TEE are known as Trusted Applications or TAs. They are considered secure since they are encrypted to the outside world. This means that data handled by a TA can only be accessed by certain components of the system so data processed by a TA can not be manipulated or altered. | ||
TEE often relies in a hardware isolation mechanism to achieve the separation of the secure and non-secure worlds. TEE implementations in embedded systems are usually based on the [https://www.arm.com/technologies/trustzone-for-cortex-a | TEE often relies in a hardware isolation mechanism to achieve the separation of the secure and non-secure worlds. TEE implementations in embedded systems are usually based on the [https://www.arm.com/technologies/trustzone-for-cortex-a ARM TrustZone] technology as it provide a low cost and efficient alternative to having a dedicated security core in an SoC. This technology works by having two virtual processors and hardware based access control, which allows having two "worlds", a secure world and a non-secure world. This two worlds operate independently and leaking of data from one world to the other is prevented. | ||
An example of a TEE implementation base on the ARM TrustZone techonology is [https://www.trustedfirmware.org/projects/op-tee/ OP-TEE]. This open source implementation is used by several embedded platforms such as NVIDIA Jetson | |||
<noinclude> | <noinclude> | ||