Platform configuration register pcr a shielded location within a tpm containing a. Trusted mobile platform software architecture description rev 1. Introduction trusted mobile platform tmp is comprehensive endtoend security architecture for mobile wireless platforms. When creating a suitable platform for the convenience of your client. A mobile and portable trusted computing platform eurasip.
This document includes an overview of trustzone technology to give the necessary context. The goal of the tbsa is to create a platform that supports trusted services. This chapter introduces the software architecture of trusted mobile platform. Introduction the trusted mobile platform initiative defines a comprehensive endtoend security architecture for mobile wireless devices. Even in platform where we have software, there are the term platform, architecture, and framework used with slightly different meanings. Mx trust architecture protects assets of multiple stakeholders guards against sophisticated attacks assures software measures.
Trusted computing building blocks for embedded linux. The mechanism of establishing trust in a computing platform is tightly coupled with the characteristics of a specific machine. The mtpm architecture employs a virtual machine along with the tpm in the form of a portable device. Tcg specification architecture overview trusted computing group. The mechanism of establishing trust in a computing platform is tightly coupled. A contribution to the entire iot ecosystem, from chip designers and device developers to cloud and network infrastructure providers and software vendors.
This creates a chain of trust, which is a sophisticated form of auditing that allows verification that a platforms state is the anticipated state. In this paper, we allow scalability to an arbitrary number of trusted software modules, in. Sap mobile platform provides seamless endtoend authentication and security policy integration across the platform without proxies or intermediary configurations. Security architectures platform security architecture arm developer. Your mobile application architecture diagram should not be exposed to other. In response, the trusted computing platform alliance tcpa has delivered a complete specification for building trusted computing platforms atop trusted. The trust required by trusted mobile platform is established and the separated application execution environment is achieved by making effective use of the hardware features explained in chapter 2. Platform security architecture resources developer the platform security. Trusted execution environment tee technology enables modern devices to provide a massive range of functionality, while at the same time meeting the requirements of software developers and service providers who care about privacy, attestation, authentication, validation, manageability and all the other aspects of security. All trusted platforms rely upon roots of trust that record platform integrity metrics in platform configuration registers.
Mitigating threats to hadoop infrastructures using hardwareaccelerated encryption with tpmrooted key protection. Mobile device a physical entity encompassing all the hardware, firmware, software, and data necessary for it to function and provide services to an end user. This topic looks at the software architecture that is found in trustzone systems. The tccp guarantees the confidentiality and the integrity of a users vm, and allows a user to determine whether or. This is followed by an analysis of three mobile use cases of trusted computing, namely oma drm v2, simlock and software download, given in sections 8, 9 and 10, respectively. Those original documents are now hosted by the gsma. This limits the portability and mobility of trust as demanded by many emerging applications that go beyond the organizational boundaries. The trusted platform module tpm is a special purpose microcontroller designed by the trusted computing group, which interfaces with a standard hardwaresoftware platform in order to allow it to be secured to serve the interests of just one party the system designer.
Book description the book summarizes key concepts and theories in trusted computing, e. Back in the dawn of time well 2004, a group of people including myself got together at the behest of mobile network operators mno in an organisation called open mobile terminal platform omtp and defined the basic characteristics of a tee then called an ate. In addition, this mechanism contributes to a mobile virtual private network vpn for trusted mobile enterprise networking. But, i further dig the concept and add the term software before architecture. For mobile devices, mobile trusted module 6 refers to this secure hardware chip. Your basic guide to mobile app architecture intellectsoft. Handytrain mobile training platform pricing, features. Overview arm mobile studio mali texture compression tool opengl es.
This process is experimental and the keywords may be updated as the learning algorithm improves. The platform security architecture psa is made up of four key stages. A mobile and portable trusted computing platform springerlink. In 2018, intel opensourced its trusted platform module 2. Trusted platform module is an international standard for a secure cryptoprocessor, a dedicated. A detailed discussion of the arm trustzone features, including an description of the closedsource trustzone software stack developed by arm and and trusted logic is. However, while there are a growing number of softwarebased security approaches. In order to resolve these problems, we propose the mobile trusted platform module mtpm architecture. The trusted platform module explained cryptomathic.
Good platform architecture has four desirable properties. It consists of the hardware architecture, the software architecture, and the protocol specifications. Pdf trusted platforms to secure mobile cloud computing. The specifications include the psa security model psasm, trusted boot. Trusted cloud computing platform tccp that provides a closed box execution environment by extending the concept of trusted platform to an entire iaas backend.
Scalable architectural support for trusted software. As businesses stake their very existence on the internet, pcs, pdas, and other key computing platforms, the trustworthiness of these platforms has become a vital concern. Mxbased products rich, mobile, enduser, connected platforms increasingly valuable assets. Trusted platform module software provider isolation layer trust computing group direct anonymous attestation these keywords were added by machine and not by the authors.
Trusted platform module is the core component of tcg which is a consortium of companies. How are the secrets stored by the platform protected. Serve as a trusted advisor, drive conversations with our customers enterprise architects and business stakeholders armed with best practices for enterprise architecture functions such as security, performance, development process, and application governance. Through the collaboration of platform, software, and technology vendors develop a specification. Trusted mobile platform technology for secure terminals. The tcg has outlined an architecture whereby a trusted platform relies on the bios. Trusted platform a platform is trusted if it always behaves in the expected manner for the intended purpose is the platform what it claims to be. A tee as an isolated execution environment provides security features such as isolated execution, integrity of applications executing with the tee, along with confidentiality of their assets. For data scientists, system designers, and application and algorithm developers. A trusted execution environment tee is a secure area of a main processor. Platform architecture an overview sciencedirect topics. The following diagram shows a typical software stack for a trustzone enabled system.
In todays reality, the implementation of clean architecture is the best solution for reliable. In order to address this problem, we propose a mobile and portable trusted computing platform in a form of a usb device. Trusted mobile platform hardware architecture description revision 1. In trustzone in the processor and system architecture, we explored trustzone support in hardware, both the arm processor and wider memory system. Its core offering is a saas based training suite that helps enterprises to quickly create, publish, deploy, manage and monitor training content as well as train, assess, evaluate and communicate with their distributed workforce. Download this app from microsoft store for windows 10, windows 8. It guarantees code and data loaded inside to be protected with respect to confidentiality and integrity clarification needed. First, we describe the design and implementation of the hardware and. Building computing platforms upon a solid foundation of trust. An infobase stored on a mobile device contains an equivalent of a file database for storing user data and a mobile application programming code executed on. It consists of the hardware and software architectures, as well as the protocol specifications. Use this sdk to maximize hardware capabilities and developer projects more quickly. Security architectures platform security architecture. Tpm mobile executes within a protected environment which is defined by a collection of security.
Difference between computing architecture and platform in. The attestation process reports the software state and identity of the device. Mobile platform architecture a mobile application installed on a mobile device consists of the mobile platform and an infobase. This is followed by the presentation of a software architecture and its. Review of trusted cloud computing platform security.
Smpserver allows you to configure endtoend authentication from the client to the back end without a vpn. Mobile devices may not include a tpm, but instead tpm functionality could be implemented using a combination of trusted hardware functionality in a mobile platform and software. We describe key features of trusted mobile devices. Having defined the basic capabilities from the mno point of view, a wider. Abbreviation description tcg trusted computing group. Trusted base system architecture, client 4th edition.
577 292 230 375 1545 336 1281 808 1149 1614 545 525 416 555 652 586 1305 456 1101 1036 589 396 887 1036 556 283 704 687 313 1302 777 915 167 693