GlobalPlatform Releases Further Specifications to Standardize the Trusted Execution Environment
17 May 2012 – GlobalPlatform has launched its latest specifications for the Trusted Execution Environment (TEE). The technical documents, which are free to download from www.globalplatform.org, significantly advance GlobalPlatform’s infrastructure to standardize the TEE; a secure area that resides in the main processor of devices such as a smartphone and ensures that sensitive data is stored, processed and protected in a trusted environment.
GlobalPlatform, the organization which standardizes the management of applications on secure chip technology, recognizes the importance of the TEE for managing applications on secure chip technology; bridging the gap between the rich operating system (such as Android, Windows Phone and Symbian) and the secure element (SE). The TEE offers safe execution of authorized security services, known as trusted applications such as mobile financial services, content protection for digital rights management (DRM) and enterprise services.
GlobalPlatform has released two new specifications primarily for use by software developers working within the TEE space. The ‘TEE Systems Architecture v1.0‘ explains the hardware and software architectures behind the TEE, while the ‘TEE Internal API Specification v1.0‘ specifies how to develop trusted applications.
Both documents build on the foundation established by GlobalPlatform in 2010 with the release of the ‘TEE Client API Specification v1.0‘, which outlines the communication between applications running in a rich operating system and trusted applications residing in the TEE.
GlobalPlatform is currently working to standardize the technology to ensure an open and interoperable ecosystem for mobile services. This includes the launch later this year of a compliance program that will test and qualify the functional aspects of a TEE.
Christophe Colas, GlobalPlatform Device Committee Chair and Marketing Director at Trusted Logic Mobility (an affiliate of Gemalto), comments: “There are two central reasons why the TEE exists. Firstly, more mobile services are emerging that require a greater level of security and secondly, with an increased number of users there is a greater need to protect against viruses and malware. The TEE isolates secure applications and separates them from malware which might be downloaded inadvertently. This is why the TEE is a key environment to protect content and applications moving forward.
“GlobalPlatform and its members are working to develop a neutral TEE framework to provide greater certainty and lower the cost of advancing this technology by removing interoperability barriers. In addition to releasing TEE specifications and the launch of a compliance program, we are also developing security certification specifications to allow independent parties to prove the security level of a TEE. We call on companies interested in this area to engage in our work programs to enrich and grow the TEE ecosystem to benefit the mobile services marketplace as a whole.”
GlobalPlatform is also committed to educating the marketplace on the value the TEE can bring to securing mobile services. It has released a ‘TEE Made Simple Guide‘, and more detailed information can be sourced in GlobalPlatform’s white paper: ‘TEE: Delivering Enhanced Security at a Lower Cost to the Mobile Market.’