It’s clear that mobile and IoT devices need to be protected from scalable software attacks. Vendors and OEMs have responded to these growing threats by building in hardware security features that can provide the basis for integrity and confidentiality in systems. However it has been challenging for service providers to access and make use of this hardware-based security to deliver and protect valuable services due to device fragmentation.
With smart phones becoming ubiquitous, they are the natural choice of client platform from which to perform identity, credential and trust relationship management for IoT entities. The risks posed by phone theft, loss or damage must be taken into consideration though, so it is vital that the full lifecycle of the devices themselves and the smartphones and credentials used to manage and protect them are fully considered.
Using Trusted Execution Environment (TEE) technology means trusted applications can be protected within secure hardware in smart devices. This allows IoT enterprises who require fast, simple and secure deployment of TEE-enhanced services to enable over-the-air provisioning of secure applications into silicon chips loaded with a TEE. An early example of this would be the use of a Trusted Application Management (TAM) service to provision secure applications into TEE-equipped devices such as set-top boxes and smart TVs.
There needs to be an open approach to unlock the full potential of “built-in” trust and security in services, devices and software. It will pave the way for a diversity of hardware and software vendors, enabling business and innovation in a transparent and competitive marketplace.
Utilizing a TAM service that supports multi-TEE technologies supports the drive to open standards, avoid lock-in, limit technology obsolescence and enable a diversity of trust models. It also caters to hybrid devices across a population of users.
To find out more visit Intercede’s booth at the GlobalPlatform TEE Conference, in Santa Clara on 13 October 2015.