Revision as of 22:02, 4 June 2024 edit BlueBirdBlues (talk \| contribs) Extended confirmed users 657 edits m Adding short description: "Secure area of a main processor" Tag: Shortdesc helper ← Previous edit		Revision as of 16:41, 17 June 2024 edit undo Kaze757 (talk \| contribs) 196 edits m ce Tag: Visual edit Next edit →
Line 1: {{Short description\|Secure area of a main processor}} A ~~trusted~~ '''trusted execution environment''' ('''TEE''') is a secure area of a [[Central processing unit\|main processor]]. It helps the code and data loaded inside it be protected with respect to [[Information security#Confidentiality\|confidentiality and integrity]]. Data confidentiality prevents unauthorized entities from outside the TEE from reading data, while code integrity prevents code in the TEE from being replaced or modified by unauthorized entities, which may also be the computer owner itself as in certain [[Digital_rights_management\|DRM]] schemes described in [[Software_Guard_Extensions\|SGX]]. This is done by implementing unique, immutable, and confidential architectural security such as [[Software Guard Extensions\|Intel Software Guard Extensions]] (Intel SGX), which offers hardware-based memory encryption that isolates specific application code and data in memory. Intel SGX allows user-level code to allocate private regions of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels.<ref>{{cite web \| url=https://blog.quarkslab.com/introduction-to-trusted-execution-environment-arms-trustzone.html \| title=Introduction to Trusted Execution Environment: ARM's TrustZone }}</ref><ref>{{cite web\| url=https://globalplatform.org/wp-content/uploads/2018/04/131023-3-TLabs-livre_blanc.pdf \| title=Security evaluation of Trusted execution environments: Why and how? \| access-date=2024-02-15}}</ref><ref name="oulpita.com">{{cite web \|url=https://poulpita.com/2014/02/18/trusted-execution-environment-do-you-have-yours/ \|title=Trusted Execution Environment, millions of users have one, do you have yours? \|website=Poulpita \|date=2014-02-18 \|access-date=2017-05-17 \|archive-date=2021-01-27 \|archive-url=https://web.archive.org/web/20210127231827/https://poulpita.com/2014/02/18/trusted-execution-environment-do-you-have-yours/ \|url-status=live }}</ref> A TEE as an isolated execution environment provides security features such as isolated execution, integrity of applications executing with the TEE, and confidentiality of their assets.<ref>{{cite web\|url=https://www.youtube.com/watch?v=PmtQtWpfW3w\|title=The benefits of Trusted Execution Environment (TEE)\|last=Ram Kumar Koppu\|date=26 October 2013\|publisher=[[YouTube]]\|access-date=31 July 2014\|archive-date=1 September 2020\|archive-url=https://web.archive.org/web/20200901094254/https://www.youtube.com/watch?v=PmtQtWpfW3w\|url-status=live}}</ref> In general terms, the TEE offers an execution space that provides a higher level of security for trusted applications running on the device than a rich operating system (OS) and more functionality than a 'secure element' (SE).

Trusted execution environment: Difference between revisions