Trusted Execution Environment (TEE): A simple quick run through!

Every day we hear the news of websites being hacked, users Personally Identifiable Information (PII) data leaked or sold online for paltry amount, bank accounts being breached with account data etc. The websites, mobile applications, POS devices and ATM machines all are vulnerable. Almost everything that is electronic is vulnerable for attacks.

Especially with the convergence and evolution of mobile phones and web technologies on mobile devices, brought in the fintech applications on these devices. This increased the probability of attack on one’s personal and financial data. Open Mobile Terminal Platform (OMTP) first defined the TEE in their 'Advanced Trusted Environment: OMTP TR1' standard, defining it as a "set of hardware and software components providing facilities necessary to support Applications" which had to meet the requirements of one of two defined security levels.

Currently, GlobalPlatform and Trusted Computing Group are majorly driving the work in this area.

How Trusted Execution Environment (TEE) looks like?

Leaving the complex realm of the technology, in simple layman terms, it is the code execution environment where you split the execution of set of code in to trusted and un-trusted spaces. To achieve this we need two separate code execution environments: Rich OS and TEE.

Rich OS: An environment created for versatility and richness where device applications, such as Android, Symbian OS, and Windows Phone for example, are executed. This is the space where one can run or execute games, watch movies, edit documents etc. So, this is the space which is highly vulnerable to attacks.

Trusted Execution Environment (TEE): The TEE is a secure area of the main processor in a smartphone (or any connected device) and ensures that sensitive data is stored, processed and protected in an isolated, trusted environment. The TEE's ability to offer isolated safe execution of authorized security software, known as 'trusted applications', enables it to provide end-to-end security by enforcing protection, confidentiality, integrity and data access rights. The best example for this would be while playing the DRM (Digital Rights Management) protected high definition media, the RO (Rights Object) or content permissions can be managed through a secure environment outside the Rich OS, making it totally free from any attacks. 

On a commercially available implementations, the applications cannot use the services or cannot execute the code in TEE space, unless there are some open interfaces exposed to the RickOS applications, which can take the code in to TEE space and execute. In such cases the entire architecture would look like something as follows.

The above diagram is taken from Trustonic's paper.

There are inadvertent advantages and disadvantages of using TEE based applications. The applications using TEE infrastructure can assure the user (applications) the surety of that the execution is not intruded or data is not tampered from third entity in the device. The disadvantage, I would say, is that, the application can be slow due to the underlying implementation complexities and cpu hops. So, it has to be used only for very critical business logic execution where there is high likelihood of intrusion or data breach.

Some of the commercially available implementation includes ARM's TrustZone.

For enthusiasts who want to get their hands dirty, can play around with Google provided Trusty APIs. More to come in my future blogs.