GlobalPlatform announced a compliance program that will standardize the trusted execution environment (TEE) and promote assurance in the mobile secure services sector by forging an approved industry framework.
GlobalPlatform states that the new compliance program will cut the cost of progress for industry players— application developers, hardware manufacturers, software developers, etc.— by eliminating barriers caused by interoperability issues.
The TEE is a secure zone that resides in the main processor of a smart phone or similarly connected device that ensures sensitive data is stored, processed and protected in a trusted environment. Offering safe execution of authorized security software called trusted applications— mobile financial services, content protection and enterprise services— the TEE provides end-to-end security by enforcing protection, confidentiality, integrity and data access rights.
GlobalPlatform has recognized the importance and need for a TEE as it will play a major role in bridging the gap between operating systems— Android, Windows Phone, Symbian, etc.— and the secure element (SE). To accompany these plans, GlobalPlatform has developed a list of specifications which can be found on the company’s website.
FIME and Galitt have attained GlobalPlatform qualification for their TEE test tools, which will assess and qualify the functional aspects of a TEE to GlobalPlatform’s Specifications. The new test tools have received support and know-how from Platform members Gemalto, Texas Instruments and STMicroelectronics.
In addition to the TEE compliance program, GlobalPlatform is also developing security certification specifications that would allow independent parties to validate the security level of a TEE.