Analysis Of Isolated Execution Environment

1097 Words5 Pages
This topic deals more about the methods and technologies in tandem for en-hancing overall security of any embedded device . At places one can notice that the topics discussed earlier could have criss-crossed here, but here the same discussion is more looked from the prism of overall security rather than arbitrarily which was the case earlier. 9.1 Isolated Execution Environment Isolating execution also often referred as trusted execution environment (TEE) gives the device and so the service and providers and OEMs the ability to run a software modules in complete isolation from untrusted code. Executing code and data in complete isolation provides secrecy and integrity of that module’s code and data at run-time. Conventional rich mobile…show more content…
Confidential data can be pertaining but not limited to device (OEM), user, operator and platform providers meta data specific, service providers. Protection for confidential data is critical so that they can’t be accessed either by network attacks, physical tampering or access by unauthorized software en-tities in the device. Often embedded devices can be reprogrammed remotely as a part of fixing bugs and adding new features. In due course, devices should ensure that attackers don’t attack and insert their own malicious code and hi-jack confidential data as it flows through the system. 9.3 Device Identification (via Remote Attestation) Remote attestation allows remote entity to verify that a particular message orig-inated from a particular software entity[18]. Putting this to business terms, ser-vice provides widely use remote attestation to make sure that the device they are communicating is the real device that are wishing to talk to and not any un-trusted or unknown entity. Trusting the device would mean attesting certain chosen software module(s) or complete stack of underlying software running along with it. This could in practice means whole operating systems. Service providers who offer secure services like payment services can know if the communicating device software is in rightful and known state or is operating with tampered or rooted software. Attestation can be meaningful and easier to achieve when computing base is relatively
Get Access