ARM Ltd. announced a security extension to the ARM RISC microprocessor architecture. The hardware-based security mechanism, called "TrustZone", is implemented directly within the processor core and is intended to provide a secure foundation for systems running embedded operating systems such as Windows CE, Linux, PalmOS, and Symbian, and also to complement secure application environments such as Java, the company said.
ARM said the new technology enables protection of on- and off-chip memory. The technology tags and partitions secure code and data within the system, and maintains a clear, hardware separation between secure and non-secure information. The separation is said to enable secure code and data to run alongside an OS securely and efficiently, without being compromised or accessible to attack.
Since the security elements of the system are designed into the core hardware, security issues surrounding proprietary, non-portable solutions outside the core are removed, ARM said. Security thus becomes an intrinsic feature of the device with minimal impact to the core area or performance, while enabling developers to build additional security, for example cryptography, on top of the secure hardware foundation.
The ARM TrustZone specification is available now, and the technology will be available for licensing in ARM CPU cores in 2004, ARM said.
Secure ARM technology...
Posted 27 May 2003 - 06:50 PM
Posted 27 May 2003 - 06:57 PM
Posted 27 May 2003 - 09:54 PM
The system is designed for an emerging generation of "open" operating systems, such as Linux, Symbian OS, Palm OS and Windows CE, which are far more complex than mobile phone makers' own proprietary software. They introduce a greater potential for security risks because they are capable of running more complex applications.
Handset makers and network providers are under increasing pressure to come up with advanced features such as allowing a mobile phone to double as a credit card, but want to ensure they can adequately protect such data, York said.
"If you trust your mobile device with really valuable data like corporate access codes and e-commerce data, end users as well as corporate providers don't want that to be lost if their handset is stolen," he said. "If we can show an improving level of security, that makes it easier to sell these applications."
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users