GlobalPlatform Simplifies Remote Secure Management of Trusted Execution Environments & Trusted Apps
September 2018 by Marc Jacob
GlobalPlatform has published two configurations to simplify and expedite the implementation of its Trusted Execution Environment Management Framework (TMF). The configurations offer guidance on the specific parts of the framework that need to be implemented to remotely manage Trusted Execution Environments (TEEs) and their trusted applications (TAs) on particular device types.
The two configurations address the needs of different use cases:
– Single purpose IoT devices that fulfil simple use cases like sensors for smart homes, buildings and cities. They are often controlled by a single entity, manage a single application and contain one security domain and therefore need fewer management commands.
– Rich-featured IoT devices like gateways, automotive in-vehicle infotainment (IVI) systems and smartphones. They require a richer management framework, that enables numerous service providers’ applications to be isolated within their own security domains in the same TEE.
The configurations and framework will be used by service providers, application developers, device manufacturers and TEE implementers. They enable TEE users to securely install, update and personalize trusted applications on a TEE once it is active, providing clear and practical direction into the management requirements of trusted applications.