Security Impact of Trusted Execution Environment in Rich Execution Environment Based Systems

Abstract

Security threats are growing in a very fast manner ever since the introduction and widespread use of mobile computing devices like smartphones became popular. So, there arises a necessity to introduce security mechanisms to deal with such threats in actual operating system environments. Trusted Execution Environment (TEE) is one such successful approach where dedicated secure hardware is used in combination with its own operating system software which works apart from the real execution environment for achieving an isolation from the real world processing. However, TEE still lacks a common design strategy as its implementation of is done by different manufacturers using their own hardware in a not so unified manner. So, here in this paper we try to study and follow the design strategies of a TEE with its basic concepts to analyze its security impact over a normal execution environment. As the use of mobile applications is growing day by day, the design strategies discussed in this document are mostly related and well suited for mobile platforms. Existing software based security mechanisms in mobile platforms like application sandbox is discussed in the later section of the document to analyze the type and the amount of vulnerabilities a TEE based system can fix over such strategies. The main application areas that a TEE can be securely employed is also discussed in the final section of this document to analyze the security impact that a TEE employed system can provide to a Rich Execution Environment.