Back Trusted Execution Environment German محیط اجرای قابل اطمینان Persian Trusted Execution Environment HE 신뢰 실행 환경 Korean 可信執行環境 Chinese
A trusted execution environment (TEE) is a secure area of a main processor. It helps the code and data loaded inside it be protected with respect to confidentiality and integrity. Data confidentiality prevents unauthorized entities from outside the TEE from reading data, while code integrity prevents code in the TEE from being replaced or modified by unauthorized entities, which may also be the computer owner itself as in certain DRM schemes described in SGX.
This is done by implementing unique, immutable, and confidential architectural security such as Intel Software Guard Extensions (Intel SGX), which offers hardware-based memory encryption that isolates specific application code and data in memory. Intel SGX allows user-level code to allocate private regions of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels.[1][2][3] A TEE as an isolated execution environment provides security features such as isolated execution, integrity of applications executing with the TEE, and confidentiality of their assets.[4] In general terms, the TEE offers an execution space that provides a higher level of security for trusted applications running on the device than a rich operating system (OS) and more functionality than a 'secure element' (SE).
- ^ "Introduction to Trusted Execution Environment: ARM's TrustZone".
- ^ "Security evaluation of Trusted execution environments: Why and how?" (PDF). Retrieved 2024-02-15.
- ^ "Trusted Execution Environment, millions of users have one, do you have yours?". Poulpita. 2014-02-18. Archived from the original on 2021-01-27. Retrieved 2017-05-17.
- ^ Ram Kumar Koppu (26 October 2013). "The benefits of Trusted Execution Environment (TEE)". YouTube. Archived from the original on 1 September 2020. Retrieved 31 July 2014.