Free Newsletter

QUICK POLL
  • Which training workshop is of most value to your organisation?
  • Preparing your business for the Internet of Things
  • The Internet of Things and Cloud computing
  • Radio technologies for connecting the Internet of Things
  • Smart Cities and intelligent infrastructure
  • WebRTC and the end of the telco
EVENTS
Meet the leaders of the mobile app economy ? Open Mobile Summit, London, June 8-9
Navigation Strategies Europe 2011
ITU Telecom World, 24-27 October 2011 at Palexpo, Geneva, Switzerland
Ubiquitous Location and Positioning Technology, 6th-7th December 2011, Chicago
Advertize your telecoms job

ARM bids for security loophole

By PETER WHITE

Published: 7 April, 2012

READ MORE:

We have pointed out before that most ARM based application processor chips have either no real hardware based security hooks, or only those provided within the chip core from Arm, in its TrustZone.

This is now set for a complete rethink and rewrite as ARM has gone into partnership with two of the world's biggest smart card makers, embedded security specialists Gemalto and Giesecke & Devrient (G&D).

Most cryptographers have told us that TrustZone has been a halfhearted attempt so far, based on the idea of running two virtual machines, one that keeps all the trusted work, such as processing decryption with live keys, and one that handles normal OS tasks. Effectively to date it has been a cheapskate route to security and we have made constant references to an entirely hardware protected secure processing core that will be needed to protect HD content on things like Tablets.

But at recent shows we have been told "ARM plans to take security very seriously" and by the addition of these two new partners into a joint venture that has taken all the TrustZone staff, this is a bold bid to go the extra mile and create a truly secure zone.

This new venture could, and perhaps should, overnight steal all the mindshare in security on a tablet, and also on smartphones, but there remains a couple of potential counter-attacks and the first are from those handful of companies, such as Apple and Qualcomm and Samsung, who are architectural licensees of ARM, and who have the source code and the right to make any changes they like on their own ARM chips. Any one or a group of these might throw up their own challenge - a common argument in security is that if you are different from the crowd, people have less incentive to break your security and prefer to break the most widely used system. The other architectural licensees include Marvell and Nvidia. And between those 5 are a very significant proportion of ARM core shipments.

Also the new TrustZone partners are more used to protecting financial transactions and identity, than content, and there may be some basis for other parties to influence their thinking somewhat.

ARM and Intel, in their race to dominate processor platforms, know that they could gain major competitive edge by establishing a widely trusted and implemented chip-level security system. Intel acquired McAfee partly for that reason, but ARM has the advantage of its huge market reach in the smartphone world, and its multiple hundreds of licensees. These already harness its TrustZone technology, which is implemented on every Cortex-A processor, and which will now be combined with technologies from ARM's new JV partners.

The as-yet unnamed JV aims to deliver secure environments based on ARM's platforms, which underpin the processors in over 90% of handsets, and so far 100% of Tablets, and in a rising number of embedded or M2M gadgets, and even servers and set-tops. Chip-level security could boost ARM still further where smartphones are being used for sensitive applications such as mobile payments, or in less familiar environments, like the enterprise, where security is paramount. ARM said it was particularly targeting m-payments, m-banking and enterprise productivity applications, as well as ecommerce and premium content services. So not content protection then, which also has an urgent case.

Pages: 1 | 2

Related Stories

COMMENTS

Add Comment
No comments yet. Be the first to add a comment!
MARKET PLACE

    European Carrier Mobile Broadband Network Performance

    Analysing and comparing the data speed, latency, network quality and smartphone penetration for 94 mobile carriers in 28 European countries....

    Next Generation Haptics: Market Analysis and Forecasts

    An in-depth study of the growing popularity of haptics-enabled tactile feedback on mobile devices to augment UI interactions and enrich...
WHITE PAPERS

    Satellite Phones: Will Dual Mode Help the Phoenix Rise from the Ashes?

    Satellite phones have followed an arduous path since their much-hyped launch more than a decade ago. The hype was followed by an e...

    Mobile Widget Platform Market Analysis: Understanding the Business Case and ROI

    This white paper presents an analysis of the mobile widget platform market, as well as metrics supporting a mobile carrier?s busin...

POST COMMENT

You must be a registered user to post a comment. or
Username *
Email *
Comment *