• Locked Locked
  • Replies 10 replies
  • Subscribers 118 subscribers
  • Views 6239 views
  • Users 0 members are here
Options
Related
How was your experience today?
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ARM trustZone

Vipin Josua
Note: This was originally posted on 21st June 2012 at http://forums.arm.com

[color=#222222][font=arial, sans-serif][size=2]I am a student from kuwait and very much interested in trusted computing. I have few doubts in basic understanding of trusted computing.[/size][/font][/color][color=#222222][font=arial, sans-serif][size=2]
[/size][/font][/color][color=#222222][font=arial, sans-serif][size=2]1) What was the need for Trustzone when TPM itself could perform trusted computing ? Is it just because of space contraints due to extra chip?[/size][/font][/color][color=#222222][font=arial, sans-serif][size=2]2) Why cannot the secure OS in trustzone be modified? is it because it is smaller trust base one can make it bug free?[/size][/font][/color][color=#222222][font=arial, sans-serif][size=2]3) What is the basic difference between Intel TXT and Trustzone ?   [/size][/font][/color][color=#222222][font=arial, sans-serif][size=2]
[/size][/font][/color][color=#222222][font=arial, sans-serif][size=2]  I tried searching in internet about Intel TXT and I am totally confused. Thanks a lot in advance for your help. [/size][/font][/color]
Parents
  • Note: This was originally posted on 22nd June 2012 at http://forums.arm.com

    1) A TPM has no compute capability, it is simply a secure storage device with attestation capability, but it relies on the outside (untrusted) system to do most of the calculations.

    2)[color=#222222][font=arial, sans-serif][size=2] Why cannot the secure OS in trustzone be modified?[/size][/font][/color]
    [color=#222222][font=arial, sans-serif][size=2]
    [/size][/font][/color]
    [color=#222222][font=arial, sans-serif][size=2]I'm not sure what you are asking here. As a technology from ARM TrustZone provides hardware building blocks to build a secure environment. Any system developer can write their own secure OS to run in this [/size][/font][/color]environment. In a running system then yes, you want to prevent modification (security risk), and as always smaller is better (less bugs -> less security risk).
Reply
  • Note: This was originally posted on 22nd June 2012 at http://forums.arm.com

    1) A TPM has no compute capability, it is simply a secure storage device with attestation capability, but it relies on the outside (untrusted) system to do most of the calculations.

    2)[color=#222222][font=arial, sans-serif][size=2] Why cannot the secure OS in trustzone be modified?[/size][/font][/color]
    [color=#222222][font=arial, sans-serif][size=2]
    [/size][/font][/color]
    [color=#222222][font=arial, sans-serif][size=2]I'm not sure what you are asking here. As a technology from ARM TrustZone provides hardware building blocks to build a secure environment. Any system developer can write their own secure OS to run in this [/size][/font][/color]environment. In a running system then yes, you want to prevent modification (security risk), and as always smaller is better (less bugs -> less security risk).
Children
No data