TEE Definition #68
Comments
|
He also suggests to add extra language to point out that there is a HW / SW cooperation. Trusted Execution Environment (TEE): An execution environment that |
|
Additionally, it might be useful to highlight that the TEE needs to provide separation between (a) REE and TEE, (b) provide isolation between TAs, and (c) prevent TAs from subverting the TEE OS. |
|
It may be worthwhile to note that there is, in the general case, no protection of the REE from the TEE side. |
|
I think I disagree with most of those suggestions. To me a TEE is anything that provides hardware enforcement that: (1) only authorized code can execute within the TEE, and (2) data used by that code cannot be read or tampered with by code outside the TEE. There may or may not be any such thing as a TEE OS, a TEE may or may not support multiple TAs (and hence provide isolation between them), there may or may not be an REE on the same device, so none of those topics should be part of the "definition" in my view. |
|
I agree with the second part of your statement because it is specific to TrustZone. Maybe it would, however, be worthwhile in the appendix to talk about the security guarantees provided by different TEEs to indicate the differences. Regarding the first point I thought the remarks are good because the point out that a TEE is a system-wide concept is not just a hardware-based mechanism. |
Also removes "Client" App duplication with "Untrusted" App, where the latter is preferred since the app may be the server side of some protocol like HTTP, and so Client is confusing. Signed-off-by: Dave Thaler <dthaler@microsoft.com>
|
See proposed changes in #71 |
Addresses issue #68 Problems were: * "isolated" implied that TEE<->REE can't communicate * some TEEs have no REE on the same device * avoid question as to whether hypervisor based environments are TEEs or not by removing the word "hardware" from the strict definition Signed-off-by: Dave Thaler <dthaler@microsoft.com>
dthaler
added
have proposed text
dthaler
added
ready to close
We use the following term:
"
runs alongside of, but is isolated from, an REE.
"
Cristofaro Mune suggested to use the following definition instead:
"
runs alongside of, but is separated from, an REE.
"
Argument: Isolated means that the TEE and the REE do not communicate
The text was updated successfully, but these errors were encountered: