Secure Execution Environments

Applied Cryptography Robust Software Quantum Safety Machine Learning Applied to Security Analysis and Exploration of Vulnerabilities Computer Systems Forensic Analysis Reverse Engineering Identification, Authentication and Authorization Secure Execution Environments Direito da Organização e da Segurança

Secure Execution Environments
Introduction
Security in Operating Systems
Virtualization on Intel Processors
Intel Software Guard Extensions
ARM TrustZone
Linux Kernel Namespaces
LXC Linux Containers
- Container
- LXC containers
AppArmor
TPM (Trusted Platform Module)
Bootstrap security

Powered by GitBook

On this page

Protected hardware resources
ARM (v8) exception levels
Access to the Secure world

Worlds

PreviousARM TrustZone NextArchitecture

Last updated 4 months ago

Isolation is achieved by exploring the same CPU in two different worlds (or states).

Normal world -> for running the Rich OS.
Secure world -> for running the Secure OS.

A CPU flag bit defines the current world.

NS bit of the SCR (Secure Configuration Register)
0 - Secure state
1 - Non-secure state

Protected hardware resources

ARM (v8) exception levels

Similar to run levels.

TrustZone introduces one EL more.

Secure monitor (EL3).

Combination of exception levels and states.

Access to the Secure world

Calls from the Rich OS.

SMC (Secure Monitor Call).
Typically implemented by Rich OS drivers.

Interrupts from the Secure hardware.

Must be handled by the Secure OS.

Both enter first in EL3.

They are then dispatched to the Secure world.