Published on 8 August, 2013
|INSIDE's TrustZone portfolio includes cryptographic modules, DRM and content protection solutions and security toolkits
INSIDE Secure recently announced that its portfolio of embedded software security solutions now enables manufacturers to implement TrustZone-based system-wide security across the industry’s broadest range of content protection, enterprise security, and mobile payments applications.
The INSIDE TrustZone-enabled product portfolio includes many of its FIPS-certified cryptographic modules, DRM and content protection solutions, security toolkits and VPN client solutions. These offerings have been enhanced to take advantage of TrustZone technology and operate within GlobalPlatform-compliant trusted execution environments (TEE), helping manufacturers reduce project costs, complexity, risk and time to market for next-generation tablets, smartphones and other mobile and connected platforms.
“The threats of malware, viruses and piracy are rapidly spreading to mobile and connected devices as they increasingly are used for more high-value applications. Standards-based trusted execution environments, such as those supported by TrustZone technology, are being developed to provide a secure environment to protect these applications,” said Dr. Simon Blake-Wilson, executive vice president for embedded security solutions at INSIDE Secure. “With its TrustZone product portfolio, INSIDE is applying its extensive expertise in trusted platform modules, application development and trust infrastructure support to provide TrustZone enablement to its customers across the broadest range of applications.”
INSIDE customers can utilise this product portfolio to take advantage of TrustZone technology when creating trusted execution environments for a variety of high-value applications, including:
- Content protection– INSIDE DRM Fusion software is available with support for Microsoft PlayReady, Windows Media, OMA and UltraViolet DRM technologies, and has been approved for use by Apple, Microsoft, RIM and all the major Hollywood studios. DRM Fusion software for DTCP-IP and HDCP integrates seamlessly within trusted execution environments based on ARM TrustZone frameworks to provide GlobalPlatform-compliant protection of high definition video content for wired and wireless streaming applications.
- Enterprise security – INSIDE SafeZone FIPS-certified cryptographic modules, MatrixDAR for data-at-rest protection, and QuickSec and MatrixSSL VPN client software for data-in-motion protection enable the use of a TrustZone TEE to secure sensitive corporate information, and applications to maintain privacy, integrity and confidentiality.
- Mobile payments and banking – INSIDE’s mobile payments applets work with a TrustZone TEE to protect user passcode entry for a large number of major payment card brands, private-label payment and transport cards as well as other applications that support mobile wallet schemes that rely on TrustZone enablement for user authentication protection. Another INSIDE applet provides a point-to-point encryption mechanism for a mobile point-of-sale solution that enables any mobile device to be used as a highly secured credit card terminal, simplifying PCI compliance. This applet runs in the TrustZone TEE to secure cardholder PIN entry and the display screen.
“INSIDE has established relationships with all the major players in the TEE ecosystem to enable SoC vendors, device OEMs and application developers to quickly and cost effectively deliver products that provide maximum security and meet the growing demand for standards-compliant trusted devices,” said Blake-Wilson. “INSIDE is uniquely positioned to provide a full range of solutions for media, enterprise and financial applications.”
These software offerings complement INSIDE’s existing portfolio of hardware solutions enabling maximum application security through the use of tamper-resistant hardware which can host NFC proximity applications for access control, payments, ticketing or official electronic signatures where the highest level of security is required.