GlobalPlatform has published a white paper that outlines the benefits of introducing and standardizing the Trusted Execution Environment (TEE) in mobile devices. The white paper – which is free to download from www.globalplatform.org – will be of interest to all parties operating within the mobile services sector, as the TEE aims to resolve security concerns in the mobile handset market, particularly with reference to digital rights management and finance applications.

The TEE is a secure area that resides in the main processor of the phone and guarantees that sensitive data is stored, processed and protected in a trusted environment. Its ability to offer safe execution of authorized security software, known as trusted applications, enables the TEE to enforce protection, confidentiality, integrity and access rights of the data belonging to those trusted applications. This provides end-to-end security. 

GlobalPlatform has committed resources to standardizing the TEE. This will benefit the industry as a whole by lowering implementation costs, creating greater certainty and building a platform for interoperability across the applications operating on the mobile device. 

The association's white paper, entitled: ‘The Trusted Execution Environment: Delivering Enhanced Security at a Lower Cost to the Mobile Market' provides an overview of the TEE, and explains how the technology works independently in a separate environment – alongside a rich operating system such as Android, Windows Phone 7, LiMo, iOS and webOS – to provide high level security services for corporate environments, content management, mobile payments and service deployment. The document also outlines GlobalPlatform's TEE Specification roadmap and objective to standardize this environment.

The paper will be of interest to all those operating within the mobile services sector including service providers, mobile network operators, operating system and application developers and device manufacturers.

Christophe Colas, GlobalPlatform Device Committee Chair, commented, "The TEE provides a path to resolving security needs while still supporting the key performance required. The aim of our focus on the TEE is to work alongside all members of the value chain to pull together a totally interoperable solution for securing trusted applications on mobile devices. We believe our work will deliver significant benefits to the mobile services marketplace."

The white paper follows the launch of GlobalPlatform's Trusted Execution Environment (TEE) Client Application Programming Interface (API) Specification in July 2010. This technical document defines the communication between applications running in a rich operating environment, typically on top of a smartphone operating system, and the applications residing in the TEE.  The specification outlines how to establish communication interoperability and support the migration of sensitive services into the TEE, enabling an application to become isolated and easier to control and secure.

The following GlobalPlatform member organisations jointly developed the white paper: American Express, ARM Ltd., Gemalto, Giesecke & Devrient, Nokia, Orange, ST Ericsson, and Texas Instruments.