editor's blog
Subscribe Now

Infrastructure for Application Security

Security is becoming an increasingly visible topic in discussions of things embedded and mobile. While the need to be secure isn’t new, there’s more of a push to change architectures to make them intrinsically less open to skullduggery.

One simple embodiment of the notion is to partition execution into two: one running a standard rich OS, which looks very much like what we’re used to – let’s call it the lay environment, the secular world. All kinds of things happen out there, many of which we don’t talk about. Then there’s a second environment running a minimal secure OS which acts as a “trusted” environment – let’s call it the temple. We don’t get to see what’s going on in there (although we can create salacious myths about the their rituals). This is where the Golden Legacy is protected so that, even if the lay world sends itself up in flames, there is a kernel of civilization that can re-seed the lay world anew.

Communication between the two worlds is carefully managed by a messaging system as if through anointed mutes with elaborate credentials and passwords.

This is the kind of world that Elliptic is trying to fit into. They’ve unveiled their new tVault infrastructure for supporting security in applications. This is a capability that’s invisible to the user and even to the application programmer: it supports higher-level security features. For instance, they’ve got it running under Android’s Security Framework. Apps programmers program to the Android API; underlying that, tVault manages the implementation.

tVault helps handle secure data and transactions like encryption key storage and retrieval. Applications and processes get IDs so that only the correct program gets access to its data; no other process can intercede and bugger off with someone else’s key.

The tVault concept is actually a collection of firmware, APIs, hardware support, and hardware acceleration. Their first focus is DRM on Android machines.

You can find more in their release

Leave a Reply

featured blogs
Mar 27, 2020
[From the last episode: We saw how pointers are an important kind of variable, representing data whose location we can'€™t predict in advance.] We saw last time that pointers are used to store the addresses of data stored in memory space that'€™s allocated while the progr...
Mar 27, 2020
Have you ever paused to consider how temptingly tasty electronic circuits would look if their components and copper tracks were mounted on a glass substrate?...
Mar 27, 2020
Solar Power While the cost and benefits of solar power can and have been debated, there'€™s one point that cannot be debated:  the solar energy sector continues to grow.   The solar energy sector has grown 68% over the last decade, and the cost of solar infrastruc...
Mar 26, 2020
Late last week you may have seen the open letter  from our CEO, Tony Hemmelgarn, laying out the steps that Siemens Digital Industries Software is taking to support our customers during the COVID-19 global crisis. All of us are getting use to the “new normal” ...

Featured Video

LE Audio Over Bluetooth with DesignWare Bluetooth IP

Sponsored by Synopsys

The video shows the new LE Audio using Synopsys® DesignWare® Bluetooth 5.2 PHY IP and Link Layer IP with isochronous channels, and ARC® Data Fusion IP Subsystem with ARC EM9D Processor, running the LC3 codec supporting LE Audio.

Click here for more information about Bluetooth, Thread, Zigbee IP Solutions