Welcome!

SOA & WOA Authors: Jason Bloomberg, Ian Khan, Sandi Mappic, Liz McMillan, Adrian Bridgwater

Related Topics: Security, SOA & WOA, .NET, Virtualization, Web 2.0, SDN Journal

Security: Article

ARM Launches Security Joint Venture

It’s assumed the venture will ultimately go public

ARM has just given Intel another reason to chew its lip.

The British mobile chip designer has launched a promised joint venture in mobile security called Trustonic that's gotten the backing of companies like MasterCard, Sprint, Cisco, Samsung, Nvidia and 20th Century Fox Home Entertainment.

ARM owns 40% of the new company and its two partners, Gemalto, a security ISV in Amsterdam, and Giesecke & Devrient, a payments house in Munich, each have 30%.

Former ARM VP Ben Cade has been named Trustonic's CEO. The venture will be headquartered in Cambridge, England, where ARM lives and will have offices around the world.

It's assumed the venture will ultimately go public since it will take tens of million of dollars to create the standard for banks, online retailers, service providers and enterprises in general that Trustonic is shooting for.

The widgetry, based on ARM's eight-year-old TrustZone technology, is intended to be used for digital rights management (DRM) and mobile payments.

Described as an electronic version of a safety deposit box in a bank vault it's supposed to guarantee that information stored on mobile devices is free of spyware and virus infections.

Service providers could, say, let end users watch content on multiple devices without increasing the chance of piracy. And it's said to cut the time it takes to make an e-commerce transaction on a smartphone from two-and-a-half minutes to seven seconds.

Trustonic envisions network operators incorporating revenue-generating value-added services and device makers using a secure platform to protect sensitive assets such as passcodes, fingerprints and certificates.

The joint venture will focus on developing a GlobalPlatform-compliant Trusted Execution Environment (TEE) that will offer a common security standard for connected devices. The TEE will be integrated into the TrustZone security technology embedded in ARM's system-on-a-chip (SoC) and licensed to chip makers.

The widgetry involves hardware isolation as well as software and cryptographic isolation.

Separated by hardware from the main operating system, Trustonic says a TEE ensures the secure storage and processing of sensitive data and trusted applications. It protects the integrity and confidentiality of key resources, such as the user interface and service provider assets. A TEE manages and executes trusted applications built in by device makers as well as trusted applications installed as people demand them. Trusted applications running in a TEE have access to the full power of a device's main processor and memory, while hardware isolation protects these from user installed apps running in the main operating system. Software and cryptographic isolation inside the TEE protect the trusted applications from each other.

Device and chip makers can use TEEs to build platforms that have trust built in from the start, while service and content providers can rely on the dingus' integral trust to start launching innovative services and new business opportunities.

For its part Intel has McAfee, whose DeepSAFE hardware-based security product also sits below the operating system, and partnerships with both Visa and MasterCard.

More Stories By Maureen O'Gara

Maureen O'Gara the most read technology reporter for the past 20 years, is the Cloud Computing and Virtualization News Desk editor of SYS-CON Media. She is the publisher of famous "Billygrams" and the editor-in-chief of "Client/Server News" for more than a decade. One of the most respected technology reporters in the business, Maureen can be reached by email at maureen(at)sys-con.com or paperboy(at)g2news.com, and by phone at 516 759-7025. Twitter: @MaureenOGara

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.