- ROB DYKE
Powerful hardware security in today’s smart devices isn’t something new. ARM announced TrustZoneTM in 2003 (http://www.arm.com/about/company-profile/milestones.php), starting the trend for system on chip manufacturers to licence this secure platform.
How do developers make use of this?
With the formation of Trustonic in 2012, the goal has been to provide a simple platform for application developers to make use of these features. We provide the OS and SDK - application developers can protect keys, algorithms and benefit from the additional trust a Trusted Execution Environment (TEE) brings.
Developers want a simple API and easy application deployment. We live in a world were software is developed and released at a rapid pace. I’m often asked “How long does it take to change my application to use the Trustonic platform?” Well every application is of course different, but I often mention KoolSpan’s secure voice product. From receiving the SDK, to having a working demonstration application, the whole process took just two months.
“Trustonic's SDK allows us to access the highest level of security and encryption that the Trustonic TEE offers" said Bill Bill Supernor, KoolSpan CTO. "Hardware specifics, device complexities, secure memory management and secure storage are abstracted away giving us a simple, clean interface to these features. We were able to modify our application to support Trustonic in a matter a weeks."
In fact Trustonic have been using KoolSpan’s solution since January this year and are proud to be relying on a product secured by the Trustonic TEE, safe in the knowledge that our calls and messaging are strongly protected.
Hackers eavesdropping on the private discussions of executives are a risk to the enterprise. There’s frequent reports in the press about this happening – German researchers have discovered security flaws that could let hackers, spies and criminals listen to private phone calls and intercept text messages -https://www.washingtonpost.com/news/the-switch/wp/2014/12/18/german-researchers-discover-a-flaw-that-could-let-anyone-listen-to-your-cell-calls-and-read-your-texts/
Use cases for TEE are many. If your application needs to protect a cryptographic key, secure data or your back end systems need to know devices are trusted, then consider the TEE.
Secure voice requires two end points to communicate securely. To achieve this you need to protect the encryption keys used, and encrypt the data on device. By doing so, a potentially compromised mobile tower (http://news.sky.com/story/1499258/fake-mobile-phone-towers-operating-in-the-uk) cannot intercept your data.
KoolSpan provides secure communications solutions enabling business and home users to make phone calls and send messages securely.
KoolSpan’s security and privacy solutions address the growing threat of loss or theft of intellectual property, vital information and proprietary assets. Customers include government organizations and enterprises in over 60 countries worldwide in industries that span government, financial services, industrial/manufacturing, energy, transportation, healthcare and others. KoolSpan is FIPS 140-2 certified and has 21 issued patents with dozens more pending.
KoolSpan is offering a promotion for a free 30-day trial of the TrustCall Service, KoolSpan’s encrypted wireless calling and messaging application, on qualified Samsung Galaxy devices. To sign-up for the trial promotion, visit:https://koolspan.com/free-trial.