Mimer Trust: Efficient and secure data sharing for Trusted Execution Environment in embedded systems
A Trusted Execution Environment (TEE) is a widely applied mechanism in embedded systems to protect sensitive data against adversaries. However, its clear isolation of the secured world from the normal world also restricts data sharing between the trusted and standard applications, which is desired in many modern embedded systems. Mimer Trust is a solution based on Mimer SQL and Trustonic’s Secure Tablestore running inside the TEE to achieve fine-grained access control and efficient data sharing between the two worlds.
The solution builds up relational storage for the secure data in the TEE, which are stored initially as simple binary objects. We provide a high-level API to manipulate the secure data and introduce SQL extensions to allow normal applications to access the Secure Tablestore with ordinary SQL statements and rich data types. Since all data access is made through the database server, privileges can be explicitly granted to normal applications, achieving fine-grained access control over the secure data. Encryption of data and data communication is used to protect the information. Mimer Trust provides a two-layered security mechanism with strong protection for sensitive data and flexible access policies suitable for various application scenarios.
Download the white paper to learn more.