You can trust your phone as you trust us!

Recent years have seen significant increasing of computing power, connection bandwidth, and data storage on mobile devices such as cellular phones and smart phones. As results, more applications and services have been deployed on these devices which bring new usage models and business processes such as mobile payment and ticking, pervasive information and content (audio, video, and text) sharing, seamless collaborations, and voice-over-IP (VoIP) applications. These applications, on the other side, bring some challenges on the security consideration:

1. More sensitive data stored on a device, not only user’s (the owner) sensitive information such as credit card number and e-tickets, and network operator’s sensitive data such as subscriber identity and billing information, but also other services’ data such as licenses for digital rights management (DRM), and data for platform management agent such as anti-virus client. The computing environment of a mobile device requires that there is no single solution fitting all these stakeholders.
2. Mobile devices are becoming more open and general-purpose computing environments, not only for personal computing, but also for increasing commercial and enterprise computing.
3. With increasing connecting capabilities such as voice and digital data from network service providers, WiFi/WLAN, Bluetooth, and GPRS/HSDPA, mobile and home computing has become more pervasive and ad-hoc than ever.
4. While variant operating systems (OS) and middleware enable different applications and services, there are (emerging) dominated OS and middleware in the mobile platform market such as Symbian, WinCE, Palm, and J2ME.

How it works

Samsung Trusted Platform is built on emerging trusted computing (TC) technology on mobile and other CE devices.

A “Secure Boot” of our TC-aware secure kernel from software or hardware Mobile Trusted Module (MTM).
Secure Boot mechanism boots a mobile device into a trusted runtime state with hardware or software based root-of-trust. Samsung Secure Boot is compatible with Trusted Computing Group (TCG) specifications, and provides strong protection of device firmware for network providers and users.

Easy and efficient way to realize the isolated Trusted Engines.
The business needs of the mobile phone industry mandate 4 different stakeholders (platform owners): device manufacturer, cellular service provider, general service provider, and the end-user. Samsung TP technology provides an easy and efficient (power saving and development-efficient) way to provide trusted engines with strong isolation for different stakeholders.

Flexible but controlled information flow between Trusted Engines.
With a mandatory access control (MAC) enabled secure kernel, Samsung TP provides flexible but controlled information flow between applications from different stakeholder, and thus preserve high assurance of platform runtime integrity. Kernel integrated integrity measurement and verification (IMV). Samsung TP technology composes IMV mechanisms for critical hardware and software components with secure isolation mechanisms. The IMV includes boot-time and runtime integrity measurements and attestation stacks.