Trusted Execution Environment
E356787
A Trusted Execution Environment (TEE) is a secure area of a main processor that runs isolated code and protects sensitive data from the rest of the system, even if the operating system is compromised.
All labels observed (4)
| Label | Occurrences |
|---|---|
| Arm Confidential Compute Architecture | 1 |
| Confidential VMs | 1 |
| Confidential computing | 1 |
| Trusted Execution Environment canonical | 1 |
Statements (48)
| Predicate | Object |
|---|---|
| instanceOf |
hardware-based isolation mechanism
ⓘ
security technology ⓘ trusted computing component ⓘ |
| abbreviation | TEE ⓘ |
| contrastsWith | normal execution environment ⓘ |
| enables |
protection of data in use
ⓘ
secure execution of sensitive workloads ⓘ |
| enforces |
access control to sensitive resources
ⓘ
hardware-backed isolation ⓘ |
| hasComponent |
trusted OS
ⓘ
trusted applications ⓘ |
| hasDefinition | a secure area of a main processor that runs isolated code and protects sensitive data from the rest of the system ⓘ |
| hasProperty |
hardware-enforced security boundaries
ⓘ
measured code execution ⓘ small trusted computing base ⓘ |
| implementedIn |
AMD SEV
ⓘ
TrustZone security extension ⓘ
surface form:
ARM TrustZone
Secure Enclave ⓘ
surface form:
Apple Secure Enclave
Intel SGX ⓘ |
| isolatesFrom |
hypervisor
ⓘ
operating system ⓘ other applications ⓘ |
| protectsAgainst |
certain physical attacks
ⓘ
compromised operating system ⓘ malicious applications ⓘ |
| provides |
confidentiality for code and data
ⓘ
integrity for code and data ⓘ isolated execution environment ⓘ remote attestation capability ⓘ runtime isolation ⓘ secure key management ⓘ secure storage ⓘ |
| relatedTo |
Trusted Platform Module 2.0
ⓘ
surface form:
Trusted Platform Module
confidential computing ⓘ secure enclave ⓘ |
| runsOn |
main processor
ⓘ
system-on-chip ⓘ |
| standardizedBy | GlobalPlatform ⓘ |
| supports |
secure boot of trusted code
ⓘ
trusted applications ⓘ |
| targetDomain |
cloud computing
ⓘ
embedded systems ⓘ mobile devices ⓘ |
| usedFor |
digital rights management
ⓘ
mobile payment security ⓘ protecting cryptographic keys ⓘ secure authentication ⓘ secure enclave-style applications ⓘ |
Referenced by (4)
Full triples — surface form annotated when it differs from this entity's canonical label.
this entity surface form:
Confidential computing
this entity surface form:
Confidential VMs
this entity surface form:
Arm Confidential Compute Architecture