| Julian Hall | 7b59462 | 2022-04-08 14:04:15 +0100 | [diff] [blame^] | 1 | Introduction |
| 2 | ============ |
| 3 | |
| 4 | The term 'trusted service' is used as a general name for a class of application that runs in an isolated |
| 5 | processing environment. Other applications rely on trusted services to perform security related operations in |
| 6 | a way that avoids exposing secret data beyond the isolation boundary of the environment. The word 'trusted' |
| 7 | does not imply anything inherently trustworthy about a service application but rather that other applications |
| 8 | put trust in the service. Meeting those trust obligations relies on a range of hardware and firmware |
| 9 | implemented security measures. |
| 10 | |
| 11 | The Arm A-profile architecture, in combination with standard firmware, provides a range of isolated |
| 12 | processing environments that offer hardware-backed protection against various classes of attack. Because |
| 13 | of their strong security properties, these environments are suitable for running applications that have |
| 14 | access to valuable assets such as keys or sensitive user data. The goal of the Trusted Services project is |
| 15 | to provide a framework in which security related services may be developed, tested and easily deployed to |
| 16 | run in any of the supported environments. A core set of trusted services are implemented to provide basic |
| 17 | device security functions such as cryptography and secure storage. |
| 18 | |
| 19 | Example isolated processing environments are: |
| 20 | |
| 21 | - **Secure partitions** - secure world VMs managed by a secure partition manager |
| 22 | - **Trusted applications** - application environments managed by a TEE |
| 23 | - **Integrated microcontroller** - a secondary MCU used as a secure enclave |
| 24 | |
| 25 | For more background on the type of problems solved by trusted services and how the project aims to |
| 26 | make solutions more accessible, see: |
| Julian Hall | e76ade8 | 2020-11-25 03:07:21 +0100 | [diff] [blame] | 27 | |
| 28 | .. toctree:: |
| 29 | :maxdepth: 1 |
| Julian Hall | e76ade8 | 2020-11-25 03:07:21 +0100 | [diff] [blame] | 30 | |
| Julian Hall | 7b59462 | 2022-04-08 14:04:15 +0100 | [diff] [blame^] | 31 | example-usage |
| Julian Hall | e76ade8 | 2020-11-25 03:07:21 +0100 | [diff] [blame] | 32 | goals |
| 33 | |
| Julian Hall | 7b59462 | 2022-04-08 14:04:15 +0100 | [diff] [blame^] | 34 | |
| 35 | |
| Julian Hall | e76ade8 | 2020-11-25 03:07:21 +0100 | [diff] [blame] | 36 | -------------- |
| 37 | |
| Julian Hall | 7b59462 | 2022-04-08 14:04:15 +0100 | [diff] [blame^] | 38 | *Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.* |
| Julian Hall | e76ade8 | 2020-11-25 03:07:21 +0100 | [diff] [blame] | 39 | |
| 40 | SPDX-License-Identifier: BSD-3-Clause |