没有合适的资源?快使用搜索试试~ 我知道了~
DEN0021D-Trusted-Base-System-Architecture-Client
试读
60页
需积分: 0 0 下载量 8 浏览量
更新于2023-01-02
收藏 937KB PDF 举报
【DEN0021D可信基系统架构客户端】是ARM公司发布的一份关于安全领域的技术文档,主要聚焦在基于ARM架构的系统硬件上的可信基系统架构。这份文档经过多次修订,最新的版本为第四版,从2012年首次发布到2018年的非保密版,表明了ARM公司对这一领域持续的更新和完善。
可信基系统架构(Trusted Base System Architecture, TBSA)是ARM设计的一种安全框架,旨在确保在基于ARM处理器的系统中提供可信的启动和执行环境。TBSA的核心目标是创建一个可以信任的软件栈的基础,这个基础能够防御恶意攻击,并确保敏感数据的安全处理。它涵盖了硬件、固件和软件的多个层面,包括安全启动、内存保护、隔离机制以及安全通信等关键功能。
在ARM的TBSA中,客户端(Client)通常指的是那些依赖于可信服务的组件或应用程序。这些客户端可能需要访问受保护的服务,如密钥管理、身份验证或隐私保护功能。TBSA为客户端提供了标准接口,使得它们可以安全地与可信服务交互,同时确保服务的完整性和机密性。
文档中的“System Hardware on ARM”部分强调了硬件在实现TBSA中的角色。这可能包括ARM处理器的特定安全特性,如TrustZone技术,这是一种硬件级别的安全解决方案,通过划分安全世界和非安全世界来隔离敏感操作和普通操作。此外,硬件还可能涉及安全内存管理、加密引擎和硬件加速器,这些都对构建安全的可信基系统至关重要。
在知识产权方面,ARM明确指出该文档受版权保护,未经许可,任何部分不得复制。同时,尽管提供了该信息,但不授予任何明示或暗示的专利许可,除非特别说明。用户只能在不用于评估第三方专利侵权的情况下访问和使用文档中的信息。ARM还声明文档“按原样”提供,不提供任何形式的保证,包括但不限于适销性、满意质量、非侵权或适用于特定目的的默示保证。
DEN0021D是ARM公司关于基于ARM处理器的可信基系统架构客户端的详细指南,旨在帮助开发者和制造商理解如何构建和利用安全的硬件和软件环境,以提高系统的整体安全性。这份文档是安全设计和实施的重要参考资料,特别是对于依赖ARM架构的嵌入式和移动设备行业。
TRUSTED BASE SYSTEM ARCHITECTURE, CLIENT
(4TH EDITION)
System Hardware on ARM
®
Document number: ARM DEN 0021D
Copyright © 2012, 2016, 2018, ARM Limited or its affiliates
2 Copyright
©
2012, 2016, 2018, ARM Limited or its affiliates. All rights reserved. ARM DEN 0021D
Non-Confidential
Trusted Base System Architecture, Client (4th Edition)
System Hardware on ARM
Copyright © 2012, 2016, 2018, ARM Limited or its affiliates. All rights reserved.
Release information
Table 1 lists the changes made to this document.
Table 1 Change history
Date
Issue
Confidentiality
Change
20 January 2012
A
Confidential
First release
21 March 2012
B
Confidential
Second release
26 September 2016
C
Confidential
3
rd
Edition. Update and restructure document. Draft release
15 October 2018
D
Non-Confidential
4
th
Edition. Non-confidential release.
Intermediate releases, numbered A-3 to A-9, were issued to a restricted circulation
Non-Confidential Proprietary Notice
This document is protected by copyright and other related rights and the practice or implementation of the
information contained in this document may be protected by one or more patents or pending patent applications.
No part of this document may be reproduced in any form by any means without the express prior written
permission of Arm. No license, express or implied, by estoppel or otherwise to any intellectual property rights is
granted by this document unless specifically stated.
Your access to the information in this document is conditional upon your acceptance that you will not use or
permit others to use the information for the purposes of determining whether implementations infringe any third
party patents.
THIS DOCUMENT IS PROVIDED “AS IS”. ARM PROVIDES NO REPRESENTATIONS AND NO WARRANTIES,
EXPRESS, IMPLIED OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
MERCHANTABILITY, SATISFACTORY QUALITY, NON-INFRINGEMENT OR FITNESS FOR A PARTICULAR
PURPOSE WITH RESPECT TO THE DOCUMENT. For the avoidance of doubt, Arm makes no representation
with respect to, and has undertaken no analysis to identify or understand the scope and content of, patents,
copyrights, trade secrets, or other rights.
This document may include technical inaccuracies or typographical errors.
TO THE EXTENT NOT PROHIBITED BY LAW, IN NO EVENT WILL ARM BE LIABLE FOR ANY DAMAGES,
INCLUDING WITHOUT LIMITATION ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, OR
CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY,
ARISING OUT OF ANY USE OF THIS DOCUMENT, EVEN IF ARM HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
This document consists solely of commercial items. You shall be responsible for ensuring that any use,
duplication or disclosure of this document complies fully with any relevant export laws and regulations to assure
that this document or any portion thereof is not exported, directly or indirectly, in violation of such export laws.
Use of the word “partner” in reference to Arm’s customers is not intended to create or refer to any partnership
relationship with any other company. Arm may make changes to this document at any time and without notice.
If any of the provisions contained in these terms conflict with any of the provisions of any click through or signed
written agreement covering this document with Arm, then the click through or signed written agreement prevails
over and supersedes the conflicting provisions of these terms. This document may be translated into other
languages for convenience, and you agree that if there
is any conflict between the English version of this document and any translation, the terms of the English version
of the Agreement shall prevail.
The Arm corporate logo and words marked with ® or ™ are registered trademarks or trademarks of Arm Limited
(or its subsidiaries) in the US and/or elsewhere. All rights reserved. Other brands and names mentioned in this
document may be the trademarks of their respective owners. Please follow Arm’s trademark usage guidelines at
http://www.arm.com/company/policies/trademarks.
ARM DEN 0021D Copyright
©
2012, 2016, 2018 ARM Limited or its affiliates. All rights reserved. 3
Non-Confidential
Copyright ©2018 Arm Limited (or its affiliates). All rights reserved.
Arm Limited. Company 02557590 registered in England.
110 Fulbourn Road, Cambridge, England CB1 9NJ.
LES-PRE-20349
Table of Contents
ARM DEN 0021D Copyright
©
2012, 2016, 2018 ARM Limited or its affiliates. All rights reserved. 5
Non-Confidential
Table of contents
1 Introduction .................................................................................................. 6
1.1 Additional reading ................................................................................. 6
1.2 Target platform ..................................................................................... 7
2 Use cases ..................................................................................................... 8
2.1 User privacy .......................................................................................... 8
2.2 Digital Rights Management .................................................................. 9
2.3 FIDO ..................................................................................................... 9
2.4 Enterprise system support .................................................................. 10
2.5 Mobile Network Operators .................................................................. 11
3 Security threats .......................................................................................... 12
3.1 Threats ................................................................................................ 12
3.2 Attackers ............................................................................................. 13
4 TrustZone
®
technology ............................................................................. 16
4.1 Execution model ................................................................................. 17
4.2 Memory access................................................................................... 18
5 TBSA architecture variants....................................................................... 20
5.1 Baseline architecture .......................................................................... 22
5.2 Assisted architecture .......................................................................... 22
6 TBSA security requirements .................................................................... 23
6.1 System view ........................................................................................ 23
6.2 Infrastructure ....................................................................................... 23
6.3 Fuses .................................................................................................. 31
6.4 Cryptographic keys ............................................................................. 33
6.5 Trusted boot ........................................................................................ 37
6.6 Trusted timers ..................................................................................... 39
6.7 Version counters ................................................................................. 41
6.8 Entropy source.................................................................................... 42
6.9 Cryptographic acceleration ................................................................. 44
6.10 Debug ................................................................................................. 45
6.11 External interface peripherals ............................................................. 51
6.12 DRAM protection ................................................................................ 53
7 Device lifecycle .......................................................................................... 57
8 Approved algorithms ................................................................................. 59
Glossary................................................................................................................. 60
剩余59页未读,继续阅读
资源推荐
资源评论
154 浏览量
169 浏览量
2023-07-21 上传
110 浏览量
2023-07-21 上传
117 浏览量
127 浏览量
2023-07-21 上传
2023-07-21 上传
2021-04-29 上传
172 浏览量
2021-06-03 上传
2021-02-05 上传
109 浏览量
116 浏览量
2023-07-04 上传
2018-03-21 上传
163 浏览量
2019-07-17 上传
200 浏览量
2016-11-05 上传
140 浏览量
145 浏览量
2023-07-21 上传
2021-04-01 上传
资源评论
TrustZone_Hcoco
- 粉丝: 2w+
- 资源: 32
上传资源 快速赚钱
我的内容管理
展开
- 我的资源
快来上传第一个资源
我的收益 登录查看自己的收益
我的积分
登录查看自己的积分
我的C币
登录后查看C币余额
我的收藏 
我的下载 
下载帮助
前往需求广场,查看用户热搜安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功