- Solutions
- Products
- Services & Support
- Blog
- About
- Contact
Securosys is raising the bar on Trusted Execution Environments concepts by adding the secure execution of an application to a separate hardware-based enclave with attestation of the running code.
TEE come in many forms, integrated enclaves in off-the-shelf servers, as software only solutions, e.g. sandboxes as add-ons integrated into existing hardware security modules.
Each of these solutions offers unique advantages and disadvantages.
It is our belief that the best security level can only be achieved with a dedicated purpose-built hardware solution.
Software-only solutions have the obvious short comings of neither offering physical protection, nor protection from runtime environment modifications. Processor extension such as Intel’s SGX or AMDs SEV lack the secure physical environment, such as tamper proof box and additionally have the challenge, that they have to be both fully general purpose and co-exist with a standard non-secured processor core.
An HSM, with its tamper protected housing seems like a very good choice for adding TEE functionality. However, purpose-built for storing the digital keys protecting the most valuable digital assets, executing arbitrary, potentially malicious code compromises the purpose of the HSM. Thus, a dedicated device is the most secure choice.
An HSM is agnostic to the data it processes; thus, it doesn’t look into the data being signed. However, there are cases, where it is beneficial to enforce input-based compliance rules before applying a signature.
Imagine the case, where multiple parties need to sign-off on a critical contract. Such multi-party rules can be enforced within Securosys’ Primus HSM by using Securosys’ multi-signature solution. However, in some case such rules must be automated, e.g. low value transactions, where the cost of a multi-sign-off is not feasible or an overkill in the light of the associated risk. The piece of code, making the decision of which rule to apply becomes a compliance relevant piece of software as it enforces the rule on what is considered a low value transaction. The compliance filter is running as artificial intelligence in a TEE as part of the sign-off rules. Thus, the combination of the HSM and a TEE can further reduce the IT risk exposure, while further automating the business processes.
Several use cases can add the Securosys Trusted Execution Environment to their existing HSM Portfolio.
Here are some examples.
There are existing Trusted Execution Environment products and solutions out there, with many of them being confronted with serious flaws.
Some long-standing micro-chips products or enclave solutions similar to trusted execution environment were recently breached. These chips, running within server-infrastructures, were not isolated from other applications. By separating the attestation of a code or compliance filter from the actual transaction signing, any hacking attempt becomes exponentially harder and signing of transaction that have been approved by compromised apps are avoided.
The Imunes TEE accepts code compiled to jvm and webassembly executables and thus supports a multitude of languages form C, java, to Rust, scala and many more.
The complied trusted code is executed in an environment with stateless, capability-based security assertions between modules, enforcing integrity and confidentiality of the executed code and complete digital attestation of results. It is the most secure environment for execution of automated compliance sign-offs, digital contracts and validation of crypto asset transactions.