The fundamental importance of the secure execution environment in access control.
by Luis Carlos Delcampo*
The cost of cybercrime is on the rise
An unfortunate consequence of a well-connected world (i.e., the proliferation of the Internet of Things) is that the cost of cybercrime has risen dramatically. A recent report has put these data into figures: Globally, cybercrime costs about $600 billion per year, up from $500 billion in 20141.
Poorly protected Internet of Things (IoT) devices can be a problem, offering new and simple ways for hackers to steal information or access valuable data, networks, or physical assets (source 4). In fact, recent data suggests that the cost of poorly protected device identities is between $15 billion and $21 billion or 9% to 13% of total economic losses in the United States caused by cyber events (estimated to represent a total of $163 billion2).
Together, all these large numbers converge into one reality: it has never been more necessary than now to have a reliable identification for connected devices. This is where the Secure Execution Environment (TEE) comes in.
What is a Secure Execution Environment (TEE)?
How to secure devices using the principle of isolation
A secure execution environment (TEE) is an isolated and secure zone of a central processor that provides guaranteed integrity of application execution, along with the confidentiality of assets such as credentials, certificates, keys, and data. It offers high levels of confidence in the asset management of the surrounding environment, as these assets are protected at rest from "unknown" attackers external to the device's TEE.
Specifically, the "secure" part of the TEE requires that all assets, codes, and other TEE-related device boot chain components (e.g., bootloader, operating system platform, installed application images) have been installed and initiated using a methodology that requires the initial state to be as expected:
• Firmware is verified at startup. Linux files and device firmware are loaded, and a secure memory partition is created for the secure execution environment.
• Validates that the content has not been modified while it was stored at rest.
• Credentials (e.g., keys and certificates), including application programs, and everything in the untrusted domain are protected.
• Content is encrypted on disk and decrypted while transferring from one section of memory to another, freeing up the processor.
After verifying integrity, the bootloader enables access to encrypted file systems and transfers execution to the next stage of the boot process.
Hackers hate teE. The TEE employs a higher-level security booster.
Isolation is the key to obtaining a hardened device in terms of security, while hardening is the process of securing a system by reducing the vulnerability surface. Typically, reducing available attack channels involves modifying default passwords, removing unnecessary software, usernames, or logins, and disabling or removing unnecessary services. The combination of the concept of isolation and that of strengthening security is the essence of TEE, and it becomes the enemy of our enemies (hackers).
Increased security
Hackers are notoriously intelligent. They make a living by creating methods to decrypt encryptions. TEE goes beyond encryption: it creates blocked "trusted zones," dividing processor package resources and peripherals into trusted domains. Simply put, credentials, certificates, keys, etc., are stored so that they are inaccessible to hackers, even when the power supply is interrupted.
There's no doubt that TEE makes devices more secure, but it can also improve performance and functionality.
Better performance and functionality
TeE is the ultimate in multitasking: it encrypts content while it is stored in non-volatile memory and decrypts it while transferring it to another section of memory. This frees up the processor and enables performance at a higher level. And because the TEE is a software solution (firmware), its functionality can be easily customized and updated.
Basically, the TEE is a super performance enabler. Just what you need for your access control solution.
TeE instrumentation in physical access control solutions should be expected: Access control devices live in the IoT universe.
If you've read this far, you probably have some level of responsibility for your company's physical access control system.
Regardless of how many buildings or devices you have installed in your application, they are generally connected to each other, to external devices and to host client computing devices using an IP or IoT network infrastructure (making them potential targets for cyberattacks).
We all remember how easy it has historically been for hackers to access devices via the serial port, etc. With the TEE, any attempt to modify the system would make it "impossible to start."
TEE-protected access control devices offer a higher level of confidence in the validity, isolation, and protection of assets stored in this space. In turn, this leads us to claim that operating systems (OS) and applications running within that space are more reliable.
iSTAR Edge G2: First cyber-hardened IP perimeter access control device to use TEE
iSTAR Edge G2 by Tyco | Software House is the first perimeter access control device that uses a TEE to ensure the confidentiality and integrity of code and data. This allows you to reliably store keys and other cryptographic elements, as well as manage a secure startup process to ensure authenticated sources of hardware and software.
• Safe manufacturing from the start: customized and protected with a proper and well-established chain of trust.
• Secure Boot: The entire startup sequence is authenticated.
• Secure updates: The driver will be updated only with software that is considered reliable.
iSTAR is already recognized as one of the most securely reinforcing IP edge portfolios on the market, and the introduction of iSTAR Edge G2 and its TEE implementation reaffirms its advanced cybersecurity protection.
Advanced cyber protection
Hackers are here to stay. It is a sad reality that has partially shaped the industry and professions in which many of us work. These "bad actors" evolve rapidly, and so must the technology used to block their actions.
The secure execution environment (TEE) is one of these technologies. It enables modern devices to offer a wide range of functionality while meeting the requirements of software developers, service providers, and security professionals who care about privacy, confirmation, authentication, validation, feasibility, and all aspects of security.
References
1. The cost of cybercrime. Internet Society. Published on February 23, 2018. Retrieved 14 December 2020. https://www.internetsociety.org/blog/2018/02/the-cost-of-cybercrime/
2. Mismanagement of Device Identities Could Cost Businesses Billions: Report. Published on February 24, 2020. Retrieved 14 December 2020. https://rootdaemon.com/2020/02/24/mismanagement-of-device-identities-could-cost-businesses-billions-report
3. Trusted execution environments: What, how and why? TechTarget IoT Agenda. Published on April 18, 2018. Retrieved 19 December 2020. https://internetofthingsagenda.techtarget.com/blog/IoT-Agenda/Trusted-execution-environments-What-how-and-why
* Luis Carlos Delcampo is Product and Marketing Manager of the Access Control line of Tyco Security Products for Latin America.
