TPM and TEE are partnering not competing, GlobalPlatform boss reports

Gil Bernabeu of GlobalPlatform

As the line between mobile devices and computers becomes increasingly blurred, security architectures from two previously separate worlds are also converging. GlobalPlatform’s secure components – the Secure Element (SE) and Trusted Execution Environment (TEE) – are becoming de facto in mobile devices and the Trusted Computing Group’s (TCG) Trusted Platform Module (TPM) is widely deployed across the computing ecosystem.

GlobalPlatform’s technical director, Gil Bernabeu, is often asked whether the two technologies compete, if there is crossover and even if one will kill the other. Here, he explains why it is not a question of competition, but one of fruitful collaboration between GlobalPlatform and TCG and the two technologies.

Why are GlobalPlatform and TCG working together?

A. GlobalPlatform and TCG share a common philosophy. Every device must have a trust anchor at its core to build Chains of Trust and offer secure services. Based on this common approach, TCG and GlobalPlatform have standardised different secure services to support the deployment of use cases for different industries.

This shared viewpoint enables the organisations to come together to identify points of alignment and key areas of specialisation. For example, TCG develops a range of important services specific to the PC industry which are not a focus for GlobalPlatform.

What is the benefit of this collaboration?

A. I think I can use one example. The TEE’s ability to host and execute third party apps and services in its protected environment is key. Because of this, GlobalPlatform and TCG ensure that specific services defined by TCG can be loaded and managed inside a GlobalPlatform secure component, such as a TEE.

We have published different documents to explain how this can be achieved. This offers a solution to device makers seeking to encrypt the hard disc – a popular service in the Trusted Platform Module community – allowing them to load and anchor this encryption service within a TEE.

What might this convergence look like in the future?

A. Well, multiple markets are now connecting things and the demand for more security is growing. The market for both technologies looks bright and multiple routes for collaboration are in front of us.

For example, the IoT (Internet of Things) world needs connectivity via 3/4/5G. Because SE technology is embedded in SIMs (Subscriber Identity Modules) and eSIMs I expect the TPM use case to be delivered using a GlobalPlatform SE. Additionally, “always connected” PCs may want to authenticate to a network using a SE with a SIM function, perform a NFC transaction with a banking application or a strong authentication with FIDO. All using the same SE.

As a result, device manufacturers, alongside many other stakeholders, stand to benefit from the combined efforts of GlobalPlatform and TCG.

Click here for more information about TEE and SE technologies.

The author of this blog is Gil Bernabeu, technical director, GlobalPlatform

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

Recent Articles

Mouser explores power behind AI at the Edge

Posted on: July 23, 2021

Mouser Electronics Inc. has released the third instalment of the 2021 series of its award-winning Empowering Innovation Together program. The series’ third installment dives deep into artificial intelligence (AI), through an engaging collection of video, long-form articles, blog and infographic content.

Read more

The value of analogue measurement

Posted on: July 23, 2021

Analogue measurement can define your upside. when you look at what you can achieve in a plant, you may be able to accomplish a lot with just simple digital sensors. You can tell when something switches state ( goes on and off), you know if things are running or not running, you can tell if

Read more