First to Bring FIPS-Certified Security to Trusted Execution Environments
AIX-EN-PROVENCE, France, January 16, 2014 – INSIDE Secure (NYSE Euronext Paris: INSD), a leader in embedded security solutions for mobile and connected devices, today announced it has upgraded its SafeZone FIPS software cryptographic module to improve security for a broad array of smart connected devices. INSIDE’s enhanced SafeZone cryptographic software enables developers for the first time to build FIPS 140-2 certified applications for Trusted Execution Environments (TEE) based on ARM TrustZone® frameworks. Now able to operate in a Trustonic
“As smart connected devices are increasingly used in the enterprise for more high-value applications, we see trusted platform TEEs such as those provided by Trustonic becoming increasingly important as a way to provide a secure environment to protect these applications and sensitive enterprise information and communications,” said Simon Blake-Wilson executive vice president for the Mobile Security division at INSIDE Secure. “Using platforms with our FIPS-certified solution, developers can avoid the lengthy and expensive FIPS validation process and get their product to market more quickly. And, by using our pre-validated module, they can meet current and future security requirements without having to pull valuable resources from their core competency.”
A TEE isolates sensitive operations on smart connected devices from the standard, general-purpose, operating system, providing a safer execution environment for these applications to run within. TEEs have already been deployed in more than 100 million devices, and many popular smartphones now incorporate TEE technology.
INSIDE has worked in close cooperation with Trustonic to ensure that its SafeZone FIPS cryptography module and toolkits integrate with the Trustonic
“INSIDE’s achievement in delivering technology to accelerate FIPS-compliance with a trusted execution environment demonstrates its leadership and marks an important milestone for the industry in assuring trust in smart connected devices,” said Jon Geater, CTO of Trustonic. “Standards like FIPS provide stakeholders with confidence that a product will perform as intended, and play an important role in driving the acceptance of new technologies, especially when dealing with trusted services.”
As more and more industries involved in critical infrastructure and other sensitive systems become targets of cyber attacks, they have come under increasing pressure to implement and deploy applications, devices and communications networks that offer greater resistance to attack, in line with government mandates, regulations and recognized standards. FIPS 140-2 certification has become globally recognized as providing a sufficient level of security for a broad range of high-value applications, and is being widely adopted around the world for commercial, government and defense applications.
With a broad portfolio of FIPS-certified embedded hardware and software solutions, INSIDE is able to help customers reduce project cost, complexity, risk and time to market. INSIDE is a globally recognized expert in standards and cryptography, and delivers proven integrations, extensive documentation and experienced developer-level technical support for the leading mobile devices and client- and server-side operating systems. INSIDE puts technologists on the most efficient development path, and has helped many equipment manufacturers significantly cut product development time.
About INSIDE Secure
INSIDE Secure (NYSE Euronext Paris FR0010291245 – INSD) provides comprehensive embedded security solutions. World-leading companies rely on INSIDE Secure’s mobile security and secure transaction offerings to protect critical assets including connected devices, content, services, identity and transactions. Unmatched security expertise combined with a comprehensive range of IP, semiconductors, software and associated services gives INSIDE Secure customers a single source for advanced solutions and superior investment protection. For more information, visit www.insidesecure.com.