VaultIP is a Silicon IP Secure Element adding 360° security to mobile processors. It protects against an increasing number of sophisticated threats to valuable data and private information.
New desighs gain competitive advantage by quickly and cost effectively delivering comprehensive protection with VaultIP as a stand-alone secure element or in combination with ARM® Trustzone® architectures.
ARM’s TrustZone technology, part of the Cortex-A processor family, enables the development of a Trusted Execution Environment (TEE) within a mobile device. GlobalPlatform defines a TEE as a secure environment providing
protection against software attacks; it is comprised of two elements, the TrustZone hardware components and a Secure Operating System.
A TEE forms the foundation for mobile device security, an area where “trusted applications” can execute with protection from disturbance, tampering or eavesdropping by malicious software. Another layer is needed on top of this foundation to fully enable impenetrable protection for mobile devices.
- The VaultIP Trust Anchor:
- Secure, Non-volatile Memory Management, enabling:
- Secure Boot: prevent loading of compromised OS versions
- Secure Debug: stop unauthorized access to system information
- Secure Counters:prevent rollbacks and license tampering
- Secure Timers: locality checks and limits on time for key use
- Authentication and Authorization: ensure confidentiality of private information
- Secure Key Provisioning, Storage, Management and Use: control storage and access to core key material
- VaultIP: Multi-Vector Protection
- VaultIP provides the ‘Trust Anchor’ needed by a Secure Operating System to run effectively within a TEE. VaultIP manages sensitive assets, such as cryptographic keys, so they are never exposed to non-secured access.
- It provides secure storage of root keys and enforces the key management policies, so that key material cannot be moved to the primary CPU. With VaultIP, keys are never exposed to the vulnerabilities that come with handling by software.
- IP delivered as synthesizable Verilog RTL source code
- Advanced Security to Support:
- Online Banking
- Internet Transactions
- Proximity Payments
- Mobile Point-of-Sale
- Enterprise VPN
- DRM and Content Protection
- Data-at-Rest Protection
- Government ID