May 27, 2003 10:19 AM PDT
ARM to put a lock on mobile chips
TrustZone, which has some parallels to chip-level technologies from Intel and Via Technologies, will be built into ARM cores early next year and could begin appearing in products in 2005, the company said. It could help spread the adoption of applications such as mobile commerce and corporate mobile computing, by ensuring that important data will not fall into the wrong hands.
ARM said that it is providing a blueprint for integrating security functions onto a chip. By contrast, Microsoft's Next Generation Secure Computing Base (NGSCB), an upcoming operating system technology for securing data, is software that could take advantage of these extra transistors. Controversy is already springing up around NGSCB, formerly known as Palladium. Some believe it will help cut down on Internet fraud, while others say it will be used by copyright holders to restrict access to content.
"I don't see the same interest from the (cell phone network) operators in being quite so prescriptive as in the PC world," said Richard York, manager of ARM's secure technologies program. "There is a strong interest in making sure the user experience is positive. If they begin selling services that strongly restrict what you can do with content, I am skeptical they will take off."
TrustZone is a low-level technology that builds security into the processor core itself, and allows operating systems makers, handset vendors and silicon manufacturers to come up with their own security systems, based on the hardware. York said that a Palladium-style system could be built upon the ARM technology, if a software maker wished to do so. It aims to replace existing proprietary systems that add a security component outside the core, which ARM says can cause problems for mobile device software.
"There are solutions out there already, but they are not very standardized," York said. "The vendors have to rewrite bits of their firmware for different chipsets, and that is a pain for them. This is as much about standardization as anything else."
Integrating the security functions will mean adding about 10,000 transistors to a chip. Currently, to get similar security capabilities, manufacturers have to put an extra chip on the motherboard of a PC or a handset, which bumps up production costs.
The system is designed for an emerging generation of "open" operating systems, such as Linux, Symbian OS, Palm OS and Windows CE, which are far more complex than cell phone makers' own proprietary software. They introduce a greater potential for security risks, because they are capable of running more complex applications.
Handset makers and network providers are under increasing pressure to come up with advanced features for cell phones--such as one that would allow a phone to double as a credit card--but they want to ensure they can adequately protect such data, York said.
"If you trust your mobile device with really valuable data like corporate access codes and e-commerce data, end users, as well as corporate providers, don't want that to be lost if their handset is stolen," he said. "If we can show an improving level of security, that makes it easier to sell these applications."
He said that the potential for mobile viruses, while widely discussed, is not yet a major concern for handset makers. There is also not yet significant interest in digital rights management technology for copyrighted downloads for mobile devices, he said, although TrustZone is designed to handle both digital rights management (DRM) and antivirus applications.
Industry observers said such technology will be important in paving the way for more advanced mobile device applications.
"Phone software must remain inviolate from any actions of downloaded software, and only hardware-enforced security can provide this level of trust," said Gartner analyst Martin Reynolds in a statement. "Security-enhanced processors are an essential component for the future of mobile phone technology, opening the way for a vast ecosystem of third-party applications."
ARM's cores are used by chip manufacturers such as Texas Instruments and Intel. They power most cell phone handsets and handheld computers, as well as set-top boxes and other embedded devices.ZDNet UK's Matthew Broersma reported from London. News.com's Michael Kanellos contributed to this report.