mobile devices are widely used in our daily life and the Internet of things (IoT) has been developed rapidly, raising a surge in demand for security. Many approaches to security are developed to fit the security requirements. Trusted Platform Module (TPM) is an implementation of a secure cryptoprocessor that brings the notion of trusted computing on x86 platforms. Similar to how TPM works to make PCs “trustworthy”, TrustZone is a System on Chip (SoC) and CPU system-wide approach to security aimed at establishing trust in ARM-based platforms.
U.S. Pat. No. 7,305,534 discloses a data processing apparatus and method for controlling access to a memory to divide the data processing apparatus into a secure domain and a non-secure domain. U.S. Pat. No. 7,966,466 discloses a memory access control circuitry to control access to memory address space. Both approaches are utilized by the ARM TrustZone technology to separate a SoC into the secure domain and a non-secure domain.
However, these approaches did not provide content protection inside the secure domain. The content protection is needed for different trustworthy developers to co-work inside the secure domain. The content protection may be provided in the non-secure domain using virtualization technology for high-end SoC, but it is not suitable for low-cost products because of limited computational power and resources, e.g., memory size.
While two or more different developers are going to deal with the secure data inside a secure world, they all need the right to access the secure world to store their codes respectively. In this scenario, the trustworthy developers have to co-work inside the secure world. But this does not mean they have to abandon the safeguard of their intellectual property. A new framework based on the built-in security device to provide content protection to the executable codes (intellectual property) for the developers is needed.