An execution environment can be described as a platform which is responsible for the execution of an application or task, they provide the necessary services, dependencies and support for an application to run correctly and seamlessly. They are cases where we need to execute this applications in an isolated environment to prevent modification of data or unauthorized access, this is were Trusted Execution Environment (TEE) comes in, TEE ensures confidentiality and data integrity by running applications in a secure and isolated environment where data can't be tampered with, think of it as something similar to a protected mode where applications ability to modify system resources are restricted. In order to support a TEE,a device needs to define a security perimeter separated by hardware from the main OS and applications, where only trusted code executes. We refer to this security perimeter as Trusted Area. This is why we can have a specific hardware requirement like the Intel SGX and AMD SEV-SNP for TEE support.
Uses of TEE
- Mobile financial services - Financial applications may require the user to expose sensitive information such as a PIN, password to the mobile OS as a means of authenticating the user. The TEE optionally offers a trusted user interface which can be used to construct user authentication on a mobile device.
- Authentication - The TEE is well-suited for supporting biometric ID methods (facial recognition, fingerprint sensor and voice authorization), which may be easier to use and harder to steal than PINs
- ioT Devices - The increase of the internet of things is also expanding the need for trusted identification to new connected devices. TEEs are one technology helping manufacturers, service providers and consumers to protect their devices, IP and sensitive data.
There are several other uses of TEE's and you can check the reference section of this article to know more about them or you just Google it!!!!