Overview
Last updated
Last updated
From architecture perspective, webkey has four layers:
TEE provides a completely isolated operating environment from Android/Linux and other systems;
Even if Android is rooted, attackers cannot read or tamper with TEE;
TEE is completely independent of Android and runs its own operating system and application ecosystem;
TEE does not require additional hardware support.
Using ARM TrustZone, Intel SGX, RISC-V PMP and other technologies, all mainstream chips currently support it;
Switching is controlled by software, and the isolation between TEE and Android is guaranteed by the chip. It has higher security, lower cost, better performance and lower power consumption;
Webkey TEE (Trusted Execution Environment) is a security technology used to protect sensitive data and code. It builds a secure area on the hardware device to ensure that the code and data running in it are protected from external attacks.
Based on the TEE solution, a secure world based on hardware isolation can be provided to protect the security of sensitive data and the correct execution of programs.
REE security components Security components that can be directly used by ordinary apps or users, such as key management, etc.
Basic services Provide secure storage and cryptographic services for secure applications
TEE kernel Provides basic capabilities such as process, memory, and hardware resource management. Ensure the isolation of basic hardware resources (CPU, memory, and peripherals).
