ARM, Intercede, Solacia and Symantec have developed the Open Trust Protocol (OTrP), designed to provide secure architecture and code management to protect connected devices. The architecture uses technologies deployed in banking and for handling sensitive data on smartphones and tablets.
OTrP is a high-level management protocol that works with security products, such as ARM's TrustZone-based Trusted Execution Environments, which are designed to protect mobile computing devices from malicious attack. OTrP can be used with public key infrastructure-based systems to allow service providers, app developers, and hardware maker to use their own keys to authenticate and manage trusted software and assets. The group said OTrP can be easily added to existing Trusted Execution Environments or to microcontroller-based platforms capable of RSA cryptography.
At its heart, OTrP is a management protocol designed to work with security software in order to protected Internet of Things and mobile devices from malicious attacks. OTrP is available to download from Internet Engineering Task Force for those who want to test and prototype it in their security environment.
The group of companies hope that the protocol paves the way for an open standard to enable to management of trusted software without the need for a centralised database - much like established method of security architecture in e-commerce.
The full group of companies who've worked together on OTrP consists of Intercede, Solacia, Symantec, Beanpod, Sequitur Labs, Sprint, Thundersoft, Trustkernel, Verimatrix and ARM.