Mont-TSSE® Trust & Security System Extension Technology

Description

Mont-TSSE® is a proprietary Trusted Security System Extension architecture and technology developed by Montage Technology. It is fully compatible with both commercial cryptographic algorithms and mainstream international encryption algorithms, thereby enhancing the security and integrity of data storage and transmission. This technology is particularly well-suited for applications in trust computing, encryption and decryption, secure boot and protection, virtualization, and cloud computing. Currently, Montage Technology has applied Mont-TSSE® to its Security & Trust Computing Accelerator chip, M88STAR5(N), which enables customers to achieve two key functions: trust computing measurement and encryption/decryption acceleration.

Mont-TSSE® SSE consists of 6 development components:

  • Mont-TSSE® Firmware SDK: Security Firmware SDK (Zephyr-based)
  • Mont-TSSE® Driver: Linux Hardware Driver
  • Mont-TSSE® DPDK Package: DPDK Driver Interface
  • Mont-TSSE® Crypto Library: High-performance Crypto Library
  • Mont-TSSE® SSL Provider: OpenSSL Engine Interface
  • Mont-TSSE® SDF: SDF Engine Interface
SDK

Key Features

Mont-TSSE® offers outstanding security performance, high flexibility,  and ease of use. It is compatible with the industry's mainstream ecosystem, ensuring data security and secure operation across various computing platforms.

Compliance
Compliance

Comply with the commercialization certification requirements for data protection products.

Convenience
Easy of Use

Simple configuration enables quick deployment and management.

Compatibility
Compatibility

Compatible with the industry's mainstream ecosystem, allowing rapid integration with various operating systems and hardware platforms.

Reliability
Reliability

Prioritize the implementation and practicality of trusted security while ensuring compatibility with other mainstream security technologies in the business environments.


Applications

Mont-TSSE® provides robust support for data protection and trusted applications across various scenarios, utilizing methods such as encryption, authentication and virtualization to meet the diverse developer needs.

For instance, Mont-TSSE® enhances data security both at rest and in transit. For data storage, it employs database and file encryption to effectively protect sensitive information from unauthorized access and data breaches. Furthermore, Mont-TSSE® utilizes data desensitization techniques to mask or replace sensitive data during processing, providing an additional layer of protection. In terms of data transmission, Mont-TSSE® implements IPsec/SSL VPN security gateways, offering robust encryption and authentication services to ensure data confidentiality and integrity. Additionally, signature/verification servers are used to authenticate data sources and verify data integrity, thereby protecting against tampering during transmission.

Regarding trusted applications, Mont-TSSE® provides a high-performance, highly secure hardware root of trust that supports hardware virtualization while maintaining robust security measures. The trusted solution is compatible with TPM/TCM/TPCM and features a dynamic measurement offloading mechanism, enabling flexible power control as well as a wide range of adaptive interfaces. Mont-TSSE® delivers comprehensive end-to-end security capabilities with optimal security performance from cloud to edge to endpoint. Additionally, this solution supports trusted security extensions for VMs/Containers, providing cloud tenants with equivalent levels of security protection.


Ecosystem

Mont-TSSE® is compatible with mainstream industry ecosystems such as OpenSSL and DPDK, enabling high-performance data plane operations to meet the needs of applications sensitive to network throughput and latency. By providing hardware-level security protection, Mont-TSSE® is suitable for trusted computing environments. Its support for cloud virtualization extensions offers multi-layered security solutions to effectively protect data security across various application scenarios.

Currently, the Mont-TSSE® software has achieved significant industry recognition, including product compatibility certification with UnionTech Server OS V20 and  technical evaluation certificate from the OpenEuler open-source community. Futhermore, the Mont-TSSE® Driver has been incorporated into the kernel source code of open-source operating systems like OpenEuler, OpenAnolis, and OpenCloudOS. This integration allows users to download and use it directly without configuration.

Certified ComponentPartnerCertification Result
Mont-TSSE® DriverUnionTechPassed mutual compatibility testing
Mont-TSSE® DriverOpenEulerIntegrated into OpenEuler 5.10 kernel      
Integrated into OpenEuler 6.6 kernel
Mont-TSSE® DriverOpenAnolisIntegrated into OpenAnolis 5.10 kernel   
Integrated into OpenAnolis 6.6 kernel
Mont-TSSE® DriverOpenCloudOSIntegrated into OpenCloudOS 5.4 kernel   
Integrated into OpenCloudOS 6.6 kernel
Mont-TSSE® SDKOpenEulerPassed mutual compatibility testing