Description
Mont-TSSE® is a proprietary Trusted Security System Extension architecture and technology developed by Montage Technology. It is fully compatible with both commercial cryptographic algorithms and mainstream international encryption algorithms, thereby enhancing the security and integrity of data storage and transmission. This technology is particularly well-suited for applications in trust computing, encryption and decryption, secure boot and protection, virtualization, and cloud computing. Currently, Montage Technology has applied Mont-TSSE® to its Security & Trust Computing Accelerator chip, M88STAR5(N), which enables customers to achieve two key functions: trust computing measurement and encryption/decryption acceleration.
Mont-TSSE® SSE consists of 6 development components:
- Mont-TSSE® Firmware SDK: Security Firmware SDK (Zephyr-based)
- Mont-TSSE® Driver: Linux Hardware Driver
- Mont-TSSE® DPDK Package: DPDK Driver Interface
- Mont-TSSE® Crypto Library: High-performance Crypto Library
- Mont-TSSE® SSL Provider: OpenSSL Engine Interface
- Mont-TSSE® SDF: SDF Engine Interface
Key Features
Mont-TSSE® offers outstanding security performance, high flexibility, and ease of use. It is compatible with the industry's mainstream ecosystem, ensuring data security and secure operation across various computing platforms.
Compliance
Comply with the commercialization certification requirements for data protection products.
Easy of Use
Simple configuration enables quick deployment and management.
Compatibility
Compatible with the industry's mainstream ecosystem, allowing rapid integration with various operating systems and hardware platforms.
Reliability
Prioritize the implementation and practicality of trusted security while ensuring compatibility with other mainstream security technologies in the business environments.
Applications
Mont-TSSE® provides robust support for data protection and trusted applications across various scenarios, utilizing methods such as encryption, authentication and virtualization to meet the diverse developer needs.
For instance, Mont-TSSE® enhances data security both at rest and in transit. For data storage, it employs database and file encryption to effectively protect sensitive information from unauthorized access and data breaches. Furthermore, Mont-TSSE® utilizes data desensitization techniques to mask or replace sensitive data during processing, providing an additional layer of protection. In terms of data transmission, Mont-TSSE® implements IPsec/SSL VPN security gateways, offering robust encryption and authentication services to ensure data confidentiality and integrity. Additionally, signature/verification servers are used to authenticate data sources and verify data integrity, thereby protecting against tampering during transmission.
Regarding trusted applications, Mont-TSSE® provides a high-performance, highly secure hardware root of trust that supports hardware virtualization while maintaining robust security measures. The trusted solution is compatible with TPM/TCM/TPCM and features a dynamic measurement offloading mechanism, enabling flexible power control as well as a wide range of adaptive interfaces. Mont-TSSE® delivers comprehensive end-to-end security capabilities with optimal security performance from cloud to edge to endpoint. Additionally, this solution supports trusted security extensions for VMs/Containers, providing cloud tenants with equivalent levels of security protection.
Ecosystem
Mont-TSSE® is compatible with mainstream industry ecosystems such as OpenSSL and DPDK, enabling high-performance data plane operations to meet the needs of applications sensitive to network throughput and latency. By providing hardware-level security protection, Mont-TSSE® is suitable for trusted computing environments. Its support for cloud virtualization extensions offers multi-layered security solutions to effectively protect data security across various application scenarios.
Currently, the Mont-TSSE® software has achieved significant industry recognition, including product compatibility certification with UnionTech Server OS V20 and technical evaluation certificate from the OpenEuler open-source community. Futhermore, the Mont-TSSE® Driver has been incorporated into the kernel source code of open-source operating systems like OpenEuler, OpenAnolis, and OpenCloudOS. This integration allows users to download and use it directly without configuration.
Certified Component | Partner | Certification Result |
---|---|---|
Mont-TSSE® Driver | UnionTech | Passed mutual compatibility testing |
Mont-TSSE® Driver | OpenEuler | Integrated into OpenEuler 5.10 kernel Integrated into OpenEuler 6.6 kernel |
Mont-TSSE® Driver | OpenAnolis | Integrated into OpenAnolis 5.10 kernel Integrated into OpenAnolis 6.6 kernel |
Mont-TSSE® Driver | OpenCloudOS | Integrated into OpenCloudOS 5.4 kernel Integrated into OpenCloudOS 6.6 kernel |
Mont-TSSE® SDK | OpenEuler | Passed mutual compatibility testing |