Security of information in computers is of paramount importance. Considering the software security as inadequate, hardware rooted security standards were developed as Trusted Platform Module (TPM) 1.0 in 2003 and subsequently as TPM 2.0 in 2012. While trustworthy, these standards and their corresponding implementation in hardware as TPM chips were found to be inappropriate for mobile computing devices due to their small form factor, low computing resources, limited battery power and cost. Given these challenges, software derivative of TPM was devised for mobile devices as TPM Mobile. However, TPM Mobile was rarely implemented in real devices primarily due to lack of trust in its software nature. Another standard named as MTM also emerged as derivative of TPM but was never adopted widely due to physical limitations of the mobile devices that have been further constrained after introduction of Internet of Things. Subsequently, a software-cum-hardware combo implementation appeared in ARM-based mobile CPUs by the name of TrustZone as a trade-off between hardware and software. Although widely adopted ARM TrustZone has also been considered as inadequate vis-a-vis TPM standards. After conducting a comparative analysis of various security standards, this paper proposes mTPM, a comprehensive security standard. As such mTPM not only addresses prevalent information security requirements of mobile devices but also considers their physical constraints. mTPM primarily suggests an implementation of a security processor integrated within existing CPU, as stand-alone chip was considered infeasible for mobile devices. The detailed architectural model of mTPM has also been included as guidelines for uniformly secure implementation and standardization. In view of its advantages, mTPM is expected to find greater adoption and refinements over time.

计算机中信息的安全至关重要。考虑到软件安全性不足，基于硬件的安全性标准在2003年被开发为Trusted Platform Module（TPM）1.0，随后在2012年被开发为TPM 2.0。尽管值得信赖，但这些标准及其在硬件中作为TPM芯片的相应实现被认为是不合适的。用于移动计算设备的原因在于它们的外形小巧，计算资源低，电池电量和成本有限。面对这些挑战，TPM的软件衍生产品为TPM Mobile设计用于移动设备。但是，TPM Mobile很少在真实设备中实现，这主要是由于对其软件性质缺乏信任。另一个名为MTM的标准也作为TPM的衍生出现，但由于移动设备的物理限制而没有被广泛采用，而移动设备的限制在引入物联网后受到了进一步的限制。随后，一个名为“ TrustZone”的基于软件和硬件的组合实现出现在基于ARM的移动CPU中，作为硬件和软件之间的折衷方案。尽管被广泛采用的ARM TrustZone也被视为相对于TPM标准而言不够完善。在对各种安全标准进行比较分析后，本文提出了一种全面的安全标准mTPM。因此，mTPM不仅解决了移动设备的普遍信息安全要求，而且考虑了它们的物理约束。mTPM主要建议实现集成在现有CPU中的安全处理器，因为独立芯片被认为不适用于移动设备。mTPM的详细体系结构模型也已作为统一安全实施和标准化的指南而包括在内。鉴于其优势，随着时间的推移，mTPM有望获得更大的采用和改进。