Omnishield provides security through separation of memory spaces used by each system function. Each of these separate memory spaces is known as a “Domain”. Each system function can only use its own domain and normally can’t access the domains used by other functions.
A competitive advantage of Omnishield versus the ARM Trustzone technology is that multiple domains can be created as required by each system. By having multiple domains, single functions can be isolated from the rest of the system. This allows for the advantageous situation where mutually-distrusting applications not having to trust each other. In Trustzone, mutually distrusting applications do have to trust each other as they would all reside in a single Trusted World. The architecture allows up to 255 domains, particular implementations might only allow lower number of domains.
Access to memory spaces which are shared among multiple domains is programmatically controlled by privileged software within the system.