CO2019007656A2 - Sellado de datos con un enclave de sellado - Google Patents
Sellado de datos con un enclave de selladoInfo
- Publication number
- CO2019007656A2 CO2019007656A2 CONC2019/0007656A CO2019007656A CO2019007656A2 CO 2019007656 A2 CO2019007656 A2 CO 2019007656A2 CO 2019007656 A CO2019007656 A CO 2019007656A CO 2019007656 A2 CO2019007656 A2 CO 2019007656A2
- Authority
- CO
- Colombia
- Prior art keywords
- enclave
- sealing
- data
- computer
- safely
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1408—Protection against unauthorised use of memory or access to memory by using cryptography
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/10—Providing a specific technical effect
- G06F2212/1052—Security improvement
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
- Medicines Containing Antibodies Or Antigens For Use As Internal Diagnostic Agents (AREA)
- Buffer Packaging (AREA)
- Bag Frames (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Packaging For Recording Disks (AREA)
- Computer And Data Communications (AREA)
Abstract
Se presentan técnicas para sellar y desellar de manera segura datos de enclave a través de plataformas. Los datos de enclave de un enclave de origen alojado en una primera computadora pueden sellarse de manera segura en un enclave de sellado en una segunda computadora, y pueden además desellarse de manera segura para un enclave de destino en una tercera computadora. Se divulga la transferencia de manera segura de una carga de trabajo de enclave de una computadora a otra.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/414,492 US10931652B2 (en) | 2017-01-24 | 2017-01-24 | Data sealing with a sealing enclave |
PCT/US2017/067455 WO2018140164A1 (en) | 2017-01-24 | 2017-12-20 | Data sealing with a sealing enclave |
Publications (1)
Publication Number | Publication Date |
---|---|
CO2019007656A2 true CO2019007656A2 (es) | 2019-07-31 |
Family
ID=60972452
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CONC2019/0007656A CO2019007656A2 (es) | 2017-01-24 | 2019-07-16 | Sellado de datos con un enclave de sellado |
Country Status (19)
Country | Link |
---|---|
US (1) | US10931652B2 (es) |
EP (2) | EP3574439B1 (es) |
JP (1) | JP7089529B2 (es) |
KR (1) | KR102510273B1 (es) |
CN (1) | CN110199286B (es) |
AU (1) | AU2017395734B2 (es) |
BR (1) | BR112019013586A2 (es) |
CA (1) | CA3048407A1 (es) |
CL (1) | CL2019002009A1 (es) |
CO (1) | CO2019007656A2 (es) |
IL (1) | IL267948B (es) |
MX (1) | MX2019008692A (es) |
MY (1) | MY202282A (es) |
NZ (1) | NZ754523A (es) |
PH (1) | PH12019550115A1 (es) |
RU (1) | RU2759329C2 (es) |
SG (1) | SG11201905461VA (es) |
WO (1) | WO2018140164A1 (es) |
ZA (1) | ZA201903704B (es) |
Families Citing this family (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11443033B2 (en) | 2017-01-24 | 2022-09-13 | Microsoft Technology Licensing, Llc | Abstract enclave identity |
US10911451B2 (en) | 2017-01-24 | 2021-02-02 | Microsoft Technology Licensing, Llc | Cross-platform enclave data sealing |
WO2019199303A1 (en) * | 2018-04-11 | 2019-10-17 | Google Llc | Mutually distrusting enclaves |
US10691621B2 (en) * | 2018-04-12 | 2020-06-23 | Sony Interactive Entertainment Inc. | Data cache segregation for spectre mitigation |
US11934540B2 (en) | 2018-05-28 | 2024-03-19 | Royal Bank Of Canada | System and method for multiparty secure computing platform |
US20210406386A1 (en) * | 2018-05-28 | 2021-12-30 | Royal Bank Of Canada | System and method for multiparty secure computing platform |
US11443072B2 (en) | 2018-06-29 | 2022-09-13 | Microsoft Technology Licensing, Llc | Peripheral device with resource isolation |
US11126757B2 (en) | 2018-10-19 | 2021-09-21 | Microsoft Technology Licensing, Llc | Peripheral device |
US11741196B2 (en) | 2018-11-15 | 2023-08-29 | The Research Foundation For The State University Of New York | Detecting and preventing exploits of software vulnerability using instruction tags |
US11416633B2 (en) | 2019-02-15 | 2022-08-16 | International Business Machines Corporation | Secure, multi-level access to obfuscated data for analytics |
US11316687B2 (en) * | 2019-03-04 | 2022-04-26 | Cypress Semiconductor Corporation | Encrypted gang programming |
US20220158856A1 (en) * | 2019-04-01 | 2022-05-19 | Telefonaktiebolaget Lm Ericsson (Publ) | Attestation of trusted execution environments |
US11356367B2 (en) * | 2019-11-22 | 2022-06-07 | Red Hat, Inc. | Secure preloading of serverless function sequences |
CN113139175A (zh) * | 2020-01-19 | 2021-07-20 | 阿里巴巴集团控股有限公司 | 处理单元、电子设备以及安全控制方法 |
US11627116B2 (en) * | 2020-03-02 | 2023-04-11 | Fortanix, Inc. | Secure computation of multiparty data |
EP4226573A1 (en) | 2020-10-05 | 2023-08-16 | Redcom Laboratories, Inc. | Zkmfa: zero-knowledge based multi-factor authentication system |
WO2022184618A1 (en) * | 2021-03-02 | 2022-09-09 | F. Hoffmann-La Roche Ag | Secure collaborative laboratory data analytics system |
US20230131060A1 (en) * | 2021-10-22 | 2023-04-27 | Microsoft Technology Licensing, Llc | Secure authentication using attestation tokens and inviolable quotes to validate request origins |
US20220222358A1 (en) * | 2022-03-31 | 2022-07-14 | Intel Corporation | Scalable cloning and replication for trusted execution environments |
Family Cites Families (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8839450B2 (en) | 2007-08-02 | 2014-09-16 | Intel Corporation | Secure vault service for software components within an execution environment |
US7712143B2 (en) * | 2006-09-27 | 2010-05-04 | Blue Ridge Networks, Inc. | Trusted enclave for a computer system |
US8208637B2 (en) | 2007-12-17 | 2012-06-26 | Microsoft Corporation | Migration of computer secrets |
US8549625B2 (en) * | 2008-12-12 | 2013-10-01 | International Business Machines Corporation | Classification of unwanted or malicious software through the identification of encrypted data communication |
KR20110035573A (ko) * | 2009-09-30 | 2011-04-06 | 주식회사 케이티 | 클라우드 컴퓨팅 환경에서 안전한 가상 머신 설치를 제공하는 방법 |
US8972746B2 (en) * | 2010-12-17 | 2015-03-03 | Intel Corporation | Technique for supporting multiple secure enclaves |
US9009475B2 (en) | 2011-04-05 | 2015-04-14 | Apple Inc. | Apparatus and methods for storing electronic access clients |
US8799997B2 (en) | 2011-04-18 | 2014-08-05 | Bank Of America Corporation | Secure network cloud architecture |
US8176283B1 (en) * | 2011-09-26 | 2012-05-08 | Google Inc. | Permissions of objects in hosted storage |
WO2013172958A1 (en) * | 2012-05-16 | 2013-11-21 | Spydrsafe Mobile Security, Inc. | Systems and methods for providing and managing distributed enclaves |
US8438631B1 (en) * | 2013-01-24 | 2013-05-07 | Sideband Networks, Inc. | Security enclave device to extend a virtual secure processing environment to a client device |
WO2014196966A1 (en) * | 2013-06-04 | 2014-12-11 | Intel Corporation | Technologies for hardening the security of digital information on client platforms |
US9276750B2 (en) * | 2013-07-23 | 2016-03-01 | Intel Corporation | Secure processing environment measurement and attestation |
US10469472B2 (en) * | 2013-08-12 | 2019-11-05 | Cis Maxwell, Llc | Operating system integrated domain management |
US9430642B2 (en) | 2013-09-17 | 2016-08-30 | Microsoft Technology Licensing, Llc | Providing virtual secure mode with different virtual trust levels each having separate memory access protections, interrupt subsystems and private processor states |
US9536063B2 (en) * | 2013-10-24 | 2017-01-03 | Intel Corporation | Methods and apparatus for protecting software from unauthorized copying |
EP3084667A4 (en) * | 2013-12-19 | 2017-07-26 | Intel Corporation | Policy-based trusted inspection of rights managed content |
US9355262B2 (en) * | 2013-12-27 | 2016-05-31 | Intel Corporation | Modifying memory permissions in a secure processing environment |
US9462001B2 (en) * | 2014-01-15 | 2016-10-04 | Cisco Technology, Inc. | Computer network access control |
US9792427B2 (en) * | 2014-02-07 | 2017-10-17 | Microsoft Technology Licensing, Llc | Trusted execution within a distributed computing system |
US9584517B1 (en) * | 2014-09-03 | 2017-02-28 | Amazon Technologies, Inc. | Transforms within secure execution environments |
US9461994B2 (en) * | 2014-11-26 | 2016-10-04 | Intel Corporation | Trusted computing base evidence binding for a migratable virtual machine |
US9940456B2 (en) | 2014-12-16 | 2018-04-10 | Intel Corporation | Using trusted execution environments for security of code and data |
US9904803B2 (en) | 2015-03-25 | 2018-02-27 | Intel Corporation | Technologies for hardening data encryption with secure enclaves |
US20160335453A1 (en) * | 2015-05-15 | 2016-11-17 | Gina Kounga | Managing Data |
US9954950B2 (en) * | 2015-12-23 | 2018-04-24 | Intel Corporation | Attestable information flow control in computer systems |
US10565370B2 (en) * | 2015-12-24 | 2020-02-18 | Intel Corporation | System and method for enabling secure memory transactions using enclaves |
CN105991647B (zh) * | 2016-01-21 | 2019-06-28 | 李明 | 一种数据传输的方法 |
US10469265B2 (en) * | 2016-03-31 | 2019-11-05 | Intel Corporation | Technologies for secure inter-enclave communications |
US10437985B2 (en) * | 2016-10-01 | 2019-10-08 | Intel Corporation | Using a second device to enroll a secure application enclave |
US10338957B2 (en) | 2016-12-27 | 2019-07-02 | Intel Corporation | Provisioning keys for virtual machine secure enclaves |
US10530777B2 (en) | 2017-01-24 | 2020-01-07 | Microsoft Technology Licensing, Llc | Data unsealing with a sealing enclave |
US10372945B2 (en) | 2017-01-24 | 2019-08-06 | Microsoft Technology Licensing, Llc | Cross-platform enclave identity |
-
2017
- 2017-01-24 US US15/414,492 patent/US10931652B2/en active Active
- 2017-12-20 MX MX2019008692A patent/MX2019008692A/es unknown
- 2017-12-20 AU AU2017395734A patent/AU2017395734B2/en active Active
- 2017-12-20 KR KR1020197021624A patent/KR102510273B1/ko active IP Right Grant
- 2017-12-20 SG SG11201905461VA patent/SG11201905461VA/en unknown
- 2017-12-20 CN CN201780084410.0A patent/CN110199286B/zh active Active
- 2017-12-20 CA CA3048407A patent/CA3048407A1/en active Granted
- 2017-12-20 BR BR112019013586-3A patent/BR112019013586A2/pt unknown
- 2017-12-20 EP EP17829497.1A patent/EP3574439B1/en active Active
- 2017-12-20 JP JP2019539980A patent/JP7089529B2/ja active Active
- 2017-12-20 WO PCT/US2017/067455 patent/WO2018140164A1/en unknown
- 2017-12-20 EP EP20208027.1A patent/EP3798889B1/en active Active
- 2017-12-20 RU RU2019126623A patent/RU2759329C2/ru active
- 2017-12-20 MY MYPI2019003995A patent/MY202282A/en unknown
- 2017-12-20 NZ NZ754523A patent/NZ754523A/en unknown
-
2019
- 2019-06-10 ZA ZA2019/03704A patent/ZA201903704B/en unknown
- 2019-06-28 PH PH12019550115A patent/PH12019550115A1/en unknown
- 2019-07-09 IL IL267948A patent/IL267948B/en unknown
- 2019-07-16 CO CONC2019/0007656A patent/CO2019007656A2/es unknown
- 2019-07-18 CL CL2019002009A patent/CL2019002009A1/es unknown
Also Published As
Publication number | Publication date |
---|---|
IL267948B (en) | 2022-01-01 |
JP7089529B2 (ja) | 2022-06-22 |
KR102510273B1 (ko) | 2023-03-14 |
AU2017395734A1 (en) | 2019-07-04 |
WO2018140164A1 (en) | 2018-08-02 |
CN110199286A (zh) | 2019-09-03 |
KR20190108575A (ko) | 2019-09-24 |
CL2019002009A1 (es) | 2019-12-13 |
RU2759329C2 (ru) | 2021-11-11 |
SG11201905461VA (en) | 2019-08-27 |
MX2019008692A (es) | 2019-09-11 |
EP3574439A1 (en) | 2019-12-04 |
JP2020505700A (ja) | 2020-02-20 |
NZ754523A (en) | 2023-03-31 |
MY202282A (en) | 2024-04-22 |
CN110199286B (zh) | 2023-04-14 |
EP3798889A1 (en) | 2021-03-31 |
US10931652B2 (en) | 2021-02-23 |
IL267948A (en) | 2019-09-26 |
ZA201903704B (en) | 2020-10-28 |
BR112019013586A2 (pt) | 2020-01-07 |
CA3048407A1 (en) | 2018-08-02 |
PH12019550115A1 (en) | 2019-12-02 |
EP3798889B1 (en) | 2022-09-28 |
US20180212939A1 (en) | 2018-07-26 |
RU2019126623A3 (es) | 2021-04-16 |
RU2019126623A (ru) | 2021-02-26 |
AU2017395734B2 (en) | 2021-11-18 |
EP3574439B1 (en) | 2021-01-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CO2019007874A2 (es) | Desellado de datos con un enclave de sellado | |
CO2019007656A2 (es) | Sellado de datos con un enclave de sellado | |
CL2017000127A1 (es) | Transacciones sintéticas entre puntos extremos de comunicación | |
BR112014007798A2 (pt) | implementação de comunicações seguras em um sistema de suporte | |
CL2018000392A1 (es) | Sistema y método para gestionar la salida de potencia de una célula fotovoltaica | |
CO2020005810A2 (es) | Acceso aleatorio con conmutación de parte de ancho de banda | |
GB201312055D0 (en) | Extent migration for paired storage | |
BR112018004896A2 (pt) | ?dispositivo proxy para representar múltiplas credenciais | |
BR112017019376A2 (pt) | ?métodos para iniciar a agregação de tráfego de rede de área local sem fio e tráfego de rede celular para o equipamento de usuário e para iniciar a agregação de tráfego de wlan e de tráfego de rede celular para um equipamento de usuário, nós de uma rede de acesso por rádio, de uma rede de área local sem fio e de tráfego de uma rede de área local sem fio, equipamento de usuário, produto de programa de computador, e, mídia de armazenamento legível por computador?. | |
CO2019007651A2 (es) | Identidad abstracta de enclave | |
BR112015017320A2 (pt) | nó subaquático para inspeções sísmicas e método | |
BR112016006713A2 (pt) | método de compatibilidade de capacidade, aparelho e sistema | |
AR107407A1 (es) | Dispositivo de elevación de huevos, y sistemas y métodos de transferencia asociados | |
CL2016003286A1 (es) | Pasivación de las superficies receptoras de luz de celdas solares con silicio cristalino. | |
CL2015002961A1 (es) | Unidad a base de cartón | |
CL2018002431A1 (es) | Panel tipo sándwich con aberturas | |
CL2015002139A1 (es) | Acoplamiento elastico | |
CL2017003349A1 (es) | Sistema y método para establecer comunicaciones sobre una pluralidad de plataformas de comunicación | |
EP3820190A4 (en) | ENERGY SAVING PROCESS, DEVICE AND COMPUTER READABLE INFORMATION SUPPORT | |
BR112017021982A2 (pt) | método, dispositivo de telecomunicações eletrônico, meio de armazenamento legível por computador não transitório. | |
AR096315A1 (es) | Laminado de seguridad | |
AR102289A1 (es) | Dispositivos y métodos para procesamiento de señales digitales en telemetría de pulso de lodo | |
AR097105A1 (es) | Artículo absorbente con sistema de cierre con baja rigidez | |
BR112019006525A2 (pt) | gateways distribuídos com centro de dados centralizados para rede local de feixes para satélite de alto rendimento (hts) | |
PE20151479A1 (es) | Metodos de manipulacion de papaya |