CO2019007656A2 - Sellado de datos con un enclave de sellado - Google Patents

Sellado de datos con un enclave de sellado

Info

Publication number
CO2019007656A2
CO2019007656A2 CONC2019/0007656A CO2019007656A CO2019007656A2 CO 2019007656 A2 CO2019007656 A2 CO 2019007656A2 CO 2019007656 A CO2019007656 A CO 2019007656A CO 2019007656 A2 CO2019007656 A2 CO 2019007656A2
Authority
CO
Colombia
Prior art keywords
enclave
sealing
data
computer
safely
Prior art date
Application number
CONC2019/0007656A
Other languages
English (en)
Inventor
Manuel Costa
Original Assignee
Microsoft Technology Licensing Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Technology Licensing Llc filed Critical Microsoft Technology Licensing Llc
Publication of CO2019007656A2 publication Critical patent/CO2019007656A2/es

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Medicines Containing Antibodies Or Antigens For Use As Internal Diagnostic Agents (AREA)
  • Buffer Packaging (AREA)
  • Bag Frames (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Packaging For Recording Disks (AREA)
  • Computer And Data Communications (AREA)

Abstract

Se presentan técnicas para sellar y desellar de manera segura datos de enclave a través de plataformas. Los datos de enclave de un enclave de origen alojado en una primera computadora pueden sellarse de manera segura en un enclave de sellado en una segunda computadora, y pueden además desellarse de manera segura para un enclave de destino en una tercera computadora. Se divulga la transferencia de manera segura de una carga de trabajo de enclave de una computadora a otra.
CONC2019/0007656A 2017-01-24 2019-07-16 Sellado de datos con un enclave de sellado CO2019007656A2 (es)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15/414,492 US10931652B2 (en) 2017-01-24 2017-01-24 Data sealing with a sealing enclave
PCT/US2017/067455 WO2018140164A1 (en) 2017-01-24 2017-12-20 Data sealing with a sealing enclave

Publications (1)

Publication Number Publication Date
CO2019007656A2 true CO2019007656A2 (es) 2019-07-31

Family

ID=60972452

Family Applications (1)

Application Number Title Priority Date Filing Date
CONC2019/0007656A CO2019007656A2 (es) 2017-01-24 2019-07-16 Sellado de datos con un enclave de sellado

Country Status (19)

Country Link
US (1) US10931652B2 (es)
EP (2) EP3574439B1 (es)
JP (1) JP7089529B2 (es)
KR (1) KR102510273B1 (es)
CN (1) CN110199286B (es)
AU (1) AU2017395734B2 (es)
BR (1) BR112019013586A2 (es)
CA (1) CA3048407A1 (es)
CL (1) CL2019002009A1 (es)
CO (1) CO2019007656A2 (es)
IL (1) IL267948B (es)
MX (1) MX2019008692A (es)
MY (1) MY202282A (es)
NZ (1) NZ754523A (es)
PH (1) PH12019550115A1 (es)
RU (1) RU2759329C2 (es)
SG (1) SG11201905461VA (es)
WO (1) WO2018140164A1 (es)
ZA (1) ZA201903704B (es)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11443033B2 (en) 2017-01-24 2022-09-13 Microsoft Technology Licensing, Llc Abstract enclave identity
US10911451B2 (en) 2017-01-24 2021-02-02 Microsoft Technology Licensing, Llc Cross-platform enclave data sealing
WO2019199303A1 (en) * 2018-04-11 2019-10-17 Google Llc Mutually distrusting enclaves
US10691621B2 (en) * 2018-04-12 2020-06-23 Sony Interactive Entertainment Inc. Data cache segregation for spectre mitigation
US11934540B2 (en) 2018-05-28 2024-03-19 Royal Bank Of Canada System and method for multiparty secure computing platform
US20210406386A1 (en) * 2018-05-28 2021-12-30 Royal Bank Of Canada System and method for multiparty secure computing platform
US11443072B2 (en) 2018-06-29 2022-09-13 Microsoft Technology Licensing, Llc Peripheral device with resource isolation
US11126757B2 (en) 2018-10-19 2021-09-21 Microsoft Technology Licensing, Llc Peripheral device
US11741196B2 (en) 2018-11-15 2023-08-29 The Research Foundation For The State University Of New York Detecting and preventing exploits of software vulnerability using instruction tags
US11416633B2 (en) 2019-02-15 2022-08-16 International Business Machines Corporation Secure, multi-level access to obfuscated data for analytics
US11316687B2 (en) * 2019-03-04 2022-04-26 Cypress Semiconductor Corporation Encrypted gang programming
US20220158856A1 (en) * 2019-04-01 2022-05-19 Telefonaktiebolaget Lm Ericsson (Publ) Attestation of trusted execution environments
US11356367B2 (en) * 2019-11-22 2022-06-07 Red Hat, Inc. Secure preloading of serverless function sequences
CN113139175A (zh) * 2020-01-19 2021-07-20 阿里巴巴集团控股有限公司 处理单元、电子设备以及安全控制方法
US11627116B2 (en) * 2020-03-02 2023-04-11 Fortanix, Inc. Secure computation of multiparty data
EP4226573A1 (en) 2020-10-05 2023-08-16 Redcom Laboratories, Inc. Zkmfa: zero-knowledge based multi-factor authentication system
WO2022184618A1 (en) * 2021-03-02 2022-09-09 F. Hoffmann-La Roche Ag Secure collaborative laboratory data analytics system
US20230131060A1 (en) * 2021-10-22 2023-04-27 Microsoft Technology Licensing, Llc Secure authentication using attestation tokens and inviolable quotes to validate request origins
US20220222358A1 (en) * 2022-03-31 2022-07-14 Intel Corporation Scalable cloning and replication for trusted execution environments

Family Cites Families (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8839450B2 (en) 2007-08-02 2014-09-16 Intel Corporation Secure vault service for software components within an execution environment
US7712143B2 (en) * 2006-09-27 2010-05-04 Blue Ridge Networks, Inc. Trusted enclave for a computer system
US8208637B2 (en) 2007-12-17 2012-06-26 Microsoft Corporation Migration of computer secrets
US8549625B2 (en) * 2008-12-12 2013-10-01 International Business Machines Corporation Classification of unwanted or malicious software through the identification of encrypted data communication
KR20110035573A (ko) * 2009-09-30 2011-04-06 주식회사 케이티 클라우드 컴퓨팅 환경에서 안전한 가상 머신 설치를 제공하는 방법
US8972746B2 (en) * 2010-12-17 2015-03-03 Intel Corporation Technique for supporting multiple secure enclaves
US9009475B2 (en) 2011-04-05 2015-04-14 Apple Inc. Apparatus and methods for storing electronic access clients
US8799997B2 (en) 2011-04-18 2014-08-05 Bank Of America Corporation Secure network cloud architecture
US8176283B1 (en) * 2011-09-26 2012-05-08 Google Inc. Permissions of objects in hosted storage
WO2013172958A1 (en) * 2012-05-16 2013-11-21 Spydrsafe Mobile Security, Inc. Systems and methods for providing and managing distributed enclaves
US8438631B1 (en) * 2013-01-24 2013-05-07 Sideband Networks, Inc. Security enclave device to extend a virtual secure processing environment to a client device
WO2014196966A1 (en) * 2013-06-04 2014-12-11 Intel Corporation Technologies for hardening the security of digital information on client platforms
US9276750B2 (en) * 2013-07-23 2016-03-01 Intel Corporation Secure processing environment measurement and attestation
US10469472B2 (en) * 2013-08-12 2019-11-05 Cis Maxwell, Llc Operating system integrated domain management
US9430642B2 (en) 2013-09-17 2016-08-30 Microsoft Technology Licensing, Llc Providing virtual secure mode with different virtual trust levels each having separate memory access protections, interrupt subsystems and private processor states
US9536063B2 (en) * 2013-10-24 2017-01-03 Intel Corporation Methods and apparatus for protecting software from unauthorized copying
EP3084667A4 (en) * 2013-12-19 2017-07-26 Intel Corporation Policy-based trusted inspection of rights managed content
US9355262B2 (en) * 2013-12-27 2016-05-31 Intel Corporation Modifying memory permissions in a secure processing environment
US9462001B2 (en) * 2014-01-15 2016-10-04 Cisco Technology, Inc. Computer network access control
US9792427B2 (en) * 2014-02-07 2017-10-17 Microsoft Technology Licensing, Llc Trusted execution within a distributed computing system
US9584517B1 (en) * 2014-09-03 2017-02-28 Amazon Technologies, Inc. Transforms within secure execution environments
US9461994B2 (en) * 2014-11-26 2016-10-04 Intel Corporation Trusted computing base evidence binding for a migratable virtual machine
US9940456B2 (en) 2014-12-16 2018-04-10 Intel Corporation Using trusted execution environments for security of code and data
US9904803B2 (en) 2015-03-25 2018-02-27 Intel Corporation Technologies for hardening data encryption with secure enclaves
US20160335453A1 (en) * 2015-05-15 2016-11-17 Gina Kounga Managing Data
US9954950B2 (en) * 2015-12-23 2018-04-24 Intel Corporation Attestable information flow control in computer systems
US10565370B2 (en) * 2015-12-24 2020-02-18 Intel Corporation System and method for enabling secure memory transactions using enclaves
CN105991647B (zh) * 2016-01-21 2019-06-28 李明 一种数据传输的方法
US10469265B2 (en) * 2016-03-31 2019-11-05 Intel Corporation Technologies for secure inter-enclave communications
US10437985B2 (en) * 2016-10-01 2019-10-08 Intel Corporation Using a second device to enroll a secure application enclave
US10338957B2 (en) 2016-12-27 2019-07-02 Intel Corporation Provisioning keys for virtual machine secure enclaves
US10530777B2 (en) 2017-01-24 2020-01-07 Microsoft Technology Licensing, Llc Data unsealing with a sealing enclave
US10372945B2 (en) 2017-01-24 2019-08-06 Microsoft Technology Licensing, Llc Cross-platform enclave identity

Also Published As

Publication number Publication date
IL267948B (en) 2022-01-01
JP7089529B2 (ja) 2022-06-22
KR102510273B1 (ko) 2023-03-14
AU2017395734A1 (en) 2019-07-04
WO2018140164A1 (en) 2018-08-02
CN110199286A (zh) 2019-09-03
KR20190108575A (ko) 2019-09-24
CL2019002009A1 (es) 2019-12-13
RU2759329C2 (ru) 2021-11-11
SG11201905461VA (en) 2019-08-27
MX2019008692A (es) 2019-09-11
EP3574439A1 (en) 2019-12-04
JP2020505700A (ja) 2020-02-20
NZ754523A (en) 2023-03-31
MY202282A (en) 2024-04-22
CN110199286B (zh) 2023-04-14
EP3798889A1 (en) 2021-03-31
US10931652B2 (en) 2021-02-23
IL267948A (en) 2019-09-26
ZA201903704B (en) 2020-10-28
BR112019013586A2 (pt) 2020-01-07
CA3048407A1 (en) 2018-08-02
PH12019550115A1 (en) 2019-12-02
EP3798889B1 (en) 2022-09-28
US20180212939A1 (en) 2018-07-26
RU2019126623A3 (es) 2021-04-16
RU2019126623A (ru) 2021-02-26
AU2017395734B2 (en) 2021-11-18
EP3574439B1 (en) 2021-01-20

Similar Documents

Publication Publication Date Title
CO2019007874A2 (es) Desellado de datos con un enclave de sellado
CO2019007656A2 (es) Sellado de datos con un enclave de sellado
CL2017000127A1 (es) Transacciones sintéticas entre puntos extremos de comunicación
BR112014007798A2 (pt) implementação de comunicações seguras em um sistema de suporte
CL2018000392A1 (es) Sistema y método para gestionar la salida de potencia de una célula fotovoltaica
CO2020005810A2 (es) Acceso aleatorio con conmutación de parte de ancho de banda
GB201312055D0 (en) Extent migration for paired storage
BR112018004896A2 (pt) ?dispositivo proxy para representar múltiplas credenciais
BR112017019376A2 (pt) ?métodos para iniciar a agregação de tráfego de rede de área local sem fio e tráfego de rede celular para o equipamento de usuário e para iniciar a agregação de tráfego de wlan e de tráfego de rede celular para um equipamento de usuário, nós de uma rede de acesso por rádio, de uma rede de área local sem fio e de tráfego de uma rede de área local sem fio, equipamento de usuário, produto de programa de computador, e, mídia de armazenamento legível por computador?.
CO2019007651A2 (es) Identidad abstracta de enclave
BR112015017320A2 (pt) nó subaquático para inspeções sísmicas e método
BR112016006713A2 (pt) método de compatibilidade de capacidade, aparelho e sistema
AR107407A1 (es) Dispositivo de elevación de huevos, y sistemas y métodos de transferencia asociados
CL2016003286A1 (es) Pasivación de las superficies receptoras de luz de celdas solares con silicio cristalino.
CL2015002961A1 (es) Unidad a base de cartón
CL2018002431A1 (es) Panel tipo sándwich con aberturas
CL2015002139A1 (es) Acoplamiento elastico
CL2017003349A1 (es) Sistema y método para establecer comunicaciones sobre una pluralidad de plataformas de comunicación
EP3820190A4 (en) ENERGY SAVING PROCESS, DEVICE AND COMPUTER READABLE INFORMATION SUPPORT
BR112017021982A2 (pt) método, dispositivo de telecomunicações eletrônico, meio de armazenamento legível por computador não transitório.
AR096315A1 (es) Laminado de seguridad
AR102289A1 (es) Dispositivos y métodos para procesamiento de señales digitales en telemetría de pulso de lodo
AR097105A1 (es) Artículo absorbente con sistema de cierre con baja rigidez
BR112019006525A2 (pt) gateways distribuídos com centro de dados centralizados para rede local de feixes para satélite de alto rendimento (hts)
PE20151479A1 (es) Metodos de manipulacion de papaya