JP2022539969A - プロセスコンテナのコンテキストからセキュアメモリエンクレーブを使用すること - Google Patents

プロセスコンテナのコンテキストからセキュアメモリエンクレーブを使用すること Download PDF

Info

Publication number
JP2022539969A
JP2022539969A JP2021572526A JP2021572526A JP2022539969A JP 2022539969 A JP2022539969 A JP 2022539969A JP 2021572526 A JP2021572526 A JP 2021572526A JP 2021572526 A JP2021572526 A JP 2021572526A JP 2022539969 A JP2022539969 A JP 2022539969A
Authority
JP
Japan
Prior art keywords
container
security
authentication
memory
containers
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
JP2021572526A
Other languages
English (en)
Japanese (ja)
Other versions
JP2022539969A5 (https=
Inventor
クリストファー レンケ,マックスウェル
ジェームス スターク,テイラー
エム. シュルツ,ベンジャミン
ヴィスワナータン,ギリダール
ジャスタス スミス,フレデリック
チャンディ トーマス,ディープ
アール. プラパカ,ハリ
ティアンキ グオ,アンバー
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Technology Licensing LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Technology Licensing LLC filed Critical Microsoft Technology Licensing LLC
Publication of JP2022539969A publication Critical patent/JP2022539969A/ja
Publication of JP2022539969A5 publication Critical patent/JP2022539969A5/ja
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1433Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a module or a part of a module
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1441Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a range
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0622Securing storage systems in relation to access
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0629Configuration or reconfiguration of storage systems
    • G06F3/0631Configuration or reconfiguration of storage systems by allocating resources to storage systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0655Vertical data movement, i.e. input-output transfer; data movement between one or more hosts and one or more storage devices
    • G06F3/0659Command handling arrangements, e.g. command buffers, queues, command scheduling
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/067Distributed or networked storage systems, e.g. storage area networks [SAN], network attached storage [NAS]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/109Address translation for multiple virtual address spaces, e.g. segmentation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1004Compatibility, e.g. with legacy hardware
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1016Performance improvement
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/15Use in a specific computing environment
    • G06F2212/152Virtualized environment, e.g. logically partitioned system
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/65Details of virtual memory and virtual address translation
    • G06F2212/657Virtual address space management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Human Computer Interaction (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)
  • Communication Control (AREA)
  • Techniques For Improving Reliability Of Storages (AREA)
JP2021572526A 2019-07-09 2020-06-08 プロセスコンテナのコンテキストからセキュアメモリエンクレーブを使用すること Ceased JP2022539969A (ja)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201962872233P 2019-07-09 2019-07-09
US62/872,233 2019-07-09
US16/565,271 2019-09-09
US16/565,271 US11256785B2 (en) 2019-07-09 2019-09-09 Using secure memory enclaves from the context of process containers
PCT/US2020/036575 WO2021006973A1 (en) 2019-07-09 2020-06-08 Using secure memory enclaves from the context of process containers

Publications (2)

Publication Number Publication Date
JP2022539969A true JP2022539969A (ja) 2022-09-14
JP2022539969A5 JP2022539969A5 (https=) 2023-05-19

Family

ID=74101941

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2021572526A Ceased JP2022539969A (ja) 2019-07-09 2020-06-08 プロセスコンテナのコンテキストからセキュアメモリエンクレーブを使用すること

Country Status (13)

Country Link
US (2) US11256785B2 (https=)
EP (1) EP3997600B1 (https=)
JP (1) JP2022539969A (https=)
KR (1) KR20220027874A (https=)
CN (1) CN114080592A (https=)
AU (1) AU2020311836A1 (https=)
BR (1) BR112021024204A2 (https=)
CA (1) CA3143459A1 (https=)
IL (1) IL289614B2 (https=)
MX (1) MX2022000359A (https=)
PH (1) PH12022550042A1 (https=)
WO (1) WO2021006973A1 (https=)
ZA (1) ZA202109971B (https=)

Families Citing this family (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112217775B (zh) * 2019-07-12 2022-04-05 华为技术有限公司 一种远程证明方法及装置
US12010227B1 (en) 2019-09-30 2024-06-11 Amazon Technologies, Inc. System and methods for securing role credentials
US11363012B1 (en) * 2019-09-30 2022-06-14 Amazon Technologies, Inc. System and methods for using role credentials associated with a VM instance
WO2022011009A1 (en) * 2020-07-08 2022-01-13 Intel Corporation Attestation verifier role delegation
US11481497B2 (en) * 2020-09-11 2022-10-25 Dell Products L.P. Systems and methods for hardware attestation in an information handling system
CN112199740B (zh) * 2020-12-03 2021-03-16 飞天诚信科技股份有限公司 一种加密锁的实现方法及加密锁
US11695549B2 (en) * 2021-07-08 2023-07-04 Nec Corporation Multi-device remote attestation
US12362938B2 (en) * 2021-08-05 2025-07-15 International Business Machines Corporation Attestation of a secure guest
US12056232B2 (en) * 2021-08-27 2024-08-06 EMC IP Holding Company LLC Function-based service framework with trusted execution platform
GB2610861B (en) 2021-09-20 2023-10-11 Intelligent Voice Ltd Confidential Automated Speech Recogntion
US11954219B1 (en) * 2021-11-15 2024-04-09 Amdocs Development Limited System, method, and computer program for universal security of container images
US12413420B2 (en) * 2021-12-15 2025-09-09 Intel Corporation Distributed attestation in heterogenous computing clusters
US12259963B2 (en) * 2022-02-22 2025-03-25 Mellanox Technologies, Ltd Confidential computing with device memory isolation
US11949583B2 (en) 2022-04-28 2024-04-02 Hewlett Packard Enterprise Development Lp Enforcing reference operating state compliance for cloud computing-based compute appliances
US20220335139A1 (en) * 2022-05-30 2022-10-20 Intel Corporation Method and apparatus for improved container image deployment
US20240241939A1 (en) * 2023-01-12 2024-07-18 R3 Ltd. Auditing secure enclaves
US20250061186A1 (en) * 2023-08-15 2025-02-20 Habu Inc. Confidential computing techniques for data clean rooms
US12355770B2 (en) * 2023-10-03 2025-07-08 strongDM, Inc. Identity and activity based network security policies
US12242599B1 (en) 2024-09-27 2025-03-04 strongDM, Inc. Fine-grained security policy enforcement for applications
US12348519B1 (en) 2025-02-07 2025-07-01 strongDM, Inc. Evaluating security policies in aggregate
US12432242B1 (en) 2025-03-28 2025-09-30 strongDM, Inc. Anomaly detection in managed networks
US12603921B1 (en) 2025-11-19 2026-04-14 strongDM, Inc. Indexing entities and attributes for policy enforcement

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2017117443A (ja) * 2015-12-22 2017-06-29 インテル コーポレイション 安全エンクレーヴを使ってクラウド可用性およびシリコン隔離を高める方法
JP2018509680A (ja) * 2015-02-23 2018-04-05 インテル・コーポレーション セキュアエンクレーブのプロセスを分岐してセキュアエンクレーブページキャッシュに子エンクレーブを確立する命令及びロジック
US20180211067A1 (en) * 2017-01-24 2018-07-26 Microsoft Technology Licensing, Llc Cross-platform enclave identity

Family Cites Families (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6305009B1 (en) * 1997-12-05 2001-10-16 Robert M. Goor Compiler design using object technology with cross platform capability
US7194446B1 (en) * 2003-09-25 2007-03-20 Rockwell Automation Technologies, Inc. Location-based execution of software/HMI
US20080022265A1 (en) * 2006-06-30 2008-01-24 Morris Robert P Methods, systems, and computer program products for generating and using object modules
US8489811B1 (en) * 2006-12-29 2013-07-16 Netapp, Inc. System and method for addressing data containers using data set identifiers
US20160085695A1 (en) * 2014-09-24 2016-03-24 Intel Corporation Memory initialization in a protected region
US20160350534A1 (en) * 2015-05-29 2016-12-01 Intel Corporation System, apparatus and method for controlling multiple trusted execution environments in a system
US10216529B1 (en) * 2015-11-19 2019-02-26 Virtuozzo International Gmbh Method and system for sharing driver pages
US10354095B2 (en) * 2016-03-31 2019-07-16 Intel Corporation Methods and apparatus to initialize enclaves on target processors
GB2550322B (en) * 2016-04-11 2019-02-27 100 Percent It Ltd Remote attestation of cloud infrastructure
US10135859B2 (en) * 2016-05-03 2018-11-20 Cisco Technology, Inc. Automated security enclave generation
US10447478B2 (en) * 2016-06-06 2019-10-15 Microsoft Technology Licensing, Llc Cryptographic applications for a blockchain system
WO2018026841A1 (en) * 2016-08-01 2018-02-08 Georgia Tech Research Corporation Methods and systems for providing secure mobile edge computing ecosystems
US10911451B2 (en) * 2017-01-24 2021-02-02 Microsoft Technology Licensing, Llc Cross-platform enclave data sealing
US11443033B2 (en) * 2017-01-24 2022-09-13 Microsoft Technology Licensing, Llc Abstract enclave identity
US10726120B2 (en) * 2017-03-31 2020-07-28 Intel Corporation System, apparatus and method for providing locality assertion between a security processor and an enclave
US10885189B2 (en) 2017-05-22 2021-01-05 Microsoft Technology Licensing, Llc Isolated container event monitoring
WO2019077607A1 (en) * 2017-10-17 2019-04-25 Argus Cyber Security Ltd. SYSTEM AND METHOD FOR MANAGING PROGRAM MEMORY ON A STORAGE DEVICE
US11010403B2 (en) * 2018-04-24 2021-05-18 Microsoft Technology Licensing, Llc Relational distributed ledger for smart contracts
CN108733455B (zh) * 2018-05-31 2020-08-18 上海交通大学 基于ARM TrustZone的容器隔离性增强系统
US10970103B2 (en) * 2018-12-28 2021-04-06 Intel Corporation Technologies for hybrid virtualization and secure enclave policy enforcement for edge orchestration
US10713181B1 (en) * 2019-02-21 2020-07-14 Virtuozzo International Gmbh Method and system for sharing driver pages
CN111199048B (zh) * 2020-01-02 2023-07-25 航天信息股份有限公司 基于具有生命周期的容器的大数据分级脱敏方法和系统
CN111857973A (zh) * 2020-07-30 2020-10-30 江苏方天电力技术有限公司 一种应用资源访问方法及装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2018509680A (ja) * 2015-02-23 2018-04-05 インテル・コーポレーション セキュアエンクレーブのプロセスを分岐してセキュアエンクレーブページキャッシュに子エンクレーブを確立する命令及びロジック
JP2017117443A (ja) * 2015-12-22 2017-06-29 インテル コーポレイション 安全エンクレーヴを使ってクラウド可用性およびシリコン隔離を高める方法
US20180211067A1 (en) * 2017-01-24 2018-07-26 Microsoft Technology Licensing, Llc Cross-platform enclave identity
JP2020505699A (ja) * 2017-01-24 2020-02-20 マイクロソフト テクノロジー ライセンシング,エルエルシー クロスプラットフォームエンクレーブアイデンティティ

Also Published As

Publication number Publication date
US11762964B2 (en) 2023-09-19
EP3997600A1 (en) 2022-05-18
US11256785B2 (en) 2022-02-22
EP3997600B1 (en) 2023-06-14
WO2021006973A1 (en) 2021-01-14
IL289614B1 (en) 2024-05-01
US20220147465A1 (en) 2022-05-12
IL289614B2 (en) 2024-09-01
US20210011984A1 (en) 2021-01-14
IL289614A (en) 2022-03-01
MX2022000359A (es) 2022-02-03
KR20220027874A (ko) 2022-03-08
BR112021024204A2 (pt) 2022-04-12
PH12022550042A1 (en) 2022-11-21
CN114080592A (zh) 2022-02-22
ZA202109971B (en) 2023-03-29
AU2020311836A1 (en) 2022-01-06
CA3143459A1 (en) 2021-01-14

Similar Documents

Publication Publication Date Title
US11762964B2 (en) Using secure memory enclaves from the context of process containers
EP3574438B1 (en) Data unsealing with a sealing enclave
EP3574437B1 (en) Cross-platform enclave data sealing
US9989043B2 (en) System and method for processor-based security
EP3574439B1 (en) Data sealing with a sealing enclave
EP3574432B1 (en) Abstract enclave identity
US10211985B1 (en) Validating using an offload device security component
US10243739B1 (en) Validating using an offload device security component
US20180211034A1 (en) Enclave client abstraction model
US20180211054A1 (en) Dependent enclave binaries
US20240220639A1 (en) Secure data offload in a disaggregated and heterogenous orchestration environment
US10691356B2 (en) Operating a secure storage device
CN120937303A (zh) 实现密码操作的保护
HK40066653A (zh) 从过程容器的上下文使用安全存储器包围区
Sadeghi Property-Based Attestation Approach and Virtual TPM
HK40009106A (en) Cross-platform enclave identity
HK40009102A (en) Method and system for data sealing with a sealing enclave
HK40008427A (en) Abstract enclave identity

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20230511

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20230511

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20240530

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20240531

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20240822

A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20240902

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20241002

A045 Written measure of dismissal of application [lapsed due to lack of payment]

Free format text: JAPANESE INTERMEDIATE CODE: A045

Effective date: 20250124