SG11201905462WA - Cross-platform enclave identity - Google Patents

Cross-platform enclave identity

Info

Publication number
SG11201905462WA
SG11201905462WA SG11201905462WA SG11201905462WA SG11201905462WA SG 11201905462W A SG11201905462W A SG 11201905462WA SG 11201905462W A SG11201905462W A SG 11201905462WA SG 11201905462W A SG11201905462W A SG 11201905462WA SG 11201905462W A SG11201905462W A SG 11201905462WA
Authority
SG
Singapore
Prior art keywords
enclave
identity
microsoft
international
abstract
Prior art date
Application number
SG11201905462WA
Other languages
English (en)
Inventor
Manuel Costa
Original Assignee
Microsoft Technology Licensing Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Technology Licensing Llc filed Critical Microsoft Technology Licensing Llc
Publication of SG11201905462WA publication Critical patent/SG11201905462WA/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Image Generation (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Ladders (AREA)
  • Blow-Moulding Or Thermoforming Of Plastics Or The Like (AREA)
  • Golf Clubs (AREA)
SG11201905462WA 2017-01-24 2018-01-19 Cross-platform enclave identity SG11201905462WA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15/414,421 US10372945B2 (en) 2017-01-24 2017-01-24 Cross-platform enclave identity
PCT/US2018/014298 WO2018140290A1 (en) 2017-01-24 2018-01-19 Cross-platform enclave identity

Publications (1)

Publication Number Publication Date
SG11201905462WA true SG11201905462WA (en) 2019-08-27

Family

ID=61157340

Family Applications (1)

Application Number Title Priority Date Filing Date
SG11201905462WA SG11201905462WA (en) 2017-01-24 2018-01-19 Cross-platform enclave identity

Country Status (18)

Country Link
US (1) US10372945B2 (zh)
EP (1) EP3574435B1 (zh)
JP (1) JP7094292B2 (zh)
KR (1) KR102467687B1 (zh)
CN (1) CN110199284B (zh)
AU (1) AU2018213020B2 (zh)
BR (1) BR112019013540A2 (zh)
CA (1) CA3046517C (zh)
CL (1) CL2019002007A1 (zh)
CO (1) CO2019007655A2 (zh)
IL (1) IL267938B (zh)
MX (1) MX2019008754A (zh)
NZ (1) NZ754515A (zh)
PH (1) PH12019550123A1 (zh)
RU (1) RU2759302C2 (zh)
SG (1) SG11201905462WA (zh)
WO (1) WO2018140290A1 (zh)
ZA (1) ZA201903705B (zh)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11443033B2 (en) 2017-01-24 2022-09-13 Microsoft Technology Licensing, Llc Abstract enclave identity
US10911451B2 (en) 2017-01-24 2021-02-02 Microsoft Technology Licensing, Llc Cross-platform enclave data sealing
US10931652B2 (en) 2017-01-24 2021-02-23 Microsoft Technology Licensing, Llc Data sealing with a sealing enclave
JP6959155B2 (ja) * 2017-05-15 2021-11-02 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカPanasonic Intellectual Property Corporation of America 検証方法、検証装置およびプログラム
US11126699B2 (en) * 2018-02-07 2021-09-21 Nec Corporation Replica trusted execution environment: enabling seamless replication of trusted execution environment (TEE)-based enclaves in the cloud
US11741196B2 (en) 2018-11-15 2023-08-29 The Research Foundation For The State University Of New York Detecting and preventing exploits of software vulnerability using instruction tags
CN110069921B (zh) * 2019-04-12 2021-01-01 中国科学院信息工程研究所 一种面向容器平台的可信软件授权验证系统及方法
US11256785B2 (en) * 2019-07-09 2022-02-22 Microsoft Technologly Licensing, LLC Using secure memory enclaves from the context of process containers
US11019033B1 (en) 2019-12-27 2021-05-25 EMC IP Holding Company LLC Trust domain secure enclaves in cloud infrastructure
US11627116B2 (en) * 2020-03-02 2023-04-11 Fortanix, Inc. Secure computation of multiparty data
CN112422500B (zh) * 2020-09-25 2023-05-16 北京熠智科技有限公司 跨平台数据传输方法以及装置、存储介质、电子装置
CN112817780B (zh) * 2021-02-01 2022-03-11 上海交通大学 一种实现安全与高性能进程间通信的方法和系统
EP4174694A1 (en) * 2021-10-28 2023-05-03 Thales Dis France SAS Method for securely executing an application
EP4174695A1 (en) * 2021-10-29 2023-05-03 Thales Dis France SAS Method to store data persistently by a software payload
EP4181000A1 (de) * 2021-11-15 2023-05-17 Siemens Mobility GmbH Verfahren und rechenumgebung zum erstellen und anwenden eines prüfalgorithmus für rechenvorgänge
US20230208828A1 (en) * 2021-12-23 2023-06-29 Dell Products, L.P. Layered workspace endorsement and verification
WO2023227233A1 (en) * 2022-05-26 2023-11-30 Telefonaktiebolaget Lm Ericsson (Publ) Verification of containers by host computing system

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1646954A4 (en) * 2003-08-21 2008-06-11 Microsoft Corp SYSTEMS AND METHOD FOR INTERFACING APPLICATION PROGRAMS WITH A POST-BASED MEMORY PLATFORM
US8213618B2 (en) * 2008-12-30 2012-07-03 Intel Corporation Protecting content on client platforms
US8352741B2 (en) * 2009-06-11 2013-01-08 Microsoft Corporation Discovery of secure network enclaves
US9742560B2 (en) * 2009-06-11 2017-08-22 Microsoft Technology Licensing, Llc Key management in secure network enclaves
US8621203B2 (en) * 2009-06-22 2013-12-31 Nokia Corporation Method and apparatus for authenticating a mobile device
CN103370715B (zh) 2010-10-31 2017-04-12 时间防御系统有限责任公司 用于保护虚拟计算环境的系统和方法
US8899378B2 (en) * 2011-09-13 2014-12-02 Black & Decker Inc. Compressor intake muffler and filter
US9323950B2 (en) * 2012-07-19 2016-04-26 Atmel Corporation Generating signatures using a secure device
US9118467B2 (en) * 2013-03-13 2015-08-25 Atmel Corporation Generating keys using secure hardware
WO2014196966A1 (en) * 2013-06-04 2014-12-11 Intel Corporation Technologies for hardening the security of digital information on client platforms
DE102013212525A1 (de) * 2013-06-27 2014-12-31 Siemens Aktiengesellschaft Datenspeichervorrichtung zum geschützten Datenaustausch zwischen verschiedenen Sicherheitszonen
US9276750B2 (en) * 2013-07-23 2016-03-01 Intel Corporation Secure processing environment measurement and attestation
US20170002456A1 (en) * 2013-12-27 2017-01-05 Drexel University Grain Size Tuning for Radiation Resistance
US9864861B2 (en) * 2014-03-27 2018-01-09 Intel Corporation Object oriented marshaling scheme for calls to a secure region
US10552619B2 (en) * 2015-07-20 2020-02-04 Intel Corporation Technologies for secure trusted I/O access control
WO2017023931A1 (en) * 2015-08-03 2017-02-09 Georgetown University Apparatus and method for delivery of antimicrobial during a transdermal sampling and delivery process
US10135622B2 (en) * 2016-06-03 2018-11-20 Intel Corporation Flexible provisioning of attestation keys in secure enclaves
US9873382B1 (en) * 2016-07-01 2018-01-23 Toyota Motor Engineering & Manufacturing North America, Inc. Console assemblies having support structures with side impact reinforcements
US10592435B2 (en) * 2016-07-14 2020-03-17 Intel Corporation System, apparatus and method for secure monotonic counter operations in a processor

Also Published As

Publication number Publication date
IL267938B (en) 2022-09-01
JP7094292B2 (ja) 2022-07-01
CN110199284B (zh) 2023-05-30
KR20190108574A (ko) 2019-09-24
WO2018140290A1 (en) 2018-08-02
CN110199284A (zh) 2019-09-03
US20180211067A1 (en) 2018-07-26
CA3046517A1 (en) 2018-08-02
AU2018213020B2 (en) 2021-11-25
CL2019002007A1 (es) 2019-12-13
RU2019126641A (ru) 2021-02-26
US10372945B2 (en) 2019-08-06
IL267938A (en) 2019-09-26
EP3574435A1 (en) 2019-12-04
PH12019550123A1 (en) 2020-02-10
AU2018213020A1 (en) 2019-07-04
RU2759302C2 (ru) 2021-11-11
ZA201903705B (en) 2020-11-25
RU2019126641A3 (zh) 2021-04-20
CO2019007655A2 (es) 2019-07-31
BR112019013540A2 (pt) 2020-01-07
CA3046517C (en) 2024-06-04
KR102467687B1 (ko) 2022-11-15
JP2020505699A (ja) 2020-02-20
MX2019008754A (es) 2019-09-11
EP3574435B1 (en) 2020-10-07
NZ754515A (en) 2023-05-26

Similar Documents

Publication Publication Date Title
SG11201905462WA (en) Cross-platform enclave identity
SG11201905463TA (en) Abstract enclave identity
SG11201905460SA (en) Data unsealing with a sealing enclave
SG11201809866PA (en) Cryptographic applications for a blockchain system
SG11201905461VA (en) Data sealing with a sealing enclave
SG11201907320YA (en) Trusted login method, server, and system
SG11201902981RA (en) Iot provisioning service
SG11201809963XA (en) Application framework using blockchain-based asset ownership
SG11201909454QA (en) Container-based virtual camera rotation
SG11201905458WA (en) Addressing a trusted execution environment using signing key
SG11201903459UA (en) Sharing protection for a screen sharing experience
SG11201903276VA (en) Virtual reality identity verification
SG11201907294PA (en) Systems and methods for layered virtual features in an amusement park environment
SG11201903141QA (en) Business processing method and apparatus
SG11201807995TA (en) Method and system for user authentication with improved security
SG11201809117QA (en) Operating system for blockchain iot devices
SG11201903604PA (en) Iot security service
SG11201905456UA (en) Addressing a trusted execution environment using encryption key
SG11201901550WA (en) Method and apparatus for data processing
SG11201808261RA (en) Genetic variant-phenotype analysis system and methods of use
SG11201908489XA (en) De novo synthesized combinatorial nucleic acid libraries
SG11201810477PA (en) Tenant-aware distributed application authentication
SG11201811691RA (en) Systems and methods for verifying authenticity of id photo
SG11201804190YA (en) Method and system for blockchain variant using digital signatures
SG11201810327XA (en) Single domain serum albumin binding protein