USING SECURE MEMORY ENCLAVES FROM THE CONTEXT OF PROCESS CONTAINERS
Memory is partitioned and isolated in container-based memory enclaves. The container-based memory enclaves have attestable security guarantees. During provisioning of the container-based memory enclaves from a container image, a purported link in the container to a memory address of the enclave is m...
Gespeichert in:
| Hauptverfasser: | , , , , , , , |
|---|---|
| Format: | Patent |
| Sprache: | eng ; fre ; ger |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | PULAPAKA, Hari R RENKE, Maxwell Christopher GUO, Amber Tianqi THOMAS, Deepu Chandy VISWANATHAN, Giridhar STARK, Taylor James SMITH, Frederick Justus SCHULTZ, Benjamin M |
| description | Memory is partitioned and isolated in container-based memory enclaves. The container-based memory enclaves have attestable security guarantees. During provisioning of the container-based memory enclaves from a container image, a purported link in the container to a memory address of the enclave is modified to verifiably link to an actual memory address of the host, such as partitioned memory enclave. In some instances, enclave attestation reports can be validated without transmitting corresponding attestation requests to remote attestation services, based on previous attestation of one or more previous container attestation reports from a similar container and without requiring end-to-end attestation between the container and remote attestation service for each new attestation request. |
| format | Patent |
| fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_EP3997600B1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>EP3997600B1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_EP3997600B13</originalsourceid><addsrcrecordid>eNrjZHAODfb0c1cIdnUODXJV8HX19Q-KVHD1c_ZxDHMNVnAL8vdVCPFwVXD29wtxjQhR8HdTCAjyd3YNDgYLOXr6uQYF8zCwpiXmFKfyQmluBgU31xBnD93Ugvz41OKCxOTUvNSSeNcAY0tLczMDAydDYyKUAADtfitT</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>USING SECURE MEMORY ENCLAVES FROM THE CONTEXT OF PROCESS CONTAINERS</title><source>esp@cenet</source><creator>PULAPAKA, Hari R ; RENKE, Maxwell Christopher ; GUO, Amber Tianqi ; THOMAS, Deepu Chandy ; VISWANATHAN, Giridhar ; STARK, Taylor James ; SMITH, Frederick Justus ; SCHULTZ, Benjamin M</creator><creatorcontrib>PULAPAKA, Hari R ; RENKE, Maxwell Christopher ; GUO, Amber Tianqi ; THOMAS, Deepu Chandy ; VISWANATHAN, Giridhar ; STARK, Taylor James ; SMITH, Frederick Justus ; SCHULTZ, Benjamin M</creatorcontrib><description>Memory is partitioned and isolated in container-based memory enclaves. The container-based memory enclaves have attestable security guarantees. During provisioning of the container-based memory enclaves from a container image, a purported link in the container to a memory address of the enclave is modified to verifiably link to an actual memory address of the host, such as partitioned memory enclave. In some instances, enclave attestation reports can be validated without transmitting corresponding attestation requests to remote attestation services, based on previous attestation of one or more previous container attestation reports from a similar container and without requiring end-to-end attestation between the container and remote attestation service for each new attestation request.</description><language>eng ; fre ; ger</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC DIGITAL DATA PROCESSING ; PHYSICS</subject><creationdate>2023</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20230614&DB=EPODOC&CC=EP&NR=3997600B1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,309,781,886,25569,76552</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20230614&DB=EPODOC&CC=EP&NR=3997600B1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>PULAPAKA, Hari R</creatorcontrib><creatorcontrib>RENKE, Maxwell Christopher</creatorcontrib><creatorcontrib>GUO, Amber Tianqi</creatorcontrib><creatorcontrib>THOMAS, Deepu Chandy</creatorcontrib><creatorcontrib>VISWANATHAN, Giridhar</creatorcontrib><creatorcontrib>STARK, Taylor James</creatorcontrib><creatorcontrib>SMITH, Frederick Justus</creatorcontrib><creatorcontrib>SCHULTZ, Benjamin M</creatorcontrib><title>USING SECURE MEMORY ENCLAVES FROM THE CONTEXT OF PROCESS CONTAINERS</title><description>Memory is partitioned and isolated in container-based memory enclaves. The container-based memory enclaves have attestable security guarantees. During provisioning of the container-based memory enclaves from a container image, a purported link in the container to a memory address of the enclave is modified to verifiably link to an actual memory address of the host, such as partitioned memory enclave. In some instances, enclave attestation reports can be validated without transmitting corresponding attestation requests to remote attestation services, based on previous attestation of one or more previous container attestation reports from a similar container and without requiring end-to-end attestation between the container and remote attestation service for each new attestation request.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>PHYSICS</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2023</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZHAODfb0c1cIdnUODXJV8HX19Q-KVHD1c_ZxDHMNVnAL8vdVCPFwVXD29wtxjQhR8HdTCAjyd3YNDgYLOXr6uQYF8zCwpiXmFKfyQmluBgU31xBnD93Ugvz41OKCxOTUvNSSeNcAY0tLczMDAydDYyKUAADtfitT</recordid><startdate>20230614</startdate><enddate>20230614</enddate><creator>PULAPAKA, Hari R</creator><creator>RENKE, Maxwell Christopher</creator><creator>GUO, Amber Tianqi</creator><creator>THOMAS, Deepu Chandy</creator><creator>VISWANATHAN, Giridhar</creator><creator>STARK, Taylor James</creator><creator>SMITH, Frederick Justus</creator><creator>SCHULTZ, Benjamin M</creator><scope>EVB</scope></search><sort><creationdate>20230614</creationdate><title>USING SECURE MEMORY ENCLAVES FROM THE CONTEXT OF PROCESS CONTAINERS</title><author>PULAPAKA, Hari R ; RENKE, Maxwell Christopher ; GUO, Amber Tianqi ; THOMAS, Deepu Chandy ; VISWANATHAN, Giridhar ; STARK, Taylor James ; SMITH, Frederick Justus ; SCHULTZ, Benjamin M</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_EP3997600B13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng ; fre ; ger</language><creationdate>2023</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>PHYSICS</topic><toplevel>online_resources</toplevel><creatorcontrib>PULAPAKA, Hari R</creatorcontrib><creatorcontrib>RENKE, Maxwell Christopher</creatorcontrib><creatorcontrib>GUO, Amber Tianqi</creatorcontrib><creatorcontrib>THOMAS, Deepu Chandy</creatorcontrib><creatorcontrib>VISWANATHAN, Giridhar</creatorcontrib><creatorcontrib>STARK, Taylor James</creatorcontrib><creatorcontrib>SMITH, Frederick Justus</creatorcontrib><creatorcontrib>SCHULTZ, Benjamin M</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>PULAPAKA, Hari R</au><au>RENKE, Maxwell Christopher</au><au>GUO, Amber Tianqi</au><au>THOMAS, Deepu Chandy</au><au>VISWANATHAN, Giridhar</au><au>STARK, Taylor James</au><au>SMITH, Frederick Justus</au><au>SCHULTZ, Benjamin M</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>USING SECURE MEMORY ENCLAVES FROM THE CONTEXT OF PROCESS CONTAINERS</title><date>2023-06-14</date><risdate>2023</risdate><abstract>Memory is partitioned and isolated in container-based memory enclaves. The container-based memory enclaves have attestable security guarantees. During provisioning of the container-based memory enclaves from a container image, a purported link in the container to a memory address of the enclave is modified to verifiably link to an actual memory address of the host, such as partitioned memory enclave. In some instances, enclave attestation reports can be validated without transmitting corresponding attestation requests to remote attestation services, based on previous attestation of one or more previous container attestation reports from a similar container and without requiring end-to-end attestation between the container and remote attestation service for each new attestation request.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng ; fre ; ger |
| recordid | cdi_epo_espacenet_EP3997600B1 |
| source | esp@cenet |
| subjects | CALCULATING COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING PHYSICS |
| title | USING SECURE MEMORY ENCLAVES FROM THE CONTEXT OF PROCESS CONTAINERS |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-16T12%3A28%3A05IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=PULAPAKA,%20Hari%20R&rft.date=2023-06-14&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EEP3997600B1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |