Cryptographic certification of secure hosted execution environments

摘要

Implementations for providing a secure execution environment with a hosted computer are described. A security-enabled processor establishes a hardware-protected memory area with an activation state that executes only software identified by a client system. The hardware-protected memory area is inaccessible by code that executes outside the hardware-protected memory area. A certification is transmitted to the client system to indicate that the secure execution environment is established, in its activation state, with only the software identified by the request.

主权项

1. A method comprising:
providing a first instruction that causes a security-enabled processor of a computing system to establish a hardware-protected memory area within a memory of the computing system, the security-enabled processor configured to mediate, via one or more gate functions, access to the hardware-protected memory area by all code that executes outside of the hardware-protected memory area; and providing a second instruction that causes the security-enabled processor, based at least on a request of a client system, to include, in an initial state, software and data identified by the request of the client system in the hardware-protected memory are; instructing a portion of the software indentified by the request of the client system that is included in the hardware-protected memory area to execute, the portion of the software configured, upon execution, to cause the security-enabled processor to perform the act of generating cryptographic certification of all of contents of the hardware-protected memory area in the initial state; receiving the cryptographic certification from the security-enabled processor, at least a portion of the cryptographic certification including an attestation created by the security-enabled processor using a private key of the security-enabled processor; and providing the cryptographic certification to the client system, the cryptographic certification used by the client system based on a comparison of at least the portion of the cryptographic certification to a known cryptographic indication of the software and data identified in the request in the initial state, to determine that the contents of the hardware-protected memory area includes, in the initial state, only the software and data identified in the request, the attestation used by the client system, based at least on a public key associated with the security-enabled processor, to determine that the cryptographic certification of all contents of the hardware-protected memory area in the initial state was created by the security-enabled processor.