| 发明名称 |
DATA VERIFICATION USING ENCLAVE ATTESTATION |
| 摘要 |
Particular embodiments described herein provide for an electronic device that can be configured to receive untrusted input data at an enclave in an electronic device, isolate the untrusted input data from at least a portion of the enclave, communicate at least a portion of the untrusted data to an integrity verification module using an attestation channel, and receive data integrity verification of the untrusted input data from the integrity verification module. The integrity verification module can perform data integrity attestation functions to verify the untrusted data and the data integrity attestation functions include a data attestation policy and a whitelist. |
| 申请公布号 |
US2016092700(A1) |
申请公布日期 |
2016.03.31 |
| 申请号 |
US201414496056 |
申请日期 |
2014.09.25 |
| 申请人 |
Smith Ned;Gutierrez Esteban;Woodruff Andrew;Kapoor Aditya |
发明人 |
Smith Ned;Gutierrez Esteban;Woodruff Andrew;Kapoor Aditya |
| 分类号 |
G06F21/64;G06F21/56;G06F21/62 |
主分类号 |
G06F21/64 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. At least one non-transitory computer-readable medium comprising one or more instructions that when executed by at least one processor:
receive untrusted data at an enclave in an electronic device, wherein the enclave is a protected region of memory; isolate the untrusted data from at least a portion of the enclave; communicate at least a portion of the untrusted data to an integrity verification module using an attestation channel; and receive data integrity verification of the untrusted data from the integrity verification module. |
| 地址 |
Beaverton OR US |
