| 发明名称 |
SECURELY STORING CONTENT WITHIN PUBLIC CLOUDS |
| 摘要 |
Systems, methods, and computer-readable storage media are provided for securely storing and accessing content within a public cloud. A processor manufacturer provides processors having secure enclave capability to a cloud provider. The provider makes available a listing of processor identifiers (CPUIDs) for processors available for storing content and having secure enclave capability. A content owner provides CPUIDs for desired processors from the listing to the manufacturer which provides the content owner with a processor-specific public code encryption key (CEK) for encrypting content to be stored on each processor identified. Each processor is constructed such that content encrypted with the public CEK may only be decrypted within a secure enclave thereof. The content owner encrypts the desired content with the public CEK and returns the encrypted content and the CPUID for the appropriate processor to the cloud provider. The cloud provider then stores the encrypted content on the particular processor. |
| 申请公布号 |
US2015379297(A1) |
申请公布日期 |
2015.12.31 |
| 申请号 |
US201414319969 |
申请日期 |
2014.06.30 |
| 申请人 |
MICROSOFT CORPORATION |
发明人 |
HUNT GALEN CLYDE;RUSSINOVICH MARK EUGENE |
| 分类号 |
G06F21/62;H04L9/08 |
主分类号 |
G06F21/62 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method being performed by one or more computing devices including at least one processor, the method for securely storing content in the cloud, the method comprising:
providing one or more processors having secure enclave capability, each processor having a processor identifier associated therewith; receiving a set of the processor identifiers, each processor identifier of the set being associated with a processor of the one or more processors and having been selected for storing content; and providing a processor-specific public key corresponding to each processor identified by the set of processor identifiers received. |
| 地址 |
Redmond WA US |
