| 发明名称 |
Technique for supporting multiple secure enclaves |
| 摘要 |
A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed. |
| 申请公布号 |
US8972746(B2) |
申请公布日期 |
2015.03.03 |
| 申请号 |
US201012972406 |
申请日期 |
2010.12.17 |
| 申请人 |
Intel Corporation |
发明人 |
Johnson Simon P.;Savagaonkar Uday R.;Scarlata Vincent R.;McKeen Francis X.;Rozas Carlos V. |
| 分类号 |
G06F11/30;G06F12/14;G06F21/62 |
主分类号 |
G06F11/30 |
| 代理机构 |
|
代理人 |
Lane Thomas R. |
| 主权项 |
1. A system comprising:
hardware logic to generate a platform-level key to provide for a secure enclave corresponding to a plurality of processors, wherein the platform-level key is to be derived from a plurality of processor-level keys corresponding to the plurality of processors, wherein each of the plurality of processors is to store a plurality of package-unique symmetric keys (PUSKs) and a plurality of package-specific asymmetric keys (PASKs), and wherein the secure enclave is to be executed from an enclave page cache in which data is to be protected using access control mechanisms to be provided by at least one processor of the plurality of processors having an instruction set architecture including a plurality of secure enclave instructions. |
| 地址 |
Santa Clara CA US |
