Invention Application
US20160381005A1 TECHNOLOGIES FOR VIRTUALIZED ACCESS TO SECURITY SERVICES PROVIDED BY A CONVERGED MANAGEABILITY AND SECURITY ENGINE
有权
用于虚拟化访问由可转换的可管理性和安全引擎提供的安全服务的技术
- Patent Title: TECHNOLOGIES FOR VIRTUALIZED ACCESS TO SECURITY SERVICES PROVIDED BY A CONVERGED MANAGEABILITY AND SECURITY ENGINE
- Patent Title (中): 用于虚拟化访问由可转换的可管理性和安全引擎提供的安全服务的技术
-
Application No.: US14752259Application Date: 2015-06-26
-
Publication No.: US20160381005A1Publication Date: 2016-12-29
- Inventor: Mona Vij , Carlos V. Rozas , Vincent R. Scarlata , Francis X. McKeen , Bo Zhang
- Applicant: Intel Corporation
- Main IPC: H04L29/06
- IPC: H04L29/06

Abstract:
Technologies for secure access to platform security services include a computing device having a processor and a security engine. The computing device establishes a platform services enclave in a virtual machine of the computing device using secure enclave support of the processor. The platform services enclave receives a platform services request from an application enclave via a first authenticated session and transmits the platform services request to a virtual security engine established by a host environment via a second authenticated session. The first and second authenticated sessions may be authenticated by report-based attestation and quote-based attestation, respectively. The virtual security engine transmits the platform services request to the security engine via a long-term pairing session established by the virtual security engine with the security engine. The security engine performs the platform services request using hardware resources shared with other platform services enclaves. Other embodiments are described and claimed.
Public/Granted literature
Information query