Enclave fork support
    1.
    发明授权

    公开(公告)号:US10949547B2

    公开(公告)日:2021-03-16

    申请号:US16153039

    申请日:2018-10-05

    Applicant: Google LLC

    Abstract: A fork support is provided for duplicating an application running inside an enclave entity. In this regard, a request to duplicate an application running inside a first enclave may be received by one or more processors of a host computing device of the first enclave. A snapshot of the first enclave including the application may be generated. The snapshot may be encrypted with a snapshot key and copied to untrusted memory of the host. A second enclave may be generated. The snapshot key may be sent from the first enclave to the second enclave through a secure communication channel. The encrypted snapshot may be copied from the untrusted memory of the host into the second enclave. The encrypted snapshot may be decrypted inside the second enclave with the snapshot key.

    Enclave fork support
    2.
    发明授权

    公开(公告)号:US12197596B2

    公开(公告)日:2025-01-14

    申请号:US18200648

    申请日:2023-05-23

    Applicant: Google LLC

    Abstract: A fork support is provided for duplicating an application running inside an enclave entity. In this regard, a request to duplicate an application running inside a first enclave may be received by one or more processors of a host computing device of the first enclave. A snapshot of the first enclave including the application may be generated. The snapshot may be encrypted with a snapshot key and copied to untrusted memory of the host. A second enclave may be generated. The snapshot key may be sent from the first enclave to the second enclave through a secure communication channel. The encrypted snapshot may be copied from the untrusted memory of the host into the second enclave. The encrypted snapshot may be decrypted inside the second enclave with the snapshot key.

    Enclave fork support
    3.
    发明授权

    公开(公告)号:US11714912B2

    公开(公告)日:2023-08-01

    申请号:US17201741

    申请日:2021-03-15

    Applicant: Google LLC

    CPC classification number: G06F21/602 G06F21/6245 H04L9/0861 H04L9/14 H04L9/30

    Abstract: A fork support is provided for duplicating an application running inside an enclave entity. In this regard, a request to duplicate an application running inside a first enclave may be received by one or more processors of a host computing device of the first enclave. A snapshot of the first enclave including the application may be generated. The snapshot may be encrypted with a snapshot key and copied to untrusted memory of the host. A second enclave may be generated. The snapshot key may be sent from the first enclave to the second enclave through a secure communication channel. The encrypted snapshot may be copied from the untrusted memory of the host into the second enclave. The encrypted snapshot may be decrypted inside the second enclave with the snapshot key.

    Enclave Fork Support
    4.
    发明申请

    公开(公告)号:US20210200883A1

    公开(公告)日:2021-07-01

    申请号:US17201741

    申请日:2021-03-15

    Applicant: Google LLC

    Abstract: A fork support is provided for duplicating an application running inside an enclave entity. In this regard, a request to duplicate an application running inside a first enclave may be received by one or more processors of a host computing device of the first enclave. A snapshot of the first enclave including the application may be generated. The snapshot may be encrypted with a snapshot key and copied to untrusted memory of the host. A second enclave may be generated. The snapshot key may be sent from the first enclave to the second enclave through a secure communication channel. The encrypted snapshot may be copied from the untrusted memory of the host into the second enclave. The encrypted snapshot may be decrypted inside the second enclave with the snapshot key.

    Enclave interactions
    5.
    发明授权

    公开(公告)号:US12244582B2

    公开(公告)日:2025-03-04

    申请号:US18428700

    申请日:2024-01-31

    Applicant: Google LLC

    Abstract: Aspects of the disclosure provide various methods relating to enclaves. For instance, a method of authentication for an enclave entity with a second entity may include receiving, by one or more processors of a host computing device of the enclave entity, a request and an assertion of identity for the second entity, the assertion including identity information for the second identity; using an assertion verifier of the enclave entity to determine whether the assertion is valid; when the assertion is valid, extracting the identity information; authenticating the second entity using an access control list for the enclave entity to determine whether the identity information meets expectations of the access control list; when the identity information meets the expectations of the access control list, completing the request.

    Enclave Interactions
    6.
    发明公开

    公开(公告)号:US20240171560A1

    公开(公告)日:2024-05-23

    申请号:US18428700

    申请日:2024-01-31

    Applicant: Google LLC

    Abstract: Aspects of the disclosure provide various methods relating to enclaves. For instance, a method of authentication for an enclave entity with a second entity may include receiving, by one or more processors of a host computing device of the enclave entity, a request and an assertion of identity for the second entity, the assertion including identity information for the second identity; using an assertion verifier of the enclave entity to determine whether the assertion is valid; when the assertion is valid, extracting the identity information; authenticating the second entity using an access control list for the enclave entity to determine whether the identity information meets expectations of the access control list; when the identity information meets the expectations of the access control list, completing the request.

    Enclave Fork Support
    7.
    发明公开

    公开(公告)号:US20230297697A1

    公开(公告)日:2023-09-21

    申请号:US18200648

    申请日:2023-05-23

    Applicant: Google LLC

    CPC classification number: G06F21/602 G06F21/6245 H04L9/0861 H04L9/14 H04L9/30

    Abstract: A fork support is provided for duplicating an application running inside an enclave entity. In this regard, a request to duplicate an application running inside a first enclave may be received by one or more processors of a host computing device of the first enclave. A snapshot of the first enclave including the application may be generated. The snapshot may be encrypted with a snapshot key and copied to untrusted memory of the host. A second enclave may be generated. The snapshot key may be sent from the first enclave to the second enclave through a secure communication channel. The encrypted snapshot may be copied from the untrusted memory of the host into the second enclave. The encrypted snapshot may be decrypted inside the second enclave with the snapshot key.

    Enclave interactions
    8.
    发明授权

    公开(公告)号:US11962576B2

    公开(公告)日:2024-04-16

    申请号:US17973664

    申请日:2022-10-26

    Applicant: Google LLC

    Abstract: Aspects of the disclosure provide various methods relating to enclaves. For instance, a method of authentication for an enclave entity with a second entity may include receiving, by one or more processors of a host computing device of the enclave entity, a request and an assertion of identity for the second entity, the assertion including identity information for the second identity; using an assertion verifier of the enclave entity to determine whether the assertion is valid; when the assertion is valid, extracting the identity information; authenticating the second entity using an access control list for the enclave entity to determine whether the identity information meets expectations of the access control list; when the identity information meets the expectations of the access control list, completing the request.

    Enclave Interactions
    9.
    发明申请

    公开(公告)号:US20230039096A1

    公开(公告)日:2023-02-09

    申请号:US17973664

    申请日:2022-10-26

    Applicant: Google LLC

    Abstract: Aspects of the disclosure provide various methods relating to enclaves. For instance, a method of authentication for an enclave entity with a second entity may include receiving, by one or more processors of a host computing device of the enclave entity, a request and an assertion of identity for the second entity, the assertion including identity information for the second identity; using an assertion verifier of the enclave entity to determine whether the assertion is valid; when the assertion is valid, extracting the identity information; authenticating the second entity using an access control list for the enclave entity to determine whether the identity information meets expectations of the access control list; when the identity information meets the expectations of the access control list, completing the request.

    Enclave interactions
    10.
    发明授权

    公开(公告)号:US11509643B2

    公开(公告)日:2022-11-22

    申请号:US17046547

    申请日:2018-07-18

    Applicant: Google LLC

    Abstract: Aspects of the disclosure provide various methods relating to enclaves. For instance, a method of authentication for an enclave entity with a second entity may include receiving, by one or more processors of a host computing device of the enclave entity, a request and an assertion of identity for the second entity, the assertion including identity information for the second identity; using an assertion verifier of the enclave entity to determine whether the assertion is valid; when the assertion is valid, extracting the identity information; authenticating the second entity using an access control list for the enclave entity to determine whether the identity information meets expectations of the access control list; when the identity information meets the expectations of the access control list, completing the request.

Patent Agency Ranking