Untrusted Multi-Party Compute System

    公开(公告)号:US20240380595A1

    公开(公告)日:2024-11-14

    申请号:US18314933

    申请日:2023-05-10

    Applicant: Google LLC

    Abstract: A method includes obtaining a container associated with a first entity, the container executing a workload, the workload requiring access to private resources associated with a second entity. The method also includes obtaining encrypted resources including the private resources associated with the second entity. The method further includes generating a verifiable attestation. The method includes transmitting the verifiable attestation to an attestation service and, after transmitting the verifiable attestation, receiving, from an access policy verifier, a federated identity token. The method further includes generating a decrypt request including the federated identity token. The method includes transmitting, to a key management service, the decrypt request, and, after transmitting the decrypt request, receiving, from the key management service, a data encryption key. The method includes decrypting, using the data encryption key, the encrypted resources to access the private resources and providing the workload access to the private resources.

Patent Agency Ranking