公开(公告)号：US20190228135A1

公开(公告)日：2019-07-25

申请号：US16169632

申请日：2018-10-24

Applicant: Huazhong University of Science And Technology

Inventor： Hai JIN ,  Weizhong Qiang ,  Zezhao Dong

IPC: G06F21/12 ,  G06F11/14 ,  G06F11/07 ,  G06F21/53 ,  G06F21/57 ,  G06F21/74 ,  G06F21/30 ,  H04L9/32 ,  H04L29/06 ,  G06F9/455

Abstract: The present invention involves with a method and system of state consistency protection for Intel software guard extension (SGX). In a method of state consistency protection for a central processing unit capable of creating enclaves, the central processing unit supports creation of at least one enclave, wherein the central processing unit communicates with a remote server providing services for the central processing unit through remote communication and the remote server has a remote attestation module, configuring the remote attestation module to facilitate the completion of every execution state storing operation and/or every execution state restoring operation, wherein the remote attestation refers to an attestation mechanism by which the central processing unit proves to the remote server that it has created the specific enclave in a local platform so that the remote server trusts the specific enclave. The present invention does not require special hardware and is favorable to cross-platform migration.

公开(公告)号：US11080371B2

公开(公告)日：2021-08-03

申请号：US16169632

申请日：2018-10-24

Applicant: HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY

Inventor： Hai Jin ,  Weizhong Qiang ,  Zezhao Dong

IPC: G06F21/12 ,  G06F11/14 ,  G06F11/07 ,  G06F21/53 ,  G06F21/74 ,  G06F21/30 ,  H04L9/32 ,  H04L29/06 ,  G06F9/455 ,  G06F21/57

Abstract: The present invention involves with a method and system of state consistency protection for Intel software guard extension (SGX). In a method of state consistency protection for a central processing unit capable of creating enclaves, the central processing unit supports creation of at least one enclave, wherein the central processing unit communicates with a remote server providing services for the central processing unit through remote communication and the remote server has a remote attestation module, configuring the remote attestation module to facilitate the completion of every execution state storing operation and/or every execution state restoring operation, wherein the remote attestation refers to an attestation mechanism by which the central processing unit proves to the remote server that it has created the specific enclave in a local platform so that the remote server trusts the specific enclave. The present invention does not require special hardware and is favorable to cross-platform migration.