公开(公告)号：US20160191246A1

公开(公告)日：2016-06-30

申请号：US14582980

申请日：2014-12-24

Applicant: INTEL CORPORATION

Inventor： Srikanth Varadarajan ,  Reshma Lal ,  Krystof C. Zmudzinksi

IPC: H04L9/32 ,  G06F9/455 ,  G06F9/44 ,  G06F9/54 ,  G06F9/48

CPC classification number: H04L9/3234 ,  G06F9/4406 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/4843 ,  G06F9/54 ,  G06F21/74 ,  G06F2009/45587 ,  G09C1/00 ,  H04L2209/127

Abstract: Method of providing a Global Platform (GP) compliant Trusted Execution Environment (TEE) starts with main processor executing an application stored in memory device. Application includes client application (CA) and trusted application (TA). Executing the application includes running CA in client process and TA in TEE host process. Client process and TEE host process are separate. Using TEE host process, a request including identifier of the TA is received from client process to open session. Using GP Trusted Services enclave included in TEE host process, TA enclave associated with the identifier is determined and loaded in the TEE host process using the GP Trusted Services enclave to establish the session. Using TEE host process, commands to be invoked in TA enclave and set of parameters needed for commands are received from client process. Using GP Internal APIs, commands in TA enclave associated with identifier are executed. Other embodiments are also described.

Abstract translation: 提供全球平台（GP）兼容的可执行环境（TEE）的方法从执行存储在存储设备中的应用程序的主处理器开始。 应用程序包括客户端应用程序（CA）和可信应用程序（TA）。 执行应用程序包括在客户端进程中运行CA，在TEE主机进程中运行TA。 客户端进程和TEE主机进程是分开的。 使用TEE主机进程，从客户端进程接收到包括TA标识符的请求以打开会话。 使用包含在TEE主机进程中的GP可信服务飞地，使用GP可信服务飞地来确定和加载与TID主机进程相关联的TA标识符以建立会话。 使用TEE主机进程，可以从客户端进程接收在TA包中调用的命令和命令所需的参数集。 使用GP Internal API，执行与标识符相关联的TA包层中的命令。 还描述了其它实施例。