METHOD OF MODIFYING MEMORY ACCESS GRANTS IN SECURE PROCESSOR ENVIRONMENT Russian patent published in 2016 - IPC G06F12/875 G06F12/14 G06F21/60 G06F9/30 

FIELD: computer engineering.

SUBSTANCE: invention relates to computer engineering. Processor comprises a control module for receiving a first instruction for expansion of permits for access to memory for a page in a secure enclave and for calling, by an application within secure enclave, operating system outside secure enclave to call a second instruction to limit access permissions to memory for page; executing module for executing first instruction and second instruction, where execution of first instruction and second instruction comprises modifying memory access permissions in cache mapping table entry of pages of enclave, without setting modification bit in cache mapping table entry of pages of enclave, wherein execution of second instruction comprises recording values of time, when enclave must clean page to be removed from enclave page cache, in cache mapping table entry of pages of enclave, and wherein said page becomes accessible within secure enclave in accordance with changed permissions; wherein operating system is intended for tracking enclave streams, for launching output enclave streams and cleaning dynamic translation buffer.

EFFECT: technical result consists in optimisation of modification of permits to access a secure memory enclave.

10 cl, 6 dwg