FIELD: information protection.
SUBSTANCE: system is made with the possibility to receive a request for protected data from a potentially untrusted requester associated with nested TrEE and conclude on the certification of a secure core, while nested TrEE contains a trusted application executing on top of the secure core, wherein the trusted application is associated with ID of the trusted application, which is based on one of: information for which the trusted application should work, a user of the trusted application and a type of service associated with one of the mentioned request and configuration of the mentioned system; encryption of a transmission encryption key using the second encryption key, which is included in the certification conclusion; extraction of protected data; encryption of protected data using the transmission encryption key and authentication tag, wherein the authentication tag links the requester to ID of the trusted application; and provision of the encrypted transmission encryption key, encrypted protected data and encrypted authentication tag to the requester.
EFFECT: increased security.
20 cl, 14 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| ADDRESSING TRUSTED EXECUTION ENVIRONMENT USING SIGNATURE KEY | 2017 |
|
RU2756040C2 |
| SECURE TRANSPORT OF ENCRYPTED VIRTUAL MACHINES WITH CONTINUOUS ACCESS OF THE OWNER | 2015 |
|
RU2693313C2 |
| ATTESTATION OF HOST CONTAINING TRUSTED EXECUTION ENVIRONMENT | 2015 |
|
RU2679721C2 |
| DEVICE SAFETY AUTOMATIC CERTIFICATION WITH THE USE OF THE BLOCKS CHAIN | 2016 |
|
RU2673842C1 |
| REMOTE PAYMENT TRANSACTIONS PROTECTED PROCESSING, INCLUDING AUTHENTICATION OF CONSUMERS | 2014 |
|
RU2663476C2 |
| SECURE REMOTE PAYMENT TRANSACTION PROCESSING | 2014 |
|
RU2674329C2 |
| ABSTRACT ENCLAVE IDENTIFICATION | 2017 |
|
RU2762141C2 |
| SEALING DATA WITH SEALING ENCLAVE | 2017 |
|
RU2759329C2 |
| CROSS-PLATFORM ENCLAVE IDENTIFICATION INFORMATION | 2018 |
|
RU2759302C2 |
| UNSEALING DATA WITH SEALING ENCLAVE | 2017 |
|
RU2759331C2 |
