FIELD: computer technology.
SUBSTANCE: group of inventions relates to protected computer systems. A method contains following stages: a permitted list and associated enclave data from a source enclave are securely stored by means of a sealing enclave located in the first native enclave platform, while the list includes one or more enclave identifiers of one or more corresponding enclaves that are allowed to unseal enclave data; trust is established in a target enclave located in the second native enclave platform, based at least in part on a target certification report, which is the result of a certification process performed by the sealing enclave with the target enclave; a target identifier of the target enclave is extracted from the target certification report; it is determined that the target enclave is allowed to unseal enclave data by verifying that the target identifier of the target enclave is included in the permitted list; and enclave data is sent from the sealing enclave to the target enclave based on verification.
EFFECT: increase in safety and confidentiality of data.
20 cl, 23 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| ABSTRACT ENCLAVE IDENTIFICATION | 2017 |
|
RU2762141C2 |
| SEALING DATA WITH SEALING ENCLAVE | 2017 |
|
RU2759329C2 |
| CROSS-PLATFORM ENCLAVE IDENTIFICATION INFORMATION | 2018 |
|
RU2759302C2 |
| SECURE KEY MANAGEMENT | 2017 |
|
RU2750095C2 |
| PROTECTING BINARY FILES OF TYPICAL COMMERCIAL PROGRAMS FROM PIRACY USING HARDWARE ENCLAVES | 2020 |
|
RU2812867C1 |
| ADDRESSING TRUSTED EXECUTION ENVIRONMENT USING ENCRYPTION KEY | 2017 |
|
RU2756048C2 |
| DATA CHECK BY USING VALIDATION IN AN ENCLAVE | 2015 |
|
RU2666273C2 |
| ADDRESSING TRUSTED EXECUTION ENVIRONMENT USING SIGNATURE KEY | 2017 |
|
RU2756040C2 |
| USE OF AUTHENTICATED MANIFESTS TO ENSURE EXTERNAL CERTIFICATION OF MULTIPROCESSOR PLATFORMS | 2014 |
|
RU2599340C2 |
| SECURE AND PRIVATE BACKUP STORAGE AND PROCESSING FOR TRUSTED COMPUTING AND DATA SERVICES | 2010 |
|
RU2531569C2 |
