FIELD: protected computing systems.
SUBSTANCE: method contains stages of: receiving a type of identification information and a request for an operation related to an enclave, an instance of which was created, while an enclave image, of which the enclave instance was created, includes links to additional dependent enclave images; determining, which of these additional enclave images should be included as an input to a hash function, based on the fact that each additional enclave image is included in an identification part of the enclave image; calculating the hash function based on the type of identification information and information extracted from the enclave image to provide, as an output of the hash function, a value of identification information for the enclave, wherein the integrity of the value of identification information is verifiable by verifying a signature in the enclave image using a public key associated with an author of the enclave image; and performing the specified operation with this value of identification information.
EFFECT: increase in safety and data confidentiality.
22 cl, 23 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| SEALING DATA WITH SEALING ENCLAVE | 2017 |
|
RU2759329C2 |
| CROSS-PLATFORM ENCLAVE IDENTIFICATION INFORMATION | 2018 |
|
RU2759302C2 |
| UNSEALING DATA WITH SEALING ENCLAVE | 2017 |
|
RU2759331C2 |
| SECURE KEY MANAGEMENT | 2017 |
|
RU2750095C2 |
| PROTECTING BINARY FILES OF TYPICAL COMMERCIAL PROGRAMS FROM PIRACY USING HARDWARE ENCLAVES | 2020 |
|
RU2812867C1 |
| DATA CHECK BY USING VALIDATION IN AN ENCLAVE | 2015 |
|
RU2666273C2 |
| ADDRESSING TRUSTED EXECUTION ENVIRONMENT USING ENCRYPTION KEY | 2017 |
|
RU2756048C2 |
| ADDRESSING TRUSTED EXECUTION ENVIRONMENT USING SIGNATURE KEY | 2017 |
|
RU2756040C2 |
| GENERATING KEY ATTESTATION CERTIFICATE WITH ENSURING ANONYMITY OF DEVICE | 2018 |
|
RU2763516C2 |
| USE OF AUTHENTICATED MANIFESTS TO ENSURE EXTERNAL CERTIFICATION OF MULTIPROCESSOR PLATFORMS | 2014 |
|
RU2599340C2 |
