Enclave handling on an execution platform

Assignee

• Telefonaktiebolaget LM Ericsson (Publ) · SE

Inventors

• Lina Pålsson · Genarp, SE
• András Méhes · Sundbyberg, SE
• Bernard Smeets · Dalby, SE

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06Q50/265
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

There are provided mechanisms for handling instances of enclaves on an execution platform. The execution platform comprises a secure component. The secure component serves as a trusted interface between a trusted platform module of the execution platform and enclaves of an enclave environment on the execution platform. Only a single enclave, denoted base enclave, in the enclave environment is enabled to communicate with the secure component. A method comprises receiving, by the base enclave, an indication from another enclave in the enclave environment upon start-up of a new instance of the so-called another enclave. The method comprises determining, by the base enclave, to enable continued running of the new instance only when number of currently running instances of the so-called another enclave is within an interval of allowed number of running instances of the so-called another enclave.