Scalable attestation for trusted execution environments

Assignee

• Intel Corporation · US

Inventors

• Anjo Lucas Vahldiek-Oberwagner · Portland, US
• Ravi L. Sahita · Portland, US
• Mona Vij · Hillsboro, US
• Dayeol Lee · Irvine, US
• Haidong Xia · Folsom, US
• Rameshkumar G. Illikkal · Folsom, US
• Samuel Ortiz · Montpellier, FR
• Kshitij A. Doshi · Tempe, US
• Mourad Cherfaoui · Saratoga, US
• Andrzej Kuriata · Gdańsk, PL
• Teck Joo Goh · Kluang, MY

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/3247
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

In function-as-a-service (FaaS) environments, a client makes use of a function executing within a trusted execution environment (TEE) on a FaaS server. Multiple tenants of the FaaS platform may provide functions to be executed by the FaaS platform via a gateway. Each tenant may provide code and data for any number of functions to be executed within any number of TEEs on the FaaS platform and accessed via the gateway. Additionally, each tenant may provide code and data for a single surrogate attester TEE. The client devices of the tenant use the surrogate attester TEE to attest each of the other TEEs of the tenant and establish trust with the functions in those TEEs. Once the functions have been attested, the client devices have confidence that the other TEEs of the tenant are running on the same platform as the gateway.