Abstract: Various systems and methods for providing a trusted key access broker are described herein. A system may be configured to receive, at a trusted key access broker, from a requestor via a broker application programming interface, a request for a cryptographic key operation, the request associated with attestation evidence data; use the attestation evidence data to validate the requestor; in response to validating the requestor, translate and transmit the request for the cryptographic key operation to one of the plurality of key management systems; receive a response from the one of the plurality of key management systems; and transmit the response to the requestor.

Abstract: Scalable cloning and replication for trusted execution environments is described. An example of a computer-readable storage medium includes instructions for receiving a selection of a point to capture a snapshot of a baseline trust domain (TD) or secure enclave, the TD or secure enclave being associated with a trusted execution environment (TEE) of a processor utilized for processing of a workload; initiating cloning of the TD or secure enclave from a source platform to an escrow platform; generating an escrow key to export the snapshot to the escrow platform; and exporting a state of the TD or secure enclave to the escrow platform, the state being sealed with a sealing key.

Abstract: Techniques for migration of a source protected virtual machine from a source platform to a destination platform are descried. A method of an aspect includes enforcing that bundles of state, of a first protected virtual machine (VM), received at a second platform over a stream, during an in-order phase of a migration of the first protected VM from a first platform to the second platform, are imported to a second protected VM of the second platform, in a same order that they were exported from the first protected VM. Receiving a marker over the stream marking an end of the in-order phase. Determining that all bundles of state exported from the first protected VM prior to export of the marker have been imported to the second protected VM. Starting an out-of-order phase of the migration based on the determination that said all bundles of the state exported have been imported.

Abstract: A key caching container provides for the secure storage of cryptographic keys and the secure operation of cryptographic functions for workload containers. A cryptographic call adapter in each workload container converts application cryptographic operation requests made by an application to workload container cryptographic operation requests that are sent to the key caching container. Secure provision of keys is enabled by a key broker service that acts as a proxy for a key management service. A secure enclave within the key caching container stores keys and instructions that perform cryptographic operations in an encrypted format. The key caching container provides a key handle associated with a cryptographic key to a requesting application, which the application uses in subsequent application cryptographic operation requests. The secure enclave is created and managed using security-related instructions in a security-enabled integrated circuit component that is part of a computing system's hardware platform.

Abstract: Example methods and systems are directed to isolating memory in trusted execution environments (TEEs). In function-as-a-service (FaaS) environments, a client makes use of a function executing within a TEE on a FaaS server. To minimize the trusted code base (TCB) for each function, each function may be placed in a separate TEE. However, this causes the overhead of creating a TEE to be incurred for each function. As discussed herein, multiple functions may be placed in a single TEE without compromising the data integrity of each function. For example, by using a different extended page table (EPT) for each function, the virtual address spaces of the functions are kept separate and map to different, non-overlapping physical address spaces. Partial overlap may be permitted to allow functions to share some data while protecting other data. Memory for each function may be encrypted using a different encryption key.

Abstract: In function-as-a-service (FaaS) environments, a client makes use of a function executing within a trusted execution environment (TEE) on a FaaS server. Multiple tenants of the FaaS platform may provide functions to be executed by the FaaS platform via a gateway. Each tenant may provide code and data for any number of functions to be executed within any number of TEEs on the FaaS platform and accessed via the gateway. Additionally, each tenant may provide code and data for a single surrogate attester TEE. The client devices of the tenant use the surrogate attester TEE to attest each of the other TEEs of the tenant and establish trust with the functions in those TEEs. Once the functions have been attested, the client devices have confidence that the other TEEs of the tenant are running on the same platform as the gateway.

Abstract: Example embodiments disclosed herein relate to distributing updated execution information to a cluster of nodes. Licensing information about whether the nodes are licensed to receive the updated execution information is generated. The licensing information is validated. The validated licensing information is used to distribute the updated execution information to the nodes.

Abstract: Example embodiments disclosed herein relate to distributing updated execution information to a cluster of nodes. Licensing information about whether the nodes are licensed to receive the updated execution information is generated. The licensing information is validated. The validated licensing information is used to distribute the updated execution information to the nodes.