Abstract: A nested enclave identity is presented. A nested identity is indicative of one or more possible enclave instantiations according to one or more identity types. Enclave identities may be nested such that a lower level identity type corresponds to a subset of the possible enclave instantiations that a higher level identity type corresponds to. Techniques disclosed include instantiating an enclave with a nested identity at a software interface to an enclave platform, and performing an operation related to the instantiated enclave using the nested identity.

Abstract: An abstract enclave identity is presented. An abstract identity may be a secure identity that may be the same for multiple related, but not identical, enclave instantiations. An enclave identity value may be determined from an abstract enclave identity type with respect to a instantiated enclave. Various enclave operations may be performed with an abstract identity, such as sealing data to an abstract identity, incrementing a monotonic counter, making trusted time measurement.

Abstract: Abstraction programming models of enclave security platforms are described, including receiving a request from an enclave according to an enclave abstraction protocol, converting the request into a native enclave protocol, and sending the converted request to a native platform. The request may be, for example: to create an attestation report, to seal data to the enclave, a request to call a function in a client of the enclave, read a monotonic counter, to take a trusted time measurement, or to allocate memory that is shared with both the enclave and the enclave client.

Abstract: An abstract enclave identity is presented. An abstract identity may be a secure identity that may be the same for multiple related, but not identical, enclave instantiations. An enclave identity value may be determined from an abstract enclave identity type with respect to a instantiated enclave. An abstract identity value may be used to determine equivalence of two enclave instantiations that are not identical, such as two similar enclaves hosted on different computers, two enclaves hosted on different native enclave platforms, and two enclaves instantiated from different versions of the same enclave binary images.

Abstract: Techniques for instantiating an enclave from dependent enclave images are presented. The techniques include identifying a first set of dependent enclave indicators from a primary enclave image, identifying a first dependent enclave image corresponding to one of the first set of dependent enclave indicators, creating a secure enclave container, and copying at least a portion of the primary enclave image and at least a portion of the first dependent enclave image into the secure enclave container.

Abstract: Techniques for securely sealing and unsealing enclave data across platforms are presented. Enclave data from a source enclave hosted on a first computer may be securely sealed to a sealing enclave on a second computer, and may further be securely unsealed for a destination enclave on a third computer. Securely transferring an enclave workload from one computer to another is disclosed.

Abstract: Techniques for implementing a key vault as an enclave are presented. The techniques include securely storing, in a key vault enclave, a key for an encryption system according to a key use policy; sending an vault attestation report of a key vault enclave to a vault client; and performing an operation in the key vault enclave with the key. Some embodiments further include receiving, at the key vault enclave, a client attestation report of the vault client wherein the vault client and key vault enclave are hosted on different native enclave platforms.

Abstract: Methods for enforcing confidentiality and integrity of code and data while running the code over the data in a distributed computing system are described. In an embodiment each machine which processes data within the system provides a secure sub-system which is protected from other parts of the machine and which receives encrypted data and encrypted code, processes the data using the received code and outputs encrypted data. When establishing the secure sub-systems, keys are exchanged between the client and secure sub-systems and the secure sub-systems provide an attestation confirming the identity of the code running in the secure sub-systems and confirming that the code is running on genuine secure sub-systems. In another embodiment a data-flow computation system is described in which chunks of input data, each comprising an identifier, are authenticated/encrypted. The identifiers are used within the system to confirm that each chunk is processed exactly once.

Abstract: The invention provides methods of encoding content for distribution over a network and methods for decoding encoded content which has been distributed over the network. In a first example in which the content is divided into a plurality of segments and each segment comprising a plurality of blocks of data, the method comprises selecting a segment from the plurality of segments and selecting at least two blocks of the selected segment from a store of blocks. A new encoded block is created from a linear combination of the selected blocks.

Abstract: A data center has a plurality of secure processing units; a plurality of data stores holding encrypted data records; and a network connecting the secure processing units and the data stores. The secure processing units comprise computing functionality configured to execute a data processing operation in parallel on the secure processing units by being configured to read encrypted records from the stores, process one or more of the encrypted records within the secure processing units, send one or more of the encrypted records to the stores. The data center is configured to carry out a secret shuffle of the data records to protect the privacy of data processed in the data center from an observer observing any one or more of: the reading of the records, the sending of the records, the writing of the records; the secret shuffle comprising a random permutation of the records hidden from the observer.

Abstract: Techniques to secure computation data in a computing environment from untrusted code. These techniques involve an isolated environment within the computing environment and an application programming interface (API) component to execute a key exchange protocol that ensures data integrity and data confidentiality for data communicated out of the isolated environment. The isolated environment includes an isolated memory region to store a code package. The key exchange protocol further involves a verification process for the code package stored in the isolated environment to determine whether the one or more exchanged encryption keys have been compromised. If the signature successfully authenticates the one or more keys, a secure communication channel is established to the isolated environment and access to the code package's functionality is enabled. Other embodiments are described and claimed.

Abstract: The majority of such software attacks exploit software vulnerabilities or flaws to write data to unintended locations. For example, control-data attacks exploit buffer overflows or other vulnerabilities to overwrite a return address in the stack, a function pointer, or some other piece of control data. Non-control-data attacks exploit similar vulnerabilities to overwrite security critical data without subverting the intended control flow in the program. We describe a method for securing software against both control-data and non-control-data attacks. A static analysis is carried out to determine data flow information for a software program. Data-flow tracking instructions are formed in order to track data flow during execution or emulation of that software. Also, checking instructions are formed to check the tracked data flow against the static analysis results and thereby identify potential attacks or errors. Optional optimisations are described to reduce the resulting additional overheads.

Abstract: Methods for enforcing confidentiality and integrity of code and data while running the code over the data in a distributed computing system are described. In an embodiment each machine which processes data within the system provides a secure sub-system which is protected from other parts of the machine and which receives encrypted data and encrypted code, processes the data using the received code and outputs encrypted data. When establishing the secure sub-systems, keys are exchanged between the client and secure sub-systems and the secure sub-systems provide an attestation confirming the identity of the code running in the secure sub-systems and confirming that the code is running on genuine secure sub-systems. In another embodiment a data-flow computation system is described in which chunks of input data, each comprising an identifier, are authenticated/encrypted. The identifiers are used within the system to confirm that each chunk is processed exactly once.

Abstract: Methods of detecting memory errors using write integrity testing are described. In an embodiment, additional analysis is performed when a program is compiled. This analysis identifies a set of objects which can be written by each instruction in the program. Additional code is then inserted into the program so that, at runtime, the program checks before performing a write instruction that the particular object being written is one of the set of objects that it is allowed to write. The inserted code causes an exception to be raised if this check fails and allows the write to proceed if the check is successful. In a further embodiment, code may also be inserted to perform checks before indirect control-flow transfer instructions, to ensure that those instructions cannot transfer control to locations different from those intended.

Abstract: Software fault isolation methods using byte-granularity memory protection are described. In an embodiment, untrusted drivers or other extensions to a software system are run in a separate domain from the host portion of the software system, but share the same address space as the host portion. Calls between domains are mediated using an interposition library and access control data is maintained for substantially each byte of relevant virtual address space. Instrumentation added to the untrusted extension at compile-time, before load-time, or at runtime and added by the interposition library enforces the isolation between domains, for example by adding access right checks before any writes or indirect calls and by redirecting function calls to call wrappers in the interposition library. The instrumentation also updates the access control data to grant and revoke access rights on a fine granularity according to the semantics of the operation being invoked.

Abstract: Methods and architectures for automatic filter generation are described. In an embodiment, these filters are generated in order to block inputs which would otherwise disrupt the normal functioning of a program. An initial set of filter conditions is generated by analyzing the path of a program from a point at which a bad input is received to the point at which the malfunctioning of the program is detected and creating conditions on an input which ensure that this path is followed. Having generated the initial set of filter conditions, the set is made less specific by determining which instructions do not influence whether the point of detection of the attack is reached and removing the filter conditions which correspond to these instructions.

Abstract: A method is provided for a host node in a computer network to determine its coordinates in a d-dimensional network space, comprising discovering an address of a peer node in the network, measuring network latency between the host node and the peer node, determining whether network latency has been measured for at least d+1 peer nodes, where, if network latency has not been measured for at least d+1 peer nodes, estimating the network coordinates of the host node, and where, if network latency has been measured for at least d+1 peer nodes, calculating the network coordinates of the host node using d+1 measured latencies.

Abstract: Methods and apparatus for generating error reports with enhanced privacy are described. In an embodiment the error is triggered by an input to a software program. An error report is generated by identifying conditions on an input to the program which ensure that, for any input which satisfies the conditions, the software program will follow the same execution path such that the error can be reproduced. The error report may include these conditions or may include a new input generated using the conditions.

Abstract: Software fault isolation methods using byte-granularity memory protection are described. In an embodiment, untrusted drivers or other extensions to a software system are run in a separate domain from the host portion of the software system, but share the same address space as the host portion. Calls between domains are mediated using an interposition library and access control data is maintained for substantially each byte of relevant virtual address space. Instrumentation added to the untrusted extension at compile-time, before load-time, or at runtime and added by the interposition library enforces the isolation between domains, for example by adding access right checks before any writes or indirect calls and by redirecting function calls to call wrappers in the interposition library. The instrumentation also updates the access control data to grant and revoke access rights on a fine granularity according to the semantics of the operation being invoked.

Abstract: A wire protocol is described which implements connection management and other methods to give enhanced peer-to-peer content distribution. Connections between nodes can be placed in a “notify” state when they are idle but may soon yield useful content. This notify state is also used together with a content request/response cycle to allow a peer to evaluate content available at a neighbour. If no suitable content is available a notify state is entered. When new content is later received at the neighbour it is able to inform the requesting node to allow it to restart the content request/response cycle.