Abstract: The disclosed technology is generally directed to code transparency. In one example of the technology, a claim associated with an application is received. The claim is a document that is signed with a claim signature and that includes evidence associated with a policy, and further includes an expected set of at least one binary measurement associated with the application. The evidence is cryptographically verifiable evidence associated with the application. A trusted execution environment (TEE) is used to provide a distributed ledger. The claim is verified. Verifying the claim includes verifying the expected set of at least one binary measurement associated with the application, verifying the claim signature, and, based at least on the evidence, verifying that the application meets the policy. Upon successful verification of the claim, the claim is appended to the distributed ledger. A ledger countersignature associated with the claim is generated.

Abstract: The disclosed technology is generally directed to code transparency. In one example of the technology, evidence associated with a policy is obtained. The evidence includes data that includes cryptographically verifiable evidence associated with initial source code in accordance with the policy. The initial source code is source code for a CTS. The initial binary is based on the initial source code is executed in a TEE such that a CTS instance begins operation. The CTS instance is configured to register guarantee(s) associated with code approved by the CTS instance. The TEE is used to provide a ledger. The evidence is stored on the ledger. Measurement(s) associated with the binary are provided. A service key associated with CTS instance is generated. TEE attestation of the measurement(s), the evidence, and the service key is provided.

Abstract: In various examples, there is provided a computer-implemented method for writing transaction log entries to a transaction log for a database system. At least part of the database system is configured to be executed within a trusted execution environment. The transaction log is stored outside of the trusted execution environment. The method maintains a first secure count representing a number of transaction log entries which have been written to the transaction log for transactions which have been committed to the database and writes a transaction log entry to the transaction log. In other examples, there is also provided is a computer-implemented method for restoring a database system using transaction log entries received from the transaction log and a current value of the first secure count.

Abstract: In various examples, there is provided a computer-implemented method for writing transaction log entries to a transaction log for a database system. At least part of the database system is configured to be executed within a trusted execution environment. The transaction log is stored outside of the trusted execution environment. The method maintains a first secure count representing a number of transaction log entries which have been written to the transaction log for transactions which have been committed to the database and writes a transaction log entry to the transaction log. In other examples, there is also provided is a computer-implemented method for restoring a database system using transaction log entries received from the transaction log and a current value of the first secure count.

Abstract: The disclosed technology is generally directed to code transparency. In one example of the technology, a claim associated with an application is received. The claim is a document that is signed with a claim signature and that includes evidence associated with a policy, and further includes an expected set of at least one binary measurement associated with the application. The evidence is cryptographically verifiable evidence associated with the application. A trusted execution environment (TEE) is used to provide a distributed ledger. The claim is verified. Verifying the claim includes verifying the expected set of at least one binary measurement associated with the application, verifying the claim signature, and, based at least on the evidence, verifying that the application meets the policy. Upon successful verification of the claim, the claim is appended to the distributed ledger. A ledger countersignature associated with the claim is generated.

Abstract: The disclosed technology is generally directed to code transparency. In one example of the technology, evidence associated with a policy is obtained. The evidence includes data that includes cryptographically verifiable evidence associated with initial source code in accordance with the policy. The initial source code is source code for a CTS. The initial binary is based on the initial source code is executed in a TEE such that a CTS instance begins operation. The CTS instance is configured to register guarantee(s) associated with code approved by the CTS instance. The TEE is used to provide a ledger. The evidence is stored on the ledger. Measurement(s) associated with the binary are provided. A service key associated with CTS instance is generated. TEE attestation of the measurement(s), the evidence, and the service key is provided.

Abstract: In various examples, there is provided a computer-implemented method for writing transaction log entries to a transaction log for a database system. At least part of the database system is configured to be executed within a trusted execution environment. The transaction log is stored outside of the trusted execution environment. The method maintains a first secure count representing a number of transaction log entries which have been written to the transaction log for transactions which have been committed to the database and writes a transaction log entry to the transaction log. In other examples, there is also provided is a computer-implemented method for restoring a database system using transaction log entries received from the transaction log and a current value of the first secure count.

Abstract: Various technologies described herein pertain to enforcing control flow integrity by adding instrumentation when source code is compiled or binary code is rewritten. An indirect call to a control transfer target (e.g., in the source code, in the binary code, etc.) can be identified. Moreover, the instrumentation can be inserted prior to the indirect call. The instrumentation can use a bit from a bitmap maintained by a runtime to verify whether the control transfer target is valid. When an executable image that includes the inserted instrumentation runs, execution can be terminated and/or other appropriate actions can be taken when the control transfer target is determined to be invalid; alternatively, execution can continue when the control transfer target is determined to be valid.

Abstract: In various examples, there is provided a computer-implemented method for writing transaction log entries to a transaction log for a database system. At least part of the database system is configured to be executed within a trusted execution environment. The transaction log is stored outside of the trusted execution environment. The method maintains a first secure count representing a number of transaction log entries which have been written to the transaction log for transactions which have been committed to the database and writes a transaction log entry to the transaction log. In other examples, there is also provided is a computer-implemented method for restoring a database system using transaction log entries received from the transaction log and a current value of the first secure count.

Abstract: In various examples, there is a database system which comprises an operating system, a query engine, a transaction manager and components implementing database administration functionality. The query engine and the transaction manager are configured to be executed within one or more memory enclaves of a host computer system separately from the operating system and the components implementing database administration functionality.

Abstract: A method of manual memory management is described which comprises enabling one or more threads to access an object created in a manual heap by storing a reference to the object in thread-local state and subsequently deleting the stored reference after accessing the object. In response to abandonment of the object, an identifier for the object and a current value of either a local counter of a thread or a global counter are stored in a delete queue and all threads are prevented from storing any further references to the object in thread-local state. Deallocation of the object only occurs when all references to the object stored in thread-local state for any threads have been deleted and a current value of the local counter for the thread or the global counter has incremented to a value that is at least a pre-defined amount more than the stored value, wherein the global counter is updated using one or more local counters.

Abstract: Various technologies described herein pertain to enforcing control flow integrity by adding instrumentation when source code is compiled or binary code is rewritten. An indirect call to a control transfer target (e.g., in the source code, in the binary code, etc.) can be identified. Moreover, the instrumentation can be inserted prior to the indirect call. The instrumentation can use a bit from a bitmap maintained by a runtime to verify whether the control transfer target is valid. When an executable image that includes the inserted instrumentation runs, execution can be terminated and/or other appropriate actions can be taken when the control transfer target is determined to be invalid; alternatively, execution can continue when the control transfer target is determined to be valid.

Abstract: In various examples a compute node is described. The compute node has a central processing unit which implements a hardware transactional memory using at least one cache of the central processing unit. The compute node has a memory in communication with the central processing unit, the memory storing information comprising at least one of: code and data. The compute node has a processor which loads at least part of the information, from the memory into the cache. The processor executes transactions using the hardware transactional memory and at least the loaded information, such that the processor ensures that the loaded information remains in the cache until completion of the execution.

Abstract: A method of manual memory management is described. In response to detecting an access violation triggered by the use of an invalid reference to an object in a manual heap, a source of the access in a register or stack is identified. An updated reference for the object using stored mapping data is determined and used to replace the invalid reference in the source.

Abstract: In various examples, there is provided a computer-implemented method for writing transaction log entries to a transaction log for a database system. At least part of the database system is configured to be executed within a trusted execution environment. The transaction log is stored outside of the trusted execution environment. The method maintains a first secure count representing a number of transaction log entries which have been written to the transaction log for transactions which have been committed to the database and writes a transaction log entry to the transaction log. In other examples, there is also provided is a computer-implemented method for restoring a database system using transaction log entries received from the transaction log and a current value of the first secure count.

Abstract: In various examples, there is a database system which comprises an operating system, a query engine, a transaction manager and components implementing database administration functionality. The query engine and the transaction manager are configured to be executed within one or more memory enclaves of a host computer system separately from the operating system and the components implementing database administration functionality.

Abstract: In various examples a compute node is described. The compute node has a central processing unit which implements a hardware transactional memory using at least one cache of the central processing unit. The compute node has a memory in communication with the central processing unit, the memory storing information comprising at least one of: code and data. The compute node has a processor which loads at least part of the information, from the memory into the cache. The processor executes transactions using the hardware transactional memory and at least the loaded information, such that the processor ensures that the loaded information remains in the cache until completion of the execution.

Abstract: A method of manual memory management is described. In response to detecting an access violation triggered by the use of an invalid reference to an object in a manual heap, a source of the access in a register or stack is identified. An updated reference for the object using stored mapping data is determined and used to replace the invalid reference in the source.

Abstract: A method of manual memory management is described which comprises enabling one or more threads to access an object created in a manual heap by storing a reference to the object in thread-local state and subsequently deleting the stored reference after accessing the object. In response to abandonment of the object, an identifier for the object and a current value of either a local counter of a thread or a global counter are stored in a delete queue and all threads are prevented from storing any further references to the object in thread-local state. Deallocation of the object only occurs when all references to the object stored in thread-local state for any threads have been deleted and a current value of the local counter for the thread or the global counter has incremented to a value that is at least a pre-defined amount more than the stored value, wherein the global counter is updated using one or more local counters.

Abstract: A multi-party privacy-preserving machine learning system is described which has a trusted execution environment comprising at least one protected memory region. An code loader at the system loads machine learning code, received from at least one of the parties, into the protected memory region. A data uploader uploads confidential data, received from at least one of the parties, to the protected memory region. The trusted execution environment executes the machine learning code using at least one data-oblivious procedure to process the confidential data and returns the result to at least one of the parties, where a data-oblivious procedure is a process where any patterns of memory accesses, patterns of disk accesses and patterns of network accesses are such that the confidential data cannot be predicted from the patterns.