Data sealing with a sealing enclave

What is claimed: 1. A method for sealing enclave data, comprising: sending, to a source enclave hosted on a first native enclave platform, a first attestation report of a sealing enclave hosted on a second native enclave platform; receiving a permitted list and associated enclave data at the sealing enclave from the source enclave, wherein the permitted list includes a list of one or more enclave identities permitted to unseal the enclave data; securely storing the enclave data and the permitted list, wherein the securely storing includes: encrypting the enclave data with a key associated with the sealing enclave, by the sealing enclave, prior to receiving a request for the enclave data from a destination enclave to create sealed enclave data; and storing the sealed enclave data in persistent storage; and restricting access of the enclave data to enclaves with authenticated identities as permitted according to the permitted list, wherein the restricting includes: determining whether to send the enclave data from the sealing enclave to the destination enclave, which is different from the sealing enclave, based at least in part on whether the destination enclave is included in the list of the one or more enclave identities permitted to unseal the enclave data; and after determining that the enclave data is to be sent from the sealing enclave to the destination enclave based at least in part on the destination enclave being included in the list of the one or more enclave identities permitted to unseal the enclave data, decrypting the sealed enclave data in response to receipt of the request for the enclave data from the destination enclave. 2. The method of claim 1 , wherein: the first native enclave platform is on a first computer and the second enclave native platform is hosted on a second computer. 3. The method of claim 1 , wherein the permitted list is a list of abstract identity types; and further comprising: receiving a source attestation report of the source enclave; and deriving a permitted identity value from the source attestation report and an abstract identity type in the permitted list. 4. The method of claim 1 , wherein the received enclave data is encrypted, and further comprising: executing an attestation process between the source enclave and the sealing enclave; and decrypting the encrypted enclave data with a key generated during the attestation process. 5. The method of claim 1 , wherein the one or more enclave identities in the permitted list are specified by one or more public keys of the one or more respective enclaves. 6. The method of claim 1 , wherein encrypting the enclave data with the key associated with the sealing enclave comprises: encrypting the enclave data with the key associated with the second native enclave platform on which the sealing enclave is hosted. 7. The method of claim 1 , wherein storing the sealed enclave data comprises: storing the sealed enclave data in unsecure storage. 8. A method for sealing enclave data, comprising: receiving, at a source enclave hosted on a first native enclave platform, a first attestation report of a sealing enclave hosted on a second native enclave platform; verifying trust in the sealing enclave; partially completing a secure processing operation in the source enclave; sending a permitted list and associated enclave data to the sealing enclave, wherein the permitted list includes a list of one or more enclave identities permitted to unseal the enclave data, wherein the enclave data includes state data of the source enclave sufficient to permit another enclave instantiation to continue the partially completed secure processing operation, said sending comprising causing the sealing enclave to determine whether to send the enclave data to a destination enclave that is different from the sealing enclave based at least in part on whether the destination enclave is included in the list of the one or more enclave identities permitted to unseal the enclave data, wherein the permitted list is a list of abstract identity types corresponding to respective hierarchical levels of an identity hierarchy; and sending a source attestation report of the source enclave to the sealing enclave, wherein the source attestation report includes at least one identity value of the source enclave corresponding to an abstract identity type in the permitted list. 9. The method of claim 8 , further comprising: an attestation process between the sealing enclave and the source enclave; generating encrypted enclave data by encrypting the enclave data with a key generated during the attestation process; and wherein the enclave data sent to the sealing enclave is the encrypted enclave data. 10. The method of claim 8 , wherein: the first native enclave platform is on a first computer and the second native enclave platform is hosted on a second computer. 11. A system comprising at least a processor and memory storing thereon instructions that, when executed by the system, cause at least: sending, to a source enclave hosted on a first native enclave platform, a first attestation report of a sealing enclave hosted on a second native enclave platform; receiving a permitted list and associated enclave data from the source enclave, wherein the permitted list includes a list of one or more enclave identities permitted to unseal the enclave data; storing the enclave data and the permitted list securely, wherein the storing includes: encrypting the enclave data with a key associated with the sealing enclave, by the sealing enclave, prior to receiving a request for the enclave data from a destination enclave to create sealed enclave data; and storing the sealed enclave data in persistent storage; and restricting access of the enclave data to enclaves with authenticated identities as permitted according to the permitted list, wherein the restricting includes: determining whether to send the enclave data from the sealing enclave to the destination enclave, which is different from the sealing enclave, based at least in part on whether the destination enclave is included in the list of the one or more enclave identities permitted to unseal the enclave data; and after determining that the enclave data is to be sent from the sealing enclave to the destination enclave based at least in part on the destination enclave being included in the list of the one or more enclave identities permitted to unseal the enclave data, decrypting the sealed enclave data in response to receipt of the request for the enclave data from the destination enclave. 12. The system of claim 11 , wherein: the first native enclave platform is on a first computer and the second enclave native platform is hosted on a second computer. 13. The system of claim 11 , wherein the permitted list is a list of abstract identity types, and the instructions further cause at least: receiving a source attestation report of the source enclave; and deriving a permitted identity values from the source attestation report and an abstract identity type in the permitted list. 14. The system of claim 11 , wherein the received enclave data is encrypted, and the instructions further cause at least: running an attestation process between the source enclave and the sealing enclave; and decrypting the encrypted enclave data with a key generated during the attestation process. 15. The system of claim 11 , wherein the one or more enclave identities in the permitted list are specified by one or more public keys of the one or more respective enclaves. 16. The system of claim 11