What technology area does this patent fall under?

Primary CPC classification H04L63/0428. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Sep 26 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 10 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Techniques for shared private data objects in a trusted execution environment

US11770368B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11770368-B2
Application number	US-202217677584-A
Country	US
Kind code	B2
Filing date	Feb 22, 2022
Priority date	Aug 18, 2017
Publication date	Sep 26, 2023
Grant date	Sep 26, 2023

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Techniques for sharing private data objects in a trusted execution environment using a distributed ledger are described. The techniques described herein may enable sharing of data objects, referred to herein as private data objects (PDOs), between individuals and organizations with access and update policies mediated by execution of code (referred to herein as a “smart contract”) carried with the PDO in a secure enclave. A distributed ledger may serve as a “public commit log” to ensure that there is a single, authoritative instance of the object and provide a means of guaranteeing atomicity of updates across interacting objects.

First claim

Opening claim text (preview).

The invention claimed is: 1. A computer-implemented method, comprising: registering a contract identifier with a distributed ledger; selecting one or more of a plurality of contract enclaves; requesting a provisioning secret for the one or more of the plurality of contract enclaves; and sending an information element comprising an indication of private data to at least one of the one or more of the plurality of contract enclaves. 2. The computer-implemented method of claim 1 , wherein, the at least one of the one or more of the plurality of contract enclaves, creates a private data object (PDO) responsive to receiving the information element and sends the PDO to the distributed ledger. 3. The computer-implemented method of claim 1 , the provisioning secret comprising at least an encryption public key for the one or more of the plurality of contract enclaves. 4. The computer-implemented method of claim 1 , comprising selecting the one or more of the plurality of contract enclaves based on at least one of the following: processor, memory, latency, security, or software. 5. The computer-implemented method of claim 1 , comprising registering a contract owner public key with the distributed ledger. 6. The computer-implemented method of claim 1 , comprising receiving, from a provisioning service, a keyshare encrypted with an encryption private key associated with a one of the one or more of the plurality of contract enclaves. 7. The computer-implemented method of claim 6 , comprising sending the encrypted keyshare to the one of the one or more of the plurality of contract enclaves. 8. An apparatus comprising: processing circuitry; and memory coupled to the processing circuitry, the memory comprising instructions that when executed by the processing circuitry, causes the processing circuitry to: register a contract identifier with a distributed ledger; select one or more of a plurality of contract enclaves; request a provisioning secret for the one or more of the plurality of contract enclaves; and send an information element comprising an indication of private data to at least one of the one or more of the plurality of contract enclaves. 9. The apparatus of claim 8 , wherein, the at least one of the one or more of the plurality of contract enclaves creates a private data object (PDO) responsive to receiving the information element and sends the PDO to the distributed ledger. 10. The apparatus of claim 8 , the provisioning secret comprising at least an encryption public key for the one or more of the plurality of contract enclaves. 11. The apparatus of claim 8 , the instructions, when executed by the processing circuitry, cause the processing circuitry to select the one or more of the plurality of contract enclaves based on at least one of the following: processor, memory, latency, security, or software. 12. The apparatus of claim 8 , the instructions, when executed by the processing circuitry, cause the processing circuitry to register a contract owner public key with the distributed ledger. 13. The apparatus of claim 8 , the instructions, when executed by the processing circuitry, cause the processing circuitry to receive, from a provisioning service, a keyshare encrypted with an encryption private key associated with a one of the one or more of the plurality of contract enclaves. 14. The apparatus of claim 13 , the instructions, when executed by the processing circuitry, cause the processing circuitry to send the encrypted keyshare to the one of the one or more of the plurality of contract enclaves. 15. A memory device, comprising a non-transitory computer-readable storage medium that stores instructions for execution by processing circuitry of a contract owner device, the instructions to cause the contract owner device to: register a contract identifier with a distributed ledger select one or more of a plurality of contract enclaves; request a provisioning secret for the one or more of the plurality of contract enclaves; and send an information element comprising an indication of private data to at least one of the one or more of the plurality of contract enclaves. 16. The memory device of claim 15 , wherein, the at least one of the one or more of the plurality of contract enclaves creates a private data object (PDO) responsive to receiving the information element and sends the PDO to the distributed ledger. 17. The memory device of claim 15 , the provisioning secret comprising at least an encryption public key for the one or more of the plurality of contract enclaves. 18. The memory device of claim 15 , the instructions, when executed by the processing circuitry, cause the contract owner device to select the one or more of the plurality of contract enclaves based on at least one of the following: processor, memory, latency, security, or software. 19. The memory device of claim 15 , the instructions, when executed by the processing circuitry, cause the contract owner device to register a contract owner public key with the distributed ledger. 20. The memory device of claim 15 , the instructions, when executed by the processing circuitry, cause the contract owner device to receive, from a provisioning service, a keyshare encrypted with an encryption private key associated with a one of the one or more of the plurality of contract enclaves. 21. The memory device of claim 20 , the instructions, when executed by the processing circuitry, cause the contract owner device to send the encrypted keyshare to the one of the one or more of the plurality of contract enclaves.

Assignees

Intel Corp

Inventors

Classifications

H04L63/0428Primary
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
G06F21/57
Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities · CPC title
G06F21/6218
to a system of files or objects, e.g. local or distributed file system or database · CPC title
H04L9/0822
using key encryption key · CPC title
H04L9/3234
involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token (network architectures or network communication protocols for supporting authentication of entities using an additional device in a packet data network H04L63/0853) · CPC title

Patent family

Related publications grouped by family.

View patent family 65360790

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11770368B2 cover?: Techniques for sharing private data objects in a trusted execution environment using a distributed ledger are described. The techniques described herein may enable sharing of data objects, referred to herein as private data objects (PDOs), between individuals and organizations with access and update policies mediated by execution of code (referred to herein as a “smart contract”) carried with t…
Who is the assignee on this patent?: Intel Corp
What technology area does this patent fall under?: Primary CPC classification H04L63/0428. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Sep 26 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 10 related publications on this page (citations in our corpus or others sharing the same primary CPC).