Microsoft Corporation
Nested enclave identity

Abstract:

A nested enclave identity is presented. A nested identity is indicative of one or more possible enclave instantiations according to one or more identity types. Enclave identities may be nested such that a lower level identity type corresponds to a subset of the possible enclave instantiations that a higher level identity type corresponds to. Techniques disclosed include instantiating an enclave with a nested identity at a software interface to an enclave platform, and performing an operation related to the instantiated enclave using the nested identity.