17970148. USING A SECURE ENCLAVE TO SATISFY RETENTION AND EXPUNGEMENT REQUIREMENTS WITH RESPECT TO PRIVATE DATA simplified abstract (MICROSOFT TECHNOLOGY LICENSING, LLC)
Contents
- 1 USING A SECURE ENCLAVE TO SATISFY RETENTION AND EXPUNGEMENT REQUIREMENTS WITH RESPECT TO PRIVATE DATA
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 USING A SECURE ENCLAVE TO SATISFY RETENTION AND EXPUNGEMENT REQUIREMENTS WITH RESPECT TO PRIVATE DATA - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Possible Prior Art
- 1.10 How does the secure enclave ensure that only a verified copy of the code can access the decryption key?
- 1.11 What measures are in place to prevent unauthorized access to the secure enclave and the encrypted data?
- 1.12 Original Abstract Submitted
USING A SECURE ENCLAVE TO SATISFY RETENTION AND EXPUNGEMENT REQUIREMENTS WITH RESPECT TO PRIVATE DATA
Organization Name
MICROSOFT TECHNOLOGY LICENSING, LLC
Inventor(s)
Sergey Yekhanin of Redmond WA (US)
Joshua Stanley Allen of Bellevue WA (US)
Ankit Srivastava of Bellevue WA (US)
Ralph Kennedy Johnston, Jr. of Renton WA (US)
Janardhan Dattatreya Kulkarni of Seattle WA (US)
USING A SECURE ENCLAVE TO SATISFY RETENTION AND EXPUNGEMENT REQUIREMENTS WITH RESPECT TO PRIVATE DATA - A simplified explanation of the abstract
This abstract first appeared for US patent application 17970148 titled 'USING A SECURE ENCLAVE TO SATISFY RETENTION AND EXPUNGEMENT REQUIREMENTS WITH RESPECT TO PRIVATE DATA
Simplified Explanation
A secure enclave can be used to meet privacy and audit requirements by loading code into it, generating predefined reports based on data and added noise, and generating encryption and decryption keys.
- Secure enclave used for privacy and audit requirements
- Code loaded into secure enclave
- Predefined reports generated based on data and added noise
- Encryption and decryption keys generated by secure enclave
- Only secure enclave has access to decryption key
- Verified copy of code can access decryption key
- Reports satisfy predefined differential privacy guarantee with added noise
- Encrypting code and ensuring reports satisfy differential privacy guarantee meets privacy requirements
- Retaining report, code, secure enclave, and encrypted data satisfies audit requirements
Potential Applications
The technology described in this patent application could be applied in industries where sensitive data needs to be processed securely while also meeting privacy and audit requirements. This could include healthcare, finance, and government sectors.
Problems Solved
This technology solves the problem of securely processing sensitive data while ensuring privacy and meeting audit requirements. By using a secure enclave to generate reports based on data with added noise, the system can satisfy both privacy and audit needs.
Benefits
The benefits of this technology include enhanced data security, privacy compliance, and audit trail capabilities. By utilizing a secure enclave to handle sensitive data processing, organizations can ensure the confidentiality and integrity of their data while also meeting regulatory requirements.
Potential Commercial Applications
A potential commercial application of this technology could be in the development of secure data processing systems for industries that handle sensitive information. This could include software solutions for healthcare providers, financial institutions, and government agencies.
Possible Prior Art
One possible prior art for this technology could be the use of secure enclaves in data processing systems to ensure data security and privacy. Companies like Intel and Apple have developed secure enclave technologies in their processors to protect sensitive information and cryptographic keys.
Unanswered Questions
How does the secure enclave ensure that only a verified copy of the code can access the decryption key?
The secure enclave may use cryptographic techniques such as digital signatures or secure boot processes to verify the authenticity of the code before granting access to the decryption key.
What measures are in place to prevent unauthorized access to the secure enclave and the encrypted data?
The secure enclave may have built-in security features such as secure boot processes, hardware-based encryption, and access control mechanisms to prevent unauthorized access to the enclave and the encrypted data.
Original Abstract Submitted
A secure enclave may be used to satisfy privacy requirements and audit requirements. Code may be loaded into the secure enclave. The code may generate a predefined report based on data and added noise. The pre-defined report may be subject to audit requirements. The data may be subject to the privacy requirements. The secure enclave may generate an encryption key and a decryption key based on the code. Only the secure enclave may have access to the decryption key. And the secure enclave may allow only a verified copy of the code to access the decryption key. With the added noise, the report may satisfy a pre-defined differential privacy guarantee. Encrypting the code and ensuring that the report satisfies the differential privacy guarantee may satisfy the privacy requirements. Retaining the report, the code, the secure enclave, and the encrypted data may satisfy the audit requirements.
