System, Apparatus And Method For Integrity Protecting Tenant Workloads In A Multi-Tenant Computing Environment

Organization Name

intel corporation

Inventor(s)

Siddhartha Chhabra of Portland OR (US)

David M. Durham of Beaverton OR (US)

System, Apparatus And Method For Integrity Protecting Tenant Workloads In A Multi-Tenant Computing Environment - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240176749 titled 'System, Apparatus And Method For Integrity Protecting Tenant Workloads In A Multi-Tenant Computing Environment

Simplified Explanation

The abstract describes a multi-tenant computing system with a memory execution circuit that can operate in different modes to handle encrypted data from different tenants securely.

• The system includes a processor with multiple cores for tenant agents to execute, a configuration storage, and a memory execution circuit.
• The configuration storage contains a register to store configuration information, including a mode identifier for the memory execution circuit.
• In one mode, the memory execution circuit receives encrypted data from a tenant, generates an integrity value for the data, and sends both to memory without revealing the integrity value to the system's software.

Potential Applications

This technology could be applied in secure cloud computing environments, data centers, and other multi-tenant systems where data privacy and security are paramount.

Problems Solved

1. Secure handling of encrypted data from multiple tenants in a shared computing environment. 2. Ensuring data integrity without exposing sensitive information to unauthorized parties.

Benefits

1. Enhanced data security and privacy for tenants in a multi-tenant system. 2. Efficient and reliable handling of encrypted data without compromising system integrity.

Potential Commercial Applications

"Secure Multi-Tenant Computing System for Cloud Environments"

Possible Prior Art

Prior art in the field of secure data handling in multi-tenant systems may include encryption techniques, data integrity verification methods, and secure memory access protocols.

What are the specific encryption algorithms used in this system?

The abstract does not specify the encryption algorithms used in the system.

How does the system handle potential conflicts between different modes of operation for the memory execution circuit?

The abstract does not address how conflicts between different modes of operation for the memory execution circuit are resolved.

Original Abstract Submitted

in one embodiment, a multi-tenant computing system includes a processor including a plurality of cores on which agents of tenants of the multi-tenant computing system are to execute, a configuration storage, and a memory execution circuit. the configuration storage includes a first configuration register to store configuration information associated with the memory execution circuit. the first configuration register is to store a mode identifier to identify a mode of operation of the memory execution circuit. the memory execution circuit, in a first mode of operation, is to receive encrypted data of a first tenant, the encrypted data encrypted by the first tenant, generate an integrity value for the encrypted data, and send the encrypted data and the integrity value to a memory, the integrity value not visible to the software of the multi-tenant computing system. other embodiments are described and claimed.