| CPC G06F 9/5083 (2013.01) [G06F 9/3814 (2013.01); G06F 9/5027 (2013.01); G06T 1/20 (2013.01); G06T 1/60 (2013.01)] | 20 Claims |
|
1. An apparatus comprising:
a source remote direct memory access (RDMA) network interface controller (RNIC);
a queue to store a data entry corresponding to an RDMA request between the source RNIC and a sink RNIC of a remote device;
a data buffer to store data for an RDMA transfer corresponding to the RDMA request, the RDMA transfer between the source RNIC and the sink RNIC; and
a trusted execution environment (TEE) to provide protection of the queue and the data buffer used for an RDMA transaction comprising the RDMA transfer, wherein the TEE comprises an authentication tag controller to:
initialize a first authentication tag calculated using a first key known between a source consumer generating the RDMA request and the source RNIC;
associate the first authentication tag with the data entry in the queue to provide the protection as integrity verification for the data entry during the RDMA transaction;
initialize a second authentication tag calculated using a second key known between the source consumer and a sink consumer of the remote device, the sink consumer receiving the RDMA request; and
associate the second authentication tag with the data buffer to provide the protection as integrity verification for the data buffer during the RDMA transaction.
|