US 11,886,572 B2
Method to upgrade a tee trusted application to a server mode
Geoffroy Cogniaux, Meudon (FR)
Assigned to THALES DIS FRANCE SAS, Meudon (FR)
Appl. No. 17/278,318
Filed by THALES DIS FRANCE SAS, Meudon (FR)
PCT Filed Sep. 17, 2019, PCT No. PCT/EP2019/074832
§ 371(c)(1), (2) Date Mar. 21, 2021,
PCT Pub. No. WO2020/058250, PCT Pub. Date Mar. 26, 2020.
Claims priority of application No. 18306223 (EP), filed on Sep. 20, 2018.
Prior Publication US 2021/0334362 A1, Oct. 28, 2021
Int. Cl. G06F 21/53 (2013.01); G06F 9/54 (2006.01); H04L 9/40 (2022.01); G06F 8/61 (2018.01)
CPC G06F 21/53 (2013.01) [G06F 9/541 (2013.01); H04L 63/0281 (2013.01); G06F 8/61 (2013.01); G06F 2221/033 (2013.01); G06F 2221/2149 (2013.01)] 14 Claims
OG exemplary drawing
 
1. A method to upgrade a Trusted Application in an Execution Environment compliant to a Trusted Execution Environment standard to an as-a-server functioning, said standard defining at least one of the following locks preventing the Trusted Application in a Trusted Execution Environment to function as-a-server:
a Customer Application having a session opened in an instance of a Trusted Application enters in a blocking state immediately after having sent a Command to the Trusted Application and while the Trusted Application's Task has not finished,
a Trusted Application cannot partially execute a Task,
execution context of a Trusted Application is deleted between an executed Task and a subsequent command in an opened instance/session,
a Trusted Application has to be Single Instance/Multi Session or Multi Instance/Single Session, said method comprising:
running, inside the Trusted Execution Environment, each instance of a Multi Instance/Single Session Trusted-Server Trusted Application compliant to the TEE standard in an infinite state-full loop polling a session of a Single Instance/Multi Session Trusted-Pipe Trusted Application, the single session of each of the instance of the Trusted-Server Trusted Application being adapted to perform a task as a server,
meanwhile polling, by the Customer Application, said Trusted-Pipe Trusted Application,
opening a session depending on a command coming from the Customer Application,
exchanging data asynchronously between said Customer Application and said Trusted-Server Trusted Application by the polling mechanism making said Trusted-Pipe Trusted Application function as a mailbox for said Customer Application and said Trusted-Server Trusted Application,
wherein said Customer Application and said Trusted-Server Trusted Application accomplish their respective tasks without blocking each other and enabling the Trusted-Server Trusted Application to request data within its currently executing task without stopping it.