	US 11,962,576 B2
	Enclave interactions
Anna Sapek, Kirkland, WA (US); Uday Savagaonkar, Redmond, WA (US); Jeffrey Thomas Andersen, Kirkland, WA (US); and Thomas Michael Roeder, Kirkland, WA (US)
Assigned to Google LLC, Mountain View, CA (US)
Filed by Google LLC, Mountain View, CA (US)
Filed on Oct. 26, 2022, as Appl. No. 17/973,664.
Application 17/973,664 is a continuation of application No. 17/046,547, granted, now 11,509,643, previously published as PCT/US2018/042684, filed on Jul. 18, 2018.
Claims priority of provisional application 62/664,463, filed on Apr. 30, 2018.
Prior Publication US 2023/0039096 A1, Feb. 9, 2023
Int. Cl. H04L 9/40 (2022.01); G06Q 30/018 (2023.01); H04L 9/08 (2006.01)

CPC H04L 63/08 (2013.01) [H04L 9/0844 (2013.01); H04L 63/0428 (2013.01); H04L 63/101 (2013.01); G06Q 30/0185 (2013.01)]

20 Claims

1. A method of establishing a communication channel between an enclave entity and a second entity, the method comprising:

receiving, by one or more processors of a host computing device of the enclave entity, a request to initiate the communication channel from the second entity;

negotiating, by the one or more processors with the second entity, one or more types of assertions of identity to be exchanged between the enclave entity and the second entity;

negotiating, by the one or more processors with the second entity, a record protocol for the communication channel and a secret key for cryptographically protecting traffic sent over the communication channel; and

in response to negotiating the one or more types of assertions of identity, the record protocol, and the secret key, communicating, by the one or more processors with the second entity, using the record protocol and the secret key to encrypt and authenticate data exchanged over the communication channel.