| CPC H04L 63/0869 (2013.01) [H04L 63/0435 (2013.01); H04L 63/20 (2013.01)] | 18 Claims |
|
1. A method comprising:
receiving, by a cloud service provider, a request to provide a trusted service to a client device;
performing, by a processing device of the cloud service provider using a first trusted execution environment (TEE), a mutual attestation procedure with a second TEE to obtain a grant to execute a third TEE that is trusted by the second TEE;
calculating, using the first TEE, an expected launch measurement (LM) of the third TEE;
generating, using the first TEE, an encrypted message;
registering, using the first TEE, the expected LM of the third TEE and the encrypted message with the second TEE;
initiating, using the second TEE, an execution of the third TEE responsive to obtaining the grant;
providing, using the third TEE, the trusted service to the client device, wherein the client device trusts the trusted service.
|