US 12,169,553 B2
Security broker for consumers of tee-protected services
Michael Hingston McLaughlin Bursell, Farnborough (GB); and Lilian Sturmann, Cambridge, MA (US)
Assigned to Red Hat, Inc., Raleigh, NC (US)
Filed by Red Hat, Inc., Raleigh, NC (US)
Filed on Jul. 30, 2021, as Appl. No. 17/389,991.
Prior Publication US 2023/0030816 A1, Feb. 2, 2023
Int. Cl. G06F 21/53 (2013.01); G06F 21/55 (2013.01); G06F 21/56 (2013.01); G06F 21/60 (2013.01)
CPC G06F 21/53 (2013.01) [G06F 21/554 (2013.01); G06F 21/566 (2013.01); G06F 21/602 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
acquiring, by a broker device, integrity data of a first computing device and integrity data of a second computing device, wherein the integrity data of the first computing device indicates whether a first service executes within a first trusted execution environment of the first computing device and the integrity data of the second computing device indicates whether a second service executes within a second trusted execution environment of the second computing device;
storing, by the broker device, the integrity data of the first computing device and the integrity data of the second computing device in a data storage device as stored integrity data;
creating, by the broker device, a first unidirectional correlation between the integrity data of the first computing device and the first service, and a second unidirectional correlation between the integrity data of the second computing device and the second service; and
providing, by the broker device, the stored integrity data to a plurality of consumer devices, wherein the integrity data of the first computing device is provided to a consumer device associated with the first service and the integrity data of the second computing device is provided to a consumer device associated with the second service.