- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is there any method for Enclave to authenticate its caller? For example, Enclave A is supposed to be used only by application A. If an unauthorized application B (i.e. malware) tries to use Enclave A, how can Enclave A deny application B?
Link Copied
1 Reply
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Basically, this is part of the complexity on how to design the security of the application between the trusted and the untrusted part. In general, the Enclave should never disclose the secret or any sensitive data to external calls. Some simple technique such as using local file permission as authentication to pass data between the Enclave and only authorized application may work. It really depends on the application's use case and other factors such as performance.

Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page