INSTRUCTIONS

BACKGROUND

The present invention, in some embodiments thereof, relates to a system for executing a plurality of computer instructions and, more specifically, but not exclusively, to a system for preventing a malicious intervention in executing the plurality of computer instructions.

For brevity, henceforth the term“service” is used to mean a computer based service, provided by a computer based system or device, possibly by executing code for providing the computer based service. As used henceforth, an attacker is an entity - a person or an organization - attempting to benefit from disrupting a service and additionally or alternatively from gaining unauthorized access to the service.

There is an increasingly known risk to services of being threatened by attackers attempting to benefit from disrupting a service or from gaining unauthorized access to the service. Some hardware processors implement a trusted execution environment (TEE), providing an isolated execution environment where computer instructions and data loaded into the TEE cannot be accessed by other computer instructions executed by processing circuitry outside the TEE. Loading computer instructions and data into the TEE requires authentication of a loading entity, loading the computer instructions and data, and authorization of the loading entity to access the TEE. The TEE provides integrity to the execution of the computer instructions, such that execution of the computer instructions cannot be interrupted by the other computer instructions and the computer instructions cannot be changed by the other computer instructions. In addition, data in the TEE is private to the computer instructions and cannot be accessed, neither read nor written, by the other computer instructions.

SUMMARY

It is an object of the present invention to provide a system and a method for securely executing a plurality of computer instructions. The foregoing and other objects are achieved by the features of the independent claims. Further implementation forms are apparent from the dependent claims, the description and the figures.

According to a first aspect of the invention, a system for executing a plurality of computer instructions comprises: a processing circuitry having a Trusted Execution Environment, TEE, for executing a secure set of computer instructions. According to the first aspect, the secure set of computer instructions executable by the TEE comprises: a first set of computer instructions, identified in a primary set of computer instructions, for producing a first outcome; and a second set of computer instructions for producing an auxiliary outcome associated with a primary outcome of executing the primary set of computer instructions by the processing circuitry. According to the first aspect, the processing circuitry produces the primary outcome according to the first outcome.

According to a second aspect of the invention, a method for executing a plurality of computer instructions comprises: executing, in a TEE of a processing circuitry, a secure set of computer instructions. According to the second aspect, the secure set of computer instructions executable by the TEE comprises: a first set of computer instructions, identified in a primary set of computer instructions, for producing a first outcome; and a second set of computer instructions for producing an auxiliary outcome associated with a primary outcome of executing the primary set of computer instructions by the processing circuitry. According to the second aspect, the processing circuitry produces the primary outcome according to the first outcome.

According to a third aspect of the invention, a non-transitory computer-readable storage medium comprises a program code which, when executed by a computer, causes the computer to execute the method of the second aspect of the invention.

With reference to the first and second aspects, in a first possible implementation of the first and second aspects of the present invention executing the first set of computer instructions comprises accessing a secret value stored in the TEE. Optionally, the secret value is selected from a group of secret values consisting of: a password value, a symmetric encryption-decryption key value, a private decryption key value, a private encryption key value, a signing key value, and an input value for a Zero Knowledge Proof method. Optionally, executing the first set of computer instructions comprises executing a plurality of secret computer instructions stored in the TEE. Executing the first set of computer instructions by accessing a secret value stored in the TEE and additionally or alternatively by executing a plurality of secret computer instructions stored in the TEE facilitates adding protection to the primary outcome of executing the primary set of computer instructions, such as a signature, a cryptographic signature, or encryption, as the primary outcome is produced according to the first outcome of executing the first set of computer instructions, for example using the first outcome to produce the primary outcome or producing the primary outcome subject to the first outcome, thus increasing stability of a system implementing the present invention and increasing availability of a service provided by the system.

With reference to the first and second aspects, or the first implementation of the first and second aspects, in a second possible implementation of the first and second aspects of the present invention the primary outcome of executing the primary set of computer instructions comprises instructing modification of a target value, producing the first outcome comprises producing, using the secret value, a modification instruction to modify the target value, the processing circuitry instructs modification of the target value subject to a successful result of applying an authorization test to the modification instruction, and producing the auxiliary outcome comprises outputting an indication of the modification instruction. Optionally, the target value is indicative of an amount of money. Instructing modification of the target value subject to a successful result of applying an authorization test to the modification instruction together with outputting an indication of the modification instruction facilitates monitoring an auditing the system, reducing risk of an unauthorized modification of the target value thus increasing system stability and reliability.

With reference to the first and second aspects, or the first and second implementations of the first and second aspects, in a third possible implementation of the first and second aspects of the present invention outputting the indication of the modification instruction comprises one or more of: writing a log entry to a log repository, and generating a report. Optionally, the processing circuitry is further configured for sending the indication of the modification instruction to another processing circuitry. Optionally, the other processing circuitry is configured for: receiving from the processing circuitry an indication of executing the modification instruction; applying an audit test to identify the indication of executing the modification instruction in the indication of the modification instruction; and outputting an audit indication subject to failure of the audit test. Applying an audit test to identify the indication of executing the modification instruction in the indication of the modification instruction, for example in a log repository or in a report, reduces probability of an unauthorized modification of the target value being undetected thus increasing reliability and stability of the system.

With reference to the first and second aspects, or the first implementation of the first and second aspects, in a fourth possible implementation of the first and second aspects of the present invention the primary set of computer instructions is additionally for receiving from a requester a request to retrieve a private value stored in a data storage connected to the processing circuitry, the primary outcome of executing the primary set of computer instructions comprises outputting the private value in response to the request, producing the auxiliary outcome comprises computing an authorization value in response to the request according to an identified policy, producing the first outcome comprises, subject to the authorization value, reading the private value from the data storage, and the processing circuitry sends the private value to the requester subject to successfully reading and decrypting the private value from the data storage. Sending the private value to the requester subject to successfully reading and decrypting the private value from the data storage increases reliability and stability of the system. Optionally, producing the first outcome further comprises decrypting the private value using the secret value, subject to the authorization value. Optionally, the private value is one of: an image of a person, a medical image of a person, a biometric value, a name value, a person identification value, a gender value, an age value, a credit card number value, an account identification value, and an account access credential value.

Other systems, methods, features, and advantages of the present disclosure will be or become apparent to one with skill in the art upon examination of the following drawings and detailed description. It is intended that all such additional systems, methods, features, and advantages be included within this description, be within the scope of the present disclosure, and be protected by the accompanying claims.

Unless otherwise defined, all technical and/or scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which the invention pertains. Although methods and materials similar or equivalent to those described herein can be used in the practice or testing of embodiments of the invention, exemplary methods and/or materials are described below. In case of conflict, the patent specification, including definitions, will control. In addition, the materials, methods, and examples are illustrative only and are not intended to be necessarily limiting.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

Some embodiments of the invention are herein described, by way of example only, with reference to the accompanying drawings. With specific reference now to the drawings in detail, it is stressed that the particulars shown are by way of example and for purposes of illustrative discussion of embodiments of the invention. In this regard, the description taken with the drawings makes apparent to those skilled in the art how embodiments of the invention may be practiced. In the drawings:

FIG. 1 is a schematic block diagram of an exemplary system, according to some embodiments of the present invention;

FIG. 2 is a flowchart schematically representing an optional flow of operations, according to some embodiments of the present invention;

FIG. 3 is a schematic block diagram representing an exemplary flow of data for producing a signed instruction, according to some embodiments of the present invention;

FIG. 4 is a schematic block diagram representing an exemplary flow of data for accessing private data, according to some embodiments of the present invention; and

FIG. 5 is a flowchart schematically representing an optional flow of operations for auditing, according to some embodiments of the present invention.

DETAILED DESCRIPTION

The present invention, in some embodiments thereof, relates to a system for executing a plurality of computer instructions and, more specifically, but not exclusively, to a system for preventing a malicious intervention in executing the plurality of computer instructions.

It is common for a system providing a service to implement, besides the service, one or more tools for monitoring the system and possibly generating reports about the system. Some systems implement one or more tools for enforcing a policy governing access to the system and behavior of the system. Some such tools allow a manager of a system to identify an attack on the system. However, an attacker may gain control of a tool and use the tool to hide an attack. For example, when a system comprises a logging and reporting tool that stores an entry for every operation performed by the service, the attacker may gain control of the logging and reporting tool and log the unauthorized operation as an authorized operation to prevent a manager of the system from detecting the unauthorized operation by comparing a report generated by the logging and reporting tool with a report generated by a target system of the unauthorized operation. For example, in a banking system an attacker gaining control of the logging and reporting tool may trigger execution of an unauthorized financial transaction benefitting a bank account owned by the attacker, such that the unauthorized financial transaction is logged and reported as an authorized financial transaction. Alternatively, the attacker may remove a record of the unauthorized financial transaction such that the unauthorized financial transaction does not appear in a report. In another example, in a system implementing a policy enforcer, the attacker may gain control of the policy enforcer and authorize an operation that would otherwise not be authorized by the policy enforcer. For example, in a system comprising a data storage storing private data, a private data value may be accessed by the attacker by forging a result of an authorization process.

There exist systems where a TEE is used to protect content on a computing device comprising the TEE. Another example of an existing use of a TEE is to authenticate a user of the computing device, for example using one or more biometric methods. However, there exist services that cannot be executed in a single TEE, for example a service that comprises digital network communication between at least two processors.

The present invention, in some embodiments thereof, proposes executing in the TEE an essential part of the service and an auxiliary part of the service, where the service provided by the system depends on execution of the essential part, and an auxiliary outcome of executing the auxiliary part is associated with the service provided by the system. Executing both the essential part and the auxiliary part in the TEE reduces a risk of providing the service without executing the auxiliary part. When the auxiliary part is part of a means for preventing an attack on the system, executing both the essential part and the auxiliary part in the TEE reduces risk of an attacker circumventing the means for preventing the attack, as the service may not be provided without executing the auxiliary part, in turn increasing system reliability and stability, and availability of the service.

According to the present invention, in some embodiments the service provided by the system is a primary outcome of executing a primary set of computer instructions. In such embodiments the essential part is a first set of computer instructions, identified in the primary set of computer instructions, such that the primary outcome is produced according to a first outcome produced by executing the essential part, for example using the first outcome to produce the primary outcome or producing the primary outcome subject to the first outcome. In a first example, when the primary outcome comprises a response to a request, the essential part may comprise reading a private value from data storage and the first outcome may comprise the private value. In the first example, the response to the request is produced using the private value. In a second example, when the primary outcome comprises instructing modification of one or more values, the essential part may comprise producing a signed modification instruction and the first outcome may comprise a signature produced using a secret stored in the TEE. In the second example, the modification instruction is signed using the signature. Optionally, the signature is a cryptographic signature and the modification instruction is a cryptographically signed modification instruction.

In some embodiments where the primary outcome is produced according to the first outcome, the first outcome is optionally associated with an auxiliary outcome of executing an auxiliary set of computer instructions. Executing by the TEE both the auxiliary set of computer instructions, producing the auxiliary outcome, and the first set of computer instructions provides integrity to an association between the first outcome and execution of the auxiliary set of computer instructions. As, in such embodiments, the primary outcome is produced according to the first outcome, executing by the TEE both the auxiliary set of computer instructions and the first set of computer instructions provides integrity to an association between the primary outcome and execution of the auxiliary set of computer instructions such that the primary outcome is not produced without execution of the auxiliary set of computer instructions, increasing accuracy and reliability of the primary outcome, thus increasing system stability and reliability and availability of the service.

In the first example, when the primary outcome comprises the response to the request, the auxiliary outcome may comprise an authorization value computed for a user sending the request. In the first example, the private value is retrieved subject to the authorization value, thus the response is generated subject to the authorization value.

In the second example, when the primary outcome comprises instructing modification of the one or more values, producing the auxiliary outcome may comprise outputting an indication of the modification instruction, for example by writing a log entry to a log repository. In the second example, another indication of another instruction to modify the one or more values, generated by other computer instructions not executed by the TEE, is not outputted.

In addition, according to some embodiments of the present invention, producing the auxiliary outcome comprises sending an indication of the modification instruction to another processing circuitry. Optionally, the indication of the modification instructions is signed, optionally using the secret stored in the TEE. In addition, an indication of executing the modification instruction is optionally sent to the other processing circuitry. Optionally, the other processing circuitry applies an audit test to identify the indication of executing the modification instruction in the indication of the modification instructions. The other processing circuitry may output an audit indication subject to failure of the audit test. Applying an audit test to identify the indication of executing the modification instruction in the indication of the modification instruction increases a probability of detecting unauthorized modification of the one or more values, increasing system stability and reliability and availability of the service.

Before explaining at least one embodiment of the invention in detail, it is to be understood that the invention is not necessarily limited in its application to the details of construction and the arrangement of the components and/or methods set forth in the following description and/or illustrated in the drawings and/or the Examples. The invention is capable of other embodiments or of being practiced or carried out in various ways.

The present invention may be a system, a method, and/or a computer program product. The computer program product may include a computer readable storage medium (or media) having computer readable program instructions thereon for causing a processor to carry out aspects of the present invention.

The computer readable storage medium can be a tangible device that can retain and store instructions for use by an instruction execution device. The computer readable storage medium may be, for example, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing.

Computer readable program instructions described herein can be downloaded to respective computing/processing devices from a computer readable storage medium or to an external computer or external storage device via a network, for example, the Internet, a local area network, a wide area network and/or a wireless network.

The computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider). In some embodiments, electronic circuitry including, for example, programmable logic circuitry, field-programmable gate arrays (FPGA), or programmable logic arrays (PLA) may execute the computer readable program instructions by utilizing state information of the computer readable program instructions to personalize the electronic circuitry, in order to perform aspects of the present invention. Aspects of the present invention are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer readable program instructions.

The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts or carry out combinations of special purpose hardware and computer instructions.

Reference is now made to FIG. 1, showing a schematic block diagram of an exemplary system 100, according to some embodiments of the present invention. In such embodiments, processing circuitry 101 has a Trusted Execution Environment (TEE) 1 11, for executing a secure set of computer instructions. The processing circuitry may be any kind of programmable or non programmable circuitry that is configured to carry out the operations described in this disclosure. The processing circuitry may comprise hardware as well as software. For example, the processing circuitry may comprise one or more processors and a transitory or non-transitory memory that carries a program which causes the processing circuitry to perform the respective operations when the program is executed by the one or more processors. Some examples of a TEE are Intel Software Guard Extensions (Intel SGX), ARM TrustZone, Advanced Micro Devices Secure Encrypted Virtualization (SEV), RISC-V Keystone, and a hardware security module (HSM).

For brevity, henceforth the term“processor” is used to mean“processing circuitry”. Optionally, processor 101 is connected to data storage 122, for example for the purpose of storing private data. Optionally, data storage 122 comprises a log repository. Optionally, data storage 122 comprises a non-volatile storage, for example one or more of: a hard disk, a network connected storage, and a storage network. Optionally, TEE 111 is connected to data storage 122. Optionally, processor 101 is connected to one or more digital communication network interfaces 121, optionally for the purpose of receiving one or more requests from a requester. The requester may be an application executed by other processor 131, optionally connected to processor 101, optionally via one or more digital communication network interfaces 121. One or more digital communication network interfaces 121 are optionally connected to a local area network, for example an Ethernet network or a wireless network. Optionally, one or more digital communication network interfaces 121 are connected to a wide area network, for example the Internet.

Additionally or alternatively, processor 101 optionally sends other processor 131 one or more instructions to modify one or more target values. Optionally, the one or more instructions to modify are one or more signed instructions. Further additionally or alternatively, processor 101 optionally sends other processor 131 one or more reports. Further additionally or alternatively, processor 101 optionally communicates with other processor 131 for the purpose of authenticating and authorizing the requester sending the one or more requests. Optionally other processor 131 comprises more than one hardware processor.

Processor 101 optionally executes a primary set of computer instructions. To execute the primary set of computer instructions, in some embodiments of the present invention system 100 implements the following optional method.

Reference is now made also to FIG. 2, showing a flowchart schematically representing an optional flow of operations 200, according to some embodiments of the present invention. In 211, processor 101 optionally receives a request from a requester, optionally from other processor 131. Optionally, the request is to retrieve a private value stored in data storage 122. In 201, processor 101 optionally executes a secure set of computer instructions in TEE 111.

Optionally, executing the primary set of computer instructions has a primary outcome. Optionally, the primary outcome of executing the primary set of computer instructions comprises instructing modification of a target value. For example, the target value may be indicative of an amount of money, for example when system 100 is a banking system and the target value is a balance value of a bank account of a user. In this example, the primary set of computer instructions may comprise processing a request to transfer an identified amount of money from one bank account to a second bank account instructing modification of a target value may be comprise increasing a balance value of a source bank account or decreasing another balance value of a target bank account. Optionally, the primary outcome of executing the primary set of computer instructions comprises outputting a private value in response to a request received from the requester. Some examples of a private value are an image of a person, a medical image of a person, a biometric value, a name value, a person identification value, a gender value, an age value, a credit card number value, an account identification value such as a bank account or a computer based service account, and an account access credential value.

Optionally, the secure set of computer instructions executed in TEE 111 comprises a first set of computer instructions, identified in the primary set of computer instructions, for producing a first outcome. Optionally, processor 101 produces the primary outcome according to the first outcome. Optionally, producing the first outcome comprises producing a modification instruction to modify the target value, for example when the primary outcome comprises instructing modification of the target value. In this example, processor 101 instructs modification of the target value according to the modification instruction produced by TEE 111. Optionally, executing the first set of computer instructions comprises accessing a secret value stored in the TEE, for example when the modification instruction is signed and additionally or alternatively is encrypted. Some examples of a secret value are a password value, a symmetric encryption-decryption key value, a private decryption key value, a private encryption key value, a signing key value, and an input value for a zero Knowledge Proof method. Optionally, the modification instruction is produced using the secret value. For example, the modification instruction is optionally produced such that other processor 131 modifies the target value subject to a successful result of applying an authorization test to the modification instruction. Optionally a successful result of applying the authorization test to the modification instruction is dependent on the secret value.

Optionally, producing the first outcome comprises reading the private value from data storage 122. For example, processor 101 may output the private value read by TEE 111 in response to the request received from the requester. Optionally, producing the first outcome comprises decrypting the private value using the secret value. Optionally, executing the first set of computer instructions comprises executing a plurality of secret computer instructions stored in the TEE, for example for the purpose of computing a signature or a cryptographic signature. Other examples of a plurality of secret computer instructions are encrypting computer instructions for encrypting a value and decrypting computer instructions for decrypting an encrypted value.

Optionally, the secure set of computer instructions executed in TEE 111 comprises a second set of computer instructions for producing an auxiliary outcome. Optionally, the auxiliary outcome produced by TEE 111 executing the second set of computer instructions is associated with the primary outcome produced by processor 101 executing the primary set of instructions. For example, producing the auxiliary outcome optionally comprises sending in 221 an indication of the modification instruction. Thus, in this example, the primary outcome of instructing modification of the target value is associated with the indication of the modification instruction. Optionally, producing the auxiliary outcome comprises computing an authorization value in response to the request. Optionally, the authorization value is computed according to an identified policy. Optionally, producing the first outcome is subject to the authorization value. For example, TEE 111 may read the private value from data storage 131 subject to the authorization value. Optionally, TEE 111 decrypts, using the secret value, the private value read from data storage 131 subject to the authorization value. Optionally, processor 101 sends the private value to the requester subject to successfully reading and decrypting the private value from the data storage. Thus, in some embodiments, a primary outcome of sending a private value to a requester is associated with an auxiliary outcome of computing an authorization value.

Optionally, outputting in 211 the indication of the modification instruction comprises writing a log entry to a log repository, for example a log repository stored on data storage 122 or a log repository managed by other processor 131. Optionally, outputting the indication of the modification instruction comprises generating a report.

To understand a possible relationship between the primary outcome of executing the primary set of computer instructions by processor 101, the first outcome of executing the first set of computer instructions in TEE 111, and the auxiliary outcome of executing the second set of computer instructions in TEE 111, reference is now made also to FIG. 3, showing a schematic block diagram representing an exemplary flow of data 300 for producing a signed instruction, according to some embodiments of the present invention. In such embodiments, a primary outcome of executing the primary set of instructions by processor 101 is producing a signed instruction to modify a target value. Signing an instruction to modify the target value allows protecting the target value such that only an authorized entity modifies the target value. Optionally the instruction to modify the target value is cryptographically signed. In such embodiments TEE 111 receives an unsigned modification instruction 301, for example produced by processor 101 executing some of the primary set of computer instructions. Optionally, TEE 111 executes the first set of computer instructions to sign modification instruction 301 to produce signed instruction 302. In addition, TEE optionally executes the second set of computer instructions to produce auxiliary outcome trusted report 310. Trusted report 310 optionally comprises data indicative of signed instruction 302. As trusted report 310 is produced in the TEE by the TEE executing the second set of computer instructions, an attacker attempting to produce an unauthorized signed instruction cannot produce an associated trusted report.

Another possible relationship between the primary outcome of executing the primary set of computer instructions by processor 101, the first outcome of executing the first set of computer instructions in TEE 111, and the auxiliary outcome of executing the second set of computer instructions in TEE 111, comprises policing access to private data stored in data storage 122. Reference is now made also to FIG. 4, showing a schematic block diagram representing an exemplary flow of data 400 for accessing private data, according to some embodiments of the present invention. In such embodiments, TEE 101 receives request 401 from a requester, optionally executed by other processor 131. Optionally request 401 is to retrieve a private data value from data storage 122. Optionally, TEE 111 executes the second set of computer instructions to compute an authorization value, optionally accessing in 402 an identified policy. Optionally, the identified policy is stored in a blockchain based ledger. Optionally, in 402 TEE 11 1 accesses an authorization service implementing the identified policy, such as an OAuth based authorization service. Optionally, TEE 111 executes the first set of computer instructions to read the private value in 420 subject to the authorization value. Thus, access to data storage 122 in 420 is policed according to the identified policy. TEE 111 optionally provides the private data value for a response 411 to the requester subject to the authorization value. As data storage 122 is accessed by TEE 111 executing the first set of computer instructions, subject to the authorization value produced by the TEE executing the second set of computer instructions, an attacker cannot access data storage 122.

Reference is now made again to FIG. 2. When processor 101, via TEE 111, sends in 221 an indication of the modification instruction, the indication may be used to audit system 100. Reference is now made also to FIG. 5, showing a flowchart schematically representing an optional flow of operations 500 for auditing, according to some embodiments of the present invention. In such embodiments, processor 101 sends the indication of modification instruction to other processor 131. In 501, other processor 131 optionally receives an indication of executing the modification instruction, for example from processor 101 or from an additional processor configured to receive the modification instruction from processor 101. In 511, other processor 131 optionally applies an audit test to identify the indication of executing the modification instruction in the indication of the modification instruction, for example in a log repository or a report. For example, when a target balance of a target bank account is incremented, other processor 131 may receive an indication of the increment. In this example, processor 131 applies the audit test to identify the increment in an instruction to modify the target bank account. Subject to failure of the audit test, in 521 other processor 131 optionally outputs an audit indication. For example, subject to failing to identify the increment in an instruction to modify the target bank account, other processor 131 may output an audit indication to alert a manager of a possibly unauthorized increment in the target balance of the target bank account.

The descriptions of the various embodiments of the present invention have been presented for purposes of illustration, but are not intended to be exhaustive or limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein was chosen to best explain the principles of the embodiments, the practical application or technical improvement over technologies found in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.

It is expected that during the life of a patent maturing from this application many relevant trusted execution environments will be developed and the scope of the term Trusted Execution Environment is intended to include all such new technologies a priori.

As used herein the term“about” refers to ± 10 %.

The terms "comprises", "comprising", "includes", "including", “having” and their conjugates mean "including but not limited to". This term encompasses the terms "consisting of' and "consisting essentially of'.

The phrase "consisting essentially of' means that the composition or method may include additional ingredients and/or steps, but only if the additional ingredients and/or steps do not materially alter the basic and novel characteristics of the claimed composition or method.

As used herein, the singular form "a", "an" and "the" include plural references unless the context clearly dictates otherwise. For example, the term "a compound" or "at least one compound" may include a plurality of compounds, including mixtures thereof.

The word“exemplary” is used herein to mean“serving as an example, instance or illustration”. Any embodiment described as“exemplary” is not necessarily to be construed as preferred or advantageous over other embodiments and/or to exclude the incorporation of features from other embodiments. The word“optionally” is used herein to mean“is provided in some embodiments and not provided in other embodiments”. Any particular embodiment of the invention may include a plurality of“optional” features unless such features conflict.

Throughout this application, various embodiments of this invention may be presented in a range format. It should be understood that the description in range format is merely for convenience and brevity and should not be construed as an inflexible limitation on the scope of the invention. Accordingly, the description of a range should be considered to have specifically disclosed all the possible subranges as well as individual numerical values within that range. For example, description of a range such as from 1 to 6 should be considered to have specifically disclosed subranges such as from 1 to 3, from 1 to 4, from 1 to 5, from 2 to 4, from 2 to 6, from 3 to 6 etc., as well as individual numbers within that range, for example, 1, 2, 3, 4, 5, and 6. This applies regardless of the breadth of the range.

Whenever a numerical range is indicated herein, it is meant to include any cited numeral (fractional or integral) within the indicated range. The phrases“ranging/ranges between” a first indicate number and a second indicate number and“ranging/ranges from” a first indicate number “to” a second indicate number are used herein interchangeably and are meant to include the first and second indicated numbers and all the fractional and integral numerals therebetween.

It is appreciated that certain features of the invention, which are, for clarity, described in the context of separate embodiments, may also be provided in combination in a single embodiment. Conversely, various features of the invention, which are, for brevity, described in the context of a single embodiment, may also be provided separately or in any suitable subcombination or as suitable in any other described embodiment of the invention. Certain features described in the context of various embodiments are not to be considered essential features of those embodiments, unless the embodiment is inoperative without those elements.

All publications, patents and patent applications mentioned in this specification are herein incorporated in their entirety by reference into the specification, to the same extent as if each individual publication, patent or patent application was specifically and individually indicated to be incorporated herein by reference. In addition, citation or identification of any reference in this application shall not be construed as an admission that such reference is available as prior art to the present invention. To the extent that section headings are used, they should not be construed as necessarily limiting.