BATTLE OF SKM AND IUM
blackhat2015
blackhat2015
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
STORAGE BLOBS<br />
• Secure Communications Channel between different <strong>IUM</strong> Trustlets with the same Instance GUID<br />
• Each Trustlet Instance has 2 Storage IDs<br />
• Each Storage ID can have an one of Storage Blob of up to 4088 bytes<br />
• The rest is used up by a header, for a total of 1 page<br />
• A Trustlet can get only Storage Blobs that belong to its own Instance GUID<br />
• All Storage Blobs are in a system-wide LIST_ENTRY called BlobList<br />
• Given the <strong>SKM</strong> Capability model we just saw, this means that Trustlet 3 can push data for the Instance<br />
GUID it manages, and Trustlet 2 can read data<br />
• We’ll shortly see why mailboxes and storage blobs exist – they are specialized for a particular purpose