BATTLE OF SKM AND IUM
1MHMIxh
1MHMIxh
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>SKM</strong> CAPABILITIES<br />
• The SkCapabilities array defines certain <strong>IUM</strong> System Calls that can be access controlled on an individual<br />
Trustlet basis using one of the following rules<br />
• AllowAll<br />
• CheckByTrustletId<br />
• CheckByTrustletInstanceGuid<br />
• SecureStorageGet and SecureStoragePut are the two <strong>IUM</strong> System Calls that currently check for<br />
capabilities<br />
• The Get API only allows Trustlet ID 2 to call it<br />
• The Set API only allows Trustlet ID 3 to call it<br />
• This implies a certain hardcoded knowledge of Trustlets baked into <strong>SKM</strong>