公开(公告)号：US20160379207A1

公开(公告)日：2016-12-29

申请号：US14750992

申请日：2015-06-25

Applicant: INTEL CORPORATION

Inventor： Patrick Koeberl ,  Nikhil M. Deshpande ,  Anand Rajan

IPC: G06Q20/34 ,  G06Q20/22 ,  G06Q20/40

CPC classification number: G06Q20/3572 ,  G06Q20/227 ,  G06Q20/341 ,  G06Q20/3576 ,  G06Q20/40145 ,  G06Q20/409

Abstract: An apparatus for aggregating secured credentials is described herein. The apparatus includes a processor and a memory. The memory includes code causing the processor to provision a plurality of secured credentials on the apparatus. The code causes the processor to isolate the secured credentials from each other in the memory. The code also causes the processor to emulate a selected secured credential from the secured credentials for a transaction.

Abstract translation: 本文描述了用于聚合安全凭证的装置。 该装置包括处理器和存储器。 存储器包括使处理器在设备上提供多个安全凭证的代码。 该代码使处理器将存储器中的安全证书彼此隔离开。 该代码还使得处理器从事务的安全凭证中模拟选定的安全凭证。

公开(公告)号：US11783081B2

公开(公告)日：2023-10-10

申请号：US17022177

申请日：2020-09-16

Applicant: Intel Corporation

Inventor： David M. Durham ,  Ravi L. Sahita ,  Barry E. Huntley ,  Nikhil M. Deshpande

IPC: G06F21/62 ,  H04L9/08 ,  H04L9/32 ,  G06F21/53 ,  H04L29/06 ,  H04L9/40

CPC classification number: G06F21/6245 ,  G06F21/53 ,  H04L9/08 ,  H04L9/0894 ,  H04L9/3236 ,  H04L63/06

Abstract: In a method to utilize a secure public cloud, a computer receives a domain manager image and memory position-dependent address information in response to requesting a service from a cloud services provider. The computer also verifies the domain manager image and identifies a key domain key to be used to encrypt data stored in a key domain of a key domain-capable server. The computer also uses the key domain key and the memory-position dependent address information to encrypt a domain launch image such that the encrypted domain launch image is cryptographically bound to at least one memory location of the key domain. The computer also encrypts the key domain key and sends the encrypted domain launch image and the encrypted key domain key to the key domain-capable server, to cause a processor of the key domain-capable server to create the key domain. Other embodiments are described and claimed.

公开(公告)号：US10810321B2

公开(公告)日：2020-10-20

申请号：US15293967

申请日：2016-10-14

Applicant: Intel Corporation

Inventor： David M. Durham ,  Ravi L. Sahita ,  Barry E. Huntley ,  Nikhil M. Deshpande

IPC: G06F21/62 ,  H04L9/08 ,  H04L9/32 ,  G06F21/53 ,  H04L29/06

Abstract: A method, system, computer-readable media, and apparatus for ensuring a secure cloud environment is provided, where public cloud services providers can remove their code from the Trusted Computing Base (TCB) of their cloud services consumers. The method for ensuring a secure cloud environment keeps the Virtual Machine Monitor (VMM), devices, firmware and the physical adversary (where a bad administrator/technician attempts to directly access the cloud host hardware) outside of a consumer's Virtual Machine (VM) TCB. Only the consumer that owns this secure VM can modify the VM or access contents of the VM (as determined by the consumer).

公开(公告)号：US20180046823A1

公开(公告)日：2018-02-15

申请号：US15293967

申请日：2016-10-14

Applicant: Intel Corporation

Inventor： David M. Durham ,  Ravi L. Sahita ,  Barry E. Huntley ,  Nikhil M. Deshpande

IPC: G06F21/62 ,  G06F21/53 ,  H04L9/08 ,  H04L29/06

CPC classification number: G06F21/6245 ,  G06F21/53 ,  H04L9/08 ,  H04L9/0894 ,  H04L9/3236 ,  H04L63/06

Abstract: A method, system, computer-readable media, and apparatus for ensuring a secure cloud environment is provided, where public cloud services providers can remove their code from the Trusted Computing Base (TCB) of their cloud services consumers. The method for ensuring a secure cloud environment keeps the Virtual Machine Monitor (VMM), devices, firmware and the physical adversary (where a bad administrator/technician attempts to directly access the cloud host hardware) outside of a consumer's Virtual Machine (VM) TCB. Only the consumer that owns this secure VM can modify the VM or access contents of the VM (as determined by the consumer).

公开(公告)号：US20210004483A1

公开(公告)日：2021-01-07

申请号：US17022177

申请日：2020-09-16

Applicant: Intel Corporation

Inventor： David M. Durham ,  Ravi L. Sahita ,  Barry E. Huntley ,  Nikhil M. Deshpande

IPC: G06F21/62 ,  H04L9/08 ,  H04L9/32 ,  G06F21/53 ,  H04L29/06

Abstract: In a method to utilize a secure public cloud, a computer receives a domain manager image and memory position-dependent address information in response to requesting a service from a cloud services provider. The computer also verifies the domain manager image and identifies a key domain key to be used to encrypt data stored in a key domain of a key domain-capable server. The computer also uses the key domain key and the memory-position dependent address information to encrypt a domain launch image such that the encrypted domain launch image is cryptographically bound to at least one memory location of the key domain. The computer also encrypts the key domain key and sends the encrypted domain launch image and the encrypted key domain key to the key domain-capable server, to cause a processor of the key domain-capable server to create the key domain. Other embodiments are described and claimed.