公开(公告)号：US20210377356A1

公开(公告)日：2021-12-02

申请号：US16887087

申请日：2020-05-29

Applicant: Intel Corporation

Inventor： FRANCESC GUIM BERNAT ,  KSHITIJ ARUN DOSHI ,  KENNETH SHOEMAKER ,  VINODH GOPAL ,  NED M. SMITH

IPC: H04L29/08 ,  H04L12/935 ,  H04L12/933 ,  H04L12/861 ,  H04L12/927

Abstract: In one embodiment, a method includes: receiving, in an edge platform, a plurality of messages from a plurality of edge devices coupled to the edge platform, the plurality of messages comprising metadata including priority information and granularity information; extracting at least the priority information from the plurality of messages; storing the plurality of messages in entries of a pending request queue according to the priority information; selecting a first message stored in the pending request queue for delivery to a destination circuit; and sending a message header for the first message to the destination circuit via at least one interface circuit, the message header including the priority information, and thereafter sending a plurality of packets including payload information of the first message to the destination circuit via the at least one interface circuit. Other embodiments are described and claimed.

公开(公告)号：US20170359374A1

公开(公告)日：2017-12-14

申请号：US15179986

申请日：2016-06-11

Applicant: Intel Corporation

Inventor： NED M. SMITH ,  RAJESH POORNACHANDRAN

IPC: H04L29/06 ,  G06F21/53

CPC classification number: G06F21/57 ,  G06F21/6245 ,  G06F21/64 ,  G06F2221/2149 ,  H04L9/3236 ,  H04L2209/127 ,  H04L2209/38

Abstract: A sequence mining platform (SMP) comprises a processor, at least one machine-accessible storage medium responsive to the processor, and a sequence manager in the machine-accessible storage medium. The sequence manager is configured to use processing resources to determine a sequence of nucleobases in a nucleic acid. The storage medium also comprises a blockchain manager to (a) collect transaction data for one or more transactions for a blockchain which requires a proof of work (POW) for each new block; and (b) include at least some of the transaction data in a new block for the blockchain. The storage medium also comprises a sequence mining module (SMM) to use the determined sequence of nucleobases from the sequence manager to create a POW for the new block. In one embodiment, the SMM enables an entity which controls the SMP to receive transaction rewards and sequencing rewards. Other embodiments are described and claimed.

公开(公告)号：US20170180122A1

公开(公告)日：2017-06-22

申请号：US14972931

申请日：2015-12-17

Applicant: Intel Corporation

Inventor： NED M. SMITH ,  RAJESH POORNACHANDRAN

IPC: H04L9/08 ,  H04L29/06

CPC classification number: H04L9/0833 ,  H04L9/0822 ,  H04L9/0825 ,  H04L63/065 ,  H04L2209/60

Abstract: An embodiment includes a method executed by at least one processor of a first computing node comprising: form a first group of computing nodes, wherein forming the first group comprises providing (a)(i) a public key and a first seed value to each of second and third nodes, (a)(ii) second and third private keys, which both correspond to the public key and are unequal to each other, respectively to the second and third nodes; determine a first key encryption key (KEK) pair based on the first seed value; determine a second KEK pair based on (b)(i) a second seed value that is derived from the first seed value, and (b)(ii) determining a predetermined time period has expired; and receive a symmetric key encrypted with a public key of the second KEK and decrypting the encrypted symmetric key with a private key of the second KEK. Other embodiments are described herein.

公开(公告)号：US20160142212A1

公开(公告)日：2016-05-19

申请号：US14542491

申请日：2014-11-14

Applicant: Intel Corporation

Inventor： NITIN V. SARANGDHAR ,  DANIEL NEMIROFF ,  NED M. SMITH ,  ERNIE BRICKELL ,  JIANGTAO LI

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3234 ,  G06F21/57 ,  G06F21/64 ,  H04L9/0861 ,  H04L9/0866 ,  H04L9/14 ,  H04L9/3263 ,  H04L2209/127

Abstract: This application is directed to trusted platform module certification and attestation utilizing an anonymous key system. In general, TPM certification and TPM attestation may be supported in a device utilizing integrated TPM through the use of anonymous key system (AKS) certification. An example device may comprise at least combined AKS and TPM resources that load AKS and TPM firmware (FW) into a runtime environment that may further include at least an operating system (OS) encryption module, an AKS service module and a TPM Certification and Attestation (CA) module. For TPM certification, the CA module may interact with the other modules in the runtime environment to generate a TPM certificate, signed by an AKS certificate, that may be transmitted to a certification platform for validation. For TPM attestation, the CA module may cause TPM credentials to be provided to the attestation platform for validation along with the TPM and/or AKS certificates.

Abstract translation: 该应用程序针对使用匿名密钥系统的可信平台模块认证和认证。 一般来说，通过使用匿名密钥系统（AKS）认证，可以在使用集成TPM的设备中支持TPM认证和TPM认证。 一个示例设备可以包括将AKS和TPM固件（FW）加载到可以进一步包括至少一个操作系统（OS）加密模块，AKS服务模块和TPM认证和认证的运行时环境中的至少组合的AKS和TPM资源 （CA）模块。 对于TPM认证，CA模块可以与运行时环境中的其他模块进行交互，以生成由AKS证书签名的TPM证书，该证书可能被传送到认证平台进行验证。 对于TPM认证，CA模块可能会使TPM凭据与TPM和/或AKS证书一起提供给认证平台进行验证。

公开(公告)号：US20160366141A1

公开(公告)日：2016-12-15

申请号：US14998275

申请日：2015-12-26

Applicant: Intel Corporation

Inventor： NED M. SMITH ,  SHAO-WEN YANG ,  NATHAN HELDT-SHELLER ,  THOMAS G. WILLIS

IPC: H04L29/06

CPC classification number: H04L63/101 ,  H04L41/12 ,  H04L63/062 ,  H04L63/08 ,  H04L63/104 ,  H04L67/12 ,  H04W4/70 ,  H04W12/04 ,  H04W12/08

Abstract: In one embodiment, a method includes: presenting, in a user interface of an authoring tool, a plurality of levels of abstraction for a network having a plurality of devices; receiving information from a user regarding a subset of the plurality of devices to be provisioned with one or more security keys and an access control policy; automatically provisioning a key schedule for the subset of the plurality of devices in the network based on the user input and a topological context of the network; and automatically provisioning the access control policy for the subset of the plurality of devices in the network based on the user input and the topological context of the network.

Abstract translation: 在一个实施例中，一种方法包括：在创作工具的用户界面中呈现具有多个设备的网络的多个抽象级别; 从用户接收关于要被提供的多个设备的子集的信息，其具有一个或多个安全密钥和访问控制策略; 基于所述用户输入和所述网络的拓扑上下文，自动地为所述网络中的所述多个设备的子集提供密钥调度; 以及基于所述用户输入和所述网络的拓扑上下文，自动地为所述网络中的所述多个设备的子集提供所述访问控制策略。

公开(公告)号：US20160366111A1

公开(公告)日：2016-12-15

申请号：US14864957

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： NED M. SMITH ,  NATHAN HELDT-SHELLER

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0435 ,  H04L63/062 ,  H04L63/065 ,  H04L63/0807 ,  H04L63/102 ,  H04L67/125 ,  H04L67/2809 ,  H04L69/03 ,  H04W4/80 ,  H04W12/04 ,  H04W84/18

Abstract: In one embodiment, a method includes: request enrollment of the device with an identity provider, the enrollment including at least one role for the device for a publish-subscribe protocol of a distributed network; receiving a device identity credential from the identity provider and store the device identity credential in the device; receiving a ticket credential for a first topic associated with a first publisher, the ticket credential including the at least one role for the device; receiving a group key from a key manager for a group associated with the publish-subscribe protocol; and receiving content for the first topic in the device, the content protected by the group key.

Abstract translation: 在一个实施例中，一种方法包括：请求使用身份提供者注册设备，所述注册包括用于分发网络的发布订阅协议的设备的至少一个角色; 从所述身份提供者接收设备身份凭证并将所述设备身份凭证存储在所述设备中; 接收与第一发行者相关联的第一主题的票据凭证，所述票据凭证包括所述设备的所述至少一个角色; 从与发布订阅协议相关联的组的密钥管理器接收组密钥; 以及接收设备中第一主题的内容，该组密钥保护的内容。

公开(公告)号：US20160366105A1

公开(公告)日：2016-12-15

申请号：US14864940

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： NED M. SMITH ,  MATS G. AGERSTAM

IPC: H04L29/06 ,  H04L29/08 ,  H04W76/02

CPC classification number: H04L63/0428 ,  H04L63/061 ,  H04L63/065 ,  H04L67/1063 ,  H04W12/04 ,  H04W76/14 ,  H04W88/16

Abstract: In one embodiment, a method includes: receiving, in a rendezvous server (RS), a first registration message (FRM) from a first registrar of a first network domain (FND), the FRM including a first device roster of a plurality of first devices of the FND; receiving, in the RS, a second registration message (SRM) from a second registrar of a second network domain (SND), the SRM including a second device roster of a plurality of second devices of the SND; and generating a first rendezvous point (RP) based at least in part on a plurality of key management server identifiers each associated with a key management server of the FND and SND, the first RP to enable the plurality of key management servers to perform key management exchange to generate at least one group key.

Abstract translation: 在一个实施例中，一种方法包括：在会合服务器（RS）中从第一网络域（FND）的第一注册器接收第一注册消息（FRM），所述FRM包括多个第一网络的第一设备名单 FND设备; 在RS中从第二网络域（SND）的第二注册器接收第二注册消息（SRM），所述SRM包括所述SND的多个第二设备的第二设备名单; 以及至少部分地基于与所述FND和SND的密钥管理服务器相关联的多个密钥管理服务器标识符生成第一会合点（RP），所述第一RP使所述多个密钥管理服务器执行密钥管理 交换以生成至少一个组密钥。

公开(公告)号：US20160006732A1

公开(公告)日：2016-01-07

申请号：US14812514

申请日：2015-07-29

Applicant: Intel Corporation

Inventor： NED M. SMITH ,  CONOR P. CAHILL ,  MICAH J. SHELLER ,  JASON MARTIN

IPC: H04L29/06 ,  G06F21/78 ,  G06F21/32

CPC classification number: H04L63/06 ,  G06F21/32 ,  G06F21/62 ,  G06F21/78 ,  H04L63/0861

Abstract: Generally, this disclosure describes technologies for securely storing and using biometric authentication information, such as biometric reference templates. In some embodiments, the technologies include a client device that stores one or more biometric reference templates in a memory thereof. The client device may transfer such templates to an authentication device. The transfer may be conditioned on verification that the authentication device includes a suitable protected environment for the templates and will execute an acceptable temporary storage policy. The technologies may also include an authentication device that is configured to temporarily store biometric reference templates received from a client device in a protected environment thereof. Upon completion of biometric authentication or the occurrence of a termination event, the authentication devices may delete the biometric reference templates from the protected environment.

Abstract translation: 通常，本公开描述了用于安全地存储和使用生物测定认证信息（诸如生物测定参考模板）的技术。 在一些实施例中，技术包括将一个或多个生物测定参考模板存储在其存储器中的客户端设备。 客户端设备可以将这样的模板传送到认证设备。 传输可以根据认证设备包括用于模板的合适的受保护环境并将执行可接受的临时存储策略的验证。 这些技术还可以包括认证设备，其被配置为在其受保护的环境中临时存储从客户端设备接收的生物测定参考模板。 在完成生物认证或发生终止事件时，认证设备可以从受保护的环境中删除生物测定参考模板。

公开(公告)号：US20180285217A1

公开(公告)日：2018-10-04

申请号：US15475574

申请日：2017-03-31

Applicant: Intel Corporation

Inventor： NED M. SMITH ,  THIAGO J. MACIEIRA ,  ZHENG ZHANG ,  GLEN J. ANDERSON ,  IGOR MUTTIK

IPC: G06F11/14

Abstract: Techniques for repair and/or recovery of computer program(s) installed on a programmable device using a distributed ledger that is based on cryptography and blockchain technology are described. One or more self-reliance logic/modules can commit, to a distributed ledger that resides on interconnected devices, records of watchdog communications between the devices. One or more of interconnected devices may include a respective self-reliance logic/module. The logic/modules can use the records of the distributed ledger to check that computer program(s) on the interconnected devices are operating as expected. When a self-reliance logic/module fails to respond to a watchdog communication, the distributed ledger can be updated to include this failure. A self-reliance logic/module can determine, based on the distributed ledger and/or the failure, that an installed computer program is faulty. Furthermore, a self-reliance logic/module can initiate one or more software recovery services based on the determination. Other advantages and embodiments are described.

公开(公告)号：US20180139194A1

公开(公告)日：2018-05-17

申请号：US15792044

申请日：2017-10-24

Applicant: Intel Corporation

Inventor： RAJESH POORNACHANDRAN ,  SAURABH DADU ,  NED M. SMITH

IPC: H04L29/06 ,  G06F17/24 ,  G06F21/12

CPC classification number: H04L63/062 ,  G06F17/241 ,  G06F21/12 ,  H04L63/0428

Abstract: Generally, this disclosure provides systems, methods and computer readable media for secure sharing of user annotated subscription media content with trusted devices. The shared content may include user specified snapshots of the media along with user supplied annotations. The system may include a host processor configured to arrange a secure session with a server and to receive the subscription media content from the server in an encrypted format. The system may also include a trusted execution environment (TEE) comprising a secure processor and secure storage configured to decrypt and store the media content, based on a content encryption key obtained from the server. The system may further be configured to: receive a snapshot frame request and annotations from the user; generate a composite image of the snapshot and an overlay including the annotations; and encrypt the composite image for sharing with other users.