公开(公告)号：US20160378688A1

公开(公告)日：2016-12-29

申请号：US14752227

申请日：2015-06-26

Applicant: Intel Corporation

Inventor： CARLOS V. ROZAS ,  MONA VIJ ,  REBEKAH M. LESLIE-HURD ,  KRYSTOF C. ZMUDZINSKI ,  SOMNATH CHAKRABARTI ,  FRANCIS X. MCKEEN ,  VINCENT R. SCARLATA ,  SIMON P. JOHNSON ,  ILYA ALEXANDROVICH ,  GILBERT NEIGER ,  VEDVYAS SHANBHOGUE ,  ITTAI ANATI

IPC: G06F12/14 ,  G06F9/30 ,  G06F21/60

CPC classification number: G06F12/1408 ,  G06F8/41 ,  G06F9/30145 ,  G06F9/45558 ,  G06F21/53 ,  G06F21/602 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2212/1052

Abstract: A processor includes a decode unit to decode an instruction that is to indicate a page of a protected container memory, and a storage location outside of the protected container memory. An execution unit, in response to the instruction, is to ensure that there are no writable references to the page of the protected container memory while it has a write protected state. The execution unit is to encrypt a copy of the page of the protected container memory. The execution unit is to store the encrypted copy of the page to the storage location outside of the protected container memory, after it has been ensured that there are no writable references. The execution unit is to leave the page of the protected container memory in the write protected state, which is also valid and readable, after the encrypted copy has been stored to the storage location.

Abstract translation: 处理器包括解码单元，用于解码指示受保护的容器存储器的页面的指令以及受保护的容器存储器之外的存储位置。 执行单元响应于该指令，是确保在受保护的容器存储器具有写保护状态时不存在对受保护的容器存储器的页的可写引用。 执行单元是加密受保护的容器存储器的页面的副本。 在确保没有可写入引用之后，执行单元将页面的加密副本存储到受保护的容器存储器外部的存储位置。 执行单元将保护的容器存储器的页面保留在写保护状态中，该保护状态在加密的副本已被存储到存储位置之后也是有效和可读的。

公开(公告)号：US20150254460A1

公开(公告)日：2015-09-10

申请号：US14721138

申请日：2015-05-26

Applicant: Intel Corporation

Inventor： JASON A. DAVIDSON ,  SOMNATH CHAKRABARTI ,  NEERU S. PAHWA ,  MICAH K. BHAKTI

IPC: G06F21/57 ,  G06F9/455 ,  G06F9/44

CPC classification number: G06F21/575 ,  G06F8/62 ,  G06F9/4416 ,  G06F9/44526 ,  G06F9/45533 ,  H04L67/34 ,  H04L67/42

Abstract: Generally, this disclosure provides methods and systems for dynamic feature enhancement in client server applications and for high volume server deployment with dynamic app store integration and further enable the delivery of a secure server in a pre-configured turnkey state through an automated process with increased efficiency tailored to mass production. The system may include a server application module configured to receive request packets from, and send response packets to, a web based client application, the packets comprising input data, output data and control commands associated with a feature; and a script engine module coupled to the server application module, the script engine module configured to identify a plug-in application on a remote server, download the plug-in application and execute the plug-in application under control of the server application module, wherein the plug-in application implements the feature.

Abstract translation: 通常，本公开提供了用于客户机服务器应用中的动态特征增强的方法和系统，以及通过动态应用商店集成进行大容量服务器部署的方法和系统，并且还使得能够通过自动化过程以预先配置的交钥匙状态递送安全服务器，效率提高 适合批量生产。 该系统可以包括：服务器应用模块，其被配置为从基于web的客户端应用接收包括输入数据，输出数据和与特征相关联的控制命令的分组的请求分组，并向其发送响应分组; 以及耦合到所述服务器应用模块的脚本引擎模块，所述脚本引擎模块被配置为识别远程服务器上的插件应用，下载所述插件应用并在所述服务器应用模块的控制下执行所述插件应用， 其中插件应用程序实现该特征。