公开(公告)号：US20160366157A1

公开(公告)日：2016-12-15

申请号：US14865198

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Nathan Heldt-Sheller ,  Sachin Agrawal ,  Mats G. Agerstam

IPC: H04L29/06

CPC classification number: H04L63/1416 ,  H04L63/06 ,  H04L63/10 ,  H04L63/20

Abstract: In one embodiment, a method includes receiving, in an on-boarding system for a first network, a request to transfer ownership of a first device having a trusted execution environment to a new owner; receiving, in the on-boarding system, notification information from a spectrum analyzer regarding wireless signal information within the first network; determining if a potential attacker is within a radio range of the first network based on the wireless signal information; responsive to determining that the potential attacker is within the radio range, manipulating a signal strength of the on-boarding system and the first device, to limit an emission range of the on-boarding system and the first device; and performing a native communication protocol between the on-boarding system and the first device to communicate ownership information to execute the ownership transfer to the new owner, and to cause the first device to store the ownership information in a storage of the first device.

Abstract translation: 在一个实施例中，一种方法包括在用于第一网络的登机系统中接收将具有可信执行环境的第一设备的所有权转移给新所有者的请求; 在所述登机系统中接收来自频谱分析仪的关于所述第一网络内的无线信号信息的通知信息; 基于所述无线信号信息确定潜在攻击者是否在所述第一网络的无线电范围内; 响应于确定潜在攻击者在无线电范围内，操纵登机系统和第一装置的信号强度，以限制登机系统和第一装置的发射范围; 以及在所述登机系统和所述第一设备之间执行本地通信协议以传送所有权信息以执行对所述新所有者的所有权转移，并且使所述第一设备将所述所有权信息存储在所述第一设备的存储器中。

公开(公告)号：US10678938B2

公开(公告)日：2020-06-09

申请号：US15941846

申请日：2018-03-30

Applicant: Intel Corporation

Inventor： Mats Gustav Agerstam ,  Ned M. Smith ,  Sachin Agrawal ,  Sebastian Salomon

IPC: G11C7/00 ,  G06F17/00 ,  G06F13/00 ,  G06F12/14 ,  G06F12/00 ,  G06F7/04 ,  G06F21/62 ,  G06F13/10 ,  G06F21/57 ,  G06F21/55 ,  G06F21/82

Abstract: Systems and techniques for trustworthy peripheral transfer of ownership are described herein. A unique peripheral identifier may be received from an ownership manifest of the peripheral device. The unique peripheral identifier may be transferred to a bus controller for a bus between the computing device and the peripheral device. A measurement may be received from the peripheral device by the basic input and output system of the computing device. A measurement of a computing platform of the computing device may be generated. The measurement may indicate peripheral devices interconnected to the computing device. Data transfer between the peripheral device and the computing device may be allowed via the bus based on validation of the measurement of the computing platform against a platform configuration register of the computing device.

公开(公告)号：US09008304B2

公开(公告)日：2015-04-14

申请号：US13729825

申请日：2012-12-28

Applicant: Intel Corporation

Inventor： Edward C. Epp ,  Sachin Agrawal ,  Michael Bergeron ,  Hormuzd M. Khosravi

IPC: H04L9/00 ,  G06F21/31

CPC classification number: G06F21/10

Abstract: This disclosure is directed to content protection key management. In general, devices may include secure processing resources configured to derive content keys (e.g., for use in decrypting secure content) using key ladders. In one embodiment, a device may comprise, for example, at least a secure processing module to derive content keys for use in decrypting secure content. The secure processing module may include, for example, a key ladder storage module and a secure key storage module. The key ladder storage module may be to store at least one key ladder for use in deriving at least one content key. The secure key storage module may be to store the at least one content key derived using the key ladder.

Abstract translation: 本公开涉及内容保护密钥管理。 通常，设备可以包括被配置为使用密钥梯子导出内容密钥（例如，用于解密安全内容）的安全处理资源。 在一个实施例中，设备可以包括例如至少一个安全处理模块，以导出用于解密安全内容的内容密钥。 安全处理模块可以包括例如密钥梯形图存储模块和安全密钥存储模块。 关键梯形图存储模块可以存储用于导出至少一个内容密钥的至少一个键梯。 安全密钥存储模块可以存储使用密钥梯子导出的至少一个内容密钥。

公开(公告)号：US10009359B2

公开(公告)日：2018-06-26

申请号：US14865198

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Nathan Heldt-Sheller ,  Sachin Agrawal ,  Mats G. Agerstam

IPC: H04L29/06

CPC classification number: H04L63/1416 ,  H04L63/06 ,  H04L63/10 ,  H04L63/20 ,  H04W12/003

Abstract: In one embodiment, a method includes receiving, in an on-boarding system for a first network, a request to transfer ownership of a first device to a new owner; receiving, in the on-boarding system, notification information from a spectrum analyzer regarding wireless signal information within the first network; determining if a potential attacker is within a radio range of the first network based on the wireless signal information; responsive to determining that the potential attacker is within the radio range, manipulating a signal strength of the on-boarding system and the first device, to limit an emission range of the on-boarding system and the first device; and performing a native communication protocol to communicate ownership information, and to cause the first device to store the ownership information in a storage of the first device.

公开(公告)号：US09342666B2

公开(公告)日：2016-05-17

申请号：US13664843

申请日：2012-10-31

Applicant: Intel Corporation

Inventor： Hormuzd M. Khosravi ,  Edward C. Epp ,  Sachin Agrawal

IPC: G06F21/10

CPC classification number: G06F21/10

Abstract: In accordance with some embodiments, technologies may be provided that is adaptable to any existing and potentially future digital rights management application. Thus, it is not necessary to provide duplicate systems to handle disparate digital rights formats in some embodiments.

Abstract translation: 根据一些实施例，可以提供适于任何现有和潜在的未来数字版权管理应用的技术。 因此，在一些实施例中，不需要提供重复的系统来处理不同的数字版权格式。

公开(公告)号：US20190042779A1

公开(公告)日：2019-02-07

申请号：US15941846

申请日：2018-03-30

Applicant: Intel Corporation

Inventor： Mats Gustav Agerstam ,  Ned M. Smith ,  Sachin Agrawal ,  Sebastian Salomon

IPC: G06F21/62 ,  G06F13/10

Abstract: Systems and techniques for trustworthy peripheral transfer of ownership are described herein. A unique peripheral identifier may be received from an ownership manifest of the peripheral device. The unique peripheral identifier may be transferred to a bus controller for a bus between the computing device and the peripheral device. A measurement may be received from the peripheral device by the basic input and output system of the computing device. A measurement of a computing platform of the computing device may be generated. The measurement may indicate peripheral devices interconnected to the computing device. Data transfer between the peripheral device and the computing device may be allowed via the bus based on validation of the measurement of the computing platform against a platform configuration register of the computing device.