公开(公告)号：US10554634B2

公开(公告)日：2020-02-04

申请号：US15721723

申请日：2017-09-29

Applicant: INTEL CORPORATION

Inventor： Mic Bowman ,  Andrea Miele ,  James P. Held ,  Anand Rajan

IPC: H04L29/06 ,  H04L9/32 ,  G06F21/57 ,  H04L9/08

Abstract: Techniques for sharing private data objects in a trusted execution environment using a distributed ledger are described. The techniques described herein may enable sharing of data objects, referred to herein as private data objects (PDOs), between individuals and organizations with access and update policies mediated by execution of code (referred to herein as a “smart contract”) carried with the PDO in a secure enclave. A distributed ledger may serve as a “public commit log” to ensure that there is a single, authoritative instance of the object and provide a means of guaranteeing atomicity of updates across interacting objects.

公开(公告)号：US10541804B2

公开(公告)日：2020-01-21

申请号：US15721709

申请日：2017-09-29

Applicant: INTEL CORPORATION

Inventor： Mic Bowman ,  Andrea Miele

IPC: H04L9/32 ,  H04L9/00 ,  H04W12/04 ,  H04L9/06 ,  G06F9/445

Abstract: Techniques for securely provisioning a set of enclaves are described. A contract owner may register with a shared registry. A subset of enclaves may be selected to be provisioned from among a plurality of enclaves. A keyshare may be requested from one or more provisioning services for each of the subset of enclaves to be provisioned. The requested keyshares may be received from each provisioning service for each of the subset of enclaves to be provisioned. For each of the selected enclaves, the received keyshares may be sent for verification by the enclave. Each of the selected enclaves may send an authenticated and encrypted key derived from the received keyshares.

公开(公告)号：US12041037B2

公开(公告)日：2024-07-16

申请号：US18234593

申请日：2023-08-16

Applicant: INTEL CORPORATION

Inventor： Mic Bowman ,  Andrea Miele ,  James P. Held ,  Anand Rajan

IPC: H04L9/40 ,  G06F21/57 ,  G06F21/62 ,  H04L9/08 ,  H04L9/32 ,  H04L9/00

CPC classification number: H04L63/0428 ,  G06F21/57 ,  G06F21/6218 ,  H04L9/0822 ,  H04L9/3234 ,  H04L9/3236 ,  H04L63/123 ,  H04L9/50

Abstract: Techniques for sharing private data objects in a trusted execution environment using a distributed ledger are described. The techniques described herein may enable sharing of data objects, referred to herein as private data objects (PDOs), between individuals and organizations with access and update policies mediated by execution of code (referred to herein as a “smart contract”) carried with the PDO in a secure enclave. A distributed ledger may serve as a “public commit log” to ensure that there is a single, authoritative instance of the object and provide a means of guaranteeing atomicity of updates across interacting objects.

公开(公告)号：US11243977B2

公开(公告)日：2022-02-08

申请号：US16290780

申请日：2019-03-01

Applicant: Intel Corporation

Inventor： Mic Bowman ,  Andrea Miele

IPC: G06F16/00 ,  G06F16/27 ,  G06F16/23

Abstract: Various embodiments are generally directed to an apparatus, system, and other techniques for shared, trusted token generation for a token-bucket flow control policy implemented in a distributed ledger. Tokens may be generated by blocks in the distributed ledger, which may be a blockchain system. Trusted execution hardware may be used as a proof algorithm to ensure that a token exists, and that client has legitimately acquired or accumulated the token prior to using it to submit a transaction.

公开(公告)号：US11239994B2

公开(公告)日：2022-02-01

申请号：US16665524

申请日：2019-10-28

Applicant: INTEL CORPORATION

Inventor： Mic Bowman ,  Andrea Miele

IPC: H04L9/00 ,  H04W12/04 ,  H04L9/06 ,  G06F9/445 ,  H04L9/08 ,  H04L9/32 ,  H04L29/06

Abstract: Techniques for securely provisioning a set of enclaves are described. A contract owner may register with a shared registry. A subset of enclaves may be selected to be provisioned from among a plurality of enclaves. A keyshare may be requested from one or more provisioning services for each of the subset of enclaves to be provisioned. The requested keyshares may be received from each provisioning service for each of the subset of enclaves to be provisioned. For each of the selected enclaves, the received keyshares may be sent for verification by the enclave. Each of the selected enclaves may send an authenticated and encrypted key derived from the received keyshares.

公开(公告)号：US20190058577A1

公开(公告)日：2019-02-21

申请号：US15721709

申请日：2017-09-29

Applicant: INTEL CORPORATION

Inventor： Mic Bowman ,  Andrea Miele

IPC: H04L9/00 ,  G06F9/445 ,  H04L9/06 ,  H04W12/04

CPC classification number: H04L9/006 ,  G06F9/44505 ,  H04L9/06 ,  H04L9/0825 ,  H04L9/085 ,  H04L9/3234 ,  H04L9/3247 ,  H04L63/0823 ,  H04W12/04

Abstract: Techniques for securely provisioning a set of enclaves are described. A contract owner may register with a shared registry. A subset of enclaves may be selected to be provisioned from among a plurality of enclaves. A keyshare may be requested from one or more provisioning services for each of the subset of enclaves to be provisioned. The requested keyshares may be received from each provisioning service for each of the subset of enclaves to be provisioned. For each of the selected enclaves, the received keyshares may be sent for verification by the enclave. Each of the selected enclaves may send an authenticated and encrypted key derived from the received keyshares.