公开(公告)号：US20170171218A1

公开(公告)日：2017-06-15

申请号：US15435550

申请日：2017-02-17

Applicant: Intel Corporation

Inventor： Keith Shippy ,  Tobias Kohlenberg ,  Mubashir Mian ,  Ned Smith ,  Omer Ben-Shalom ,  Tarun Viswanathan ,  Dennis Morgan ,  Timothy Verrall ,  Manish Dave ,  Eran Birk

IPC: H04L29/06

CPC classification number: H04L63/105 ,  G06F21/316 ,  G06F2221/2105 ,  G06F2221/2113 ,  H04L63/08 ,  H04L2463/082 ,  H04W12/06 ,  H04W88/02

Abstract: Systems and methods may provide for receiving runtime input from one or more unlock interfaces of a device and selecting a level of access with regard to the device from a plurality of levels of access based on the runtime input. The selected level of access may have an associated security policy, wherein an authentication of the runtime input may be conducted based on the associated security policy. In one example, one or more cryptographic keys are used to place the device in an unlocked state with regard to the selected level of access if the authentication is successful. If the authentication is unsuccessful, on the other hand, the device may be maintained in a locked state with regard to the selected level of access.

公开(公告)号：US20150179033A1

公开(公告)日：2015-06-25

申请号：US14354486

申请日：2013-12-23

Applicant: Intel Corporation

Inventor： Eran Birk ,  Omer Ben-Shalom ,  Yosi Govezensky ,  Yoram Hassidim

IPC: G08B13/14

CPC classification number: G08B13/1427 ,  G06F21/445 ,  G06F2221/2101 ,  G06F2221/2111 ,  G06F2221/2115 ,  G08B21/0261 ,  G08B21/0269 ,  G08B21/0277 ,  H04W4/021

Abstract: An item of value comprises an assembly of parts. The parts comprise a component that has value independent of the item, and an assembly security system that is operable to communicate with a central security system via a wide area network. The component comprises a component security system that is operable to communicate with the assembly security system. The assembly security system is operable to perform operations comprising (a) saving component data that identifies the component as part of the item; (b) after saving the component data, monitoring the component, via the component security system, to automatically determine whether the component has left a predetermined zone of proximity, relative to the item; and (c) in response to determining that the component has left the predetermined zone of proximity, automatically notifying the central security system that the component has left the predetermined zone of proximity. Other embodiments are described and claimed.

Abstract translation: 价值项包括零件的组装。 这些部件包括具有与项目无关的值的组件，以及可操作以经由广域网与中央安全系统通信的组装安全系统。 该组件包括可操作以与组装安全系统通信的组件安全系统。 组装安全系统可操作以执行操作，包括（a）将组件数据保存为项目的一部分; （b）在保存组件数据之后，通过组件安全系统监视组件以自动确定组件是否已经相对于项目已经离开预定的接近区域; 和（c）响应于确定组件已经离开预定的接近区域，自动通知中央安全系统组件已经离开预定的接近区域。 描述和要求保护其他实施例。

公开(公告)号：US11856032B2

公开(公告)日：2023-12-26

申请号：US17481215

申请日：2021-09-21

Applicant: Intel Corporation

Inventor： Tarun Viswanathan ,  Uri Kahana ,  Alan Ross ,  Eran Birk

IPC: H04L9/40

CPC classification number: H04L63/205 ,  H04L63/08 ,  H04L63/105

Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.

公开(公告)号：US20220217181A1

公开(公告)日：2022-07-07

申请号：US17481215

申请日：2021-09-21

Applicant: Intel Corporation

Inventor： Tarun Viswanathan ,  Uri Kahana ,  Alan Ross ,  Eran Birk

IPC: H04L9/40

Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.

公开(公告)号：US11252198B2

公开(公告)日：2022-02-15

申请号：US16567504

申请日：2019-09-11

Applicant: Intel Corporation

Inventor： Tarun Viswanathan ,  Uri Kahana ,  Alan Ross ,  Eran Birk

IPC: H04L29/06

Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.

公开(公告)号：US20180068091A1

公开(公告)日：2018-03-08

申请号：US15256964

申请日：2016-09-06

Applicant: Intel Corporation

Inventor： Tamara Gaidar ,  Eran Birk ,  Nava Levy ,  Glen J. Anderson ,  Ned M. Smith

IPC: G06F21/10 ,  G06F21/16

CPC classification number: G06F21/10 ,  G06F21/16 ,  G06F21/64 ,  G06F2221/0733

Abstract: A client platform supports digital rights management. The client platform comprises a digital rights management (DRM) engine which, when executed, enables the client platform to monitor download operations performed by the client platform and to obtain a shadow image for a digital content item from a DRM blockchain, in response to an operation to download the digital content item from a remote source. The shadow image comprises a hash of the digital content item and copyright policy settings to indicate security constraints for the digital content item. The client platform may automatically determine whether the copyright policy settings for the digital content item allow modification of the digital content item. A user may be allowed to create a modified version of the digital content item only if the copyright policy settings allow modification of the digital content item. Other embodiments are described and claimed.

公开(公告)号：US09578037B2

公开(公告)日：2017-02-21

申请号：US14951654

申请日：2015-11-25

Applicant: Intel Corporation

Inventor： Keith Shippy ,  Tobias Kohlenberg ,  Mubashir Mian ,  Ned Smith ,  Omer Ben-Shalom ,  Tarun Viswanathan ,  Dennis Morgan ,  Timothy Verrall ,  Manish Dave ,  Eran Birk

IPC: G06F17/00 ,  H04L29/06 ,  G06F21/31 ,  H04W12/06 ,  H04W88/02

CPC classification number: H04L63/105 ,  G06F21/316 ,  G06F2221/2105 ,  G06F2221/2113 ,  H04L63/08 ,  H04L2463/082 ,  H04W12/06 ,  H04W88/02

Abstract: Systems and methods may provide for receiving runtime input from one or more unlock interfaces of a device and selecting a level of access with regard to the device from a plurality of levels of access based on the runtime input. The selected level of access may have an associated security policy, wherein an authentication of the runtime input may be conducted based on the associated security policy. In one example, one or more cryptographic keys are used to place the device in an unlocked state with regard to the selected level of access if the authentication is successful. If the authentication is unsuccessful, on the other hand, the device may be maintained in a locked state with regard to the selected level of access.

Abstract translation: 系统和方法可以提供用于从设备的一个或多个解锁接口接收运行时间输入，并且基于运行时间输入从多个访问级别中选择关于设备的访问级别。 所选择的访问级别可以具有相关联的安全策略，其中可以基于相关联的安全策略来执行运行时输入的认证。 在一个示例中，如果认证成功，则使用一个或多个加密密钥来将设备关于所选择的访问级别放置在解锁状态。 如果认证不成功，另一方面，相对于所选择的访问级别，设备可以保持在锁定状态。

公开(公告)号：US20160323297A1

公开(公告)日：2016-11-03

申请号：US15081992

申请日：2016-03-28

Applicant: Intel Corporation

Inventor： Gal Chanoch ,  Eran Birk ,  Baiju Patel ,  Steven Grobman ,  Tobias Kohlenberg ,  Rajeev Gopalakrishna

IPC: H04L29/06

CPC classification number: H04L63/1408 ,  G06F21/54 ,  H04L63/10

Abstract: Technologies are provided in embodiments for receiving policy information associated with at least one security exception, the security exception relating to execution of at least one program, determining an operation associated with the security exception based, at least in part, on the policy information, and causing the operation to be performed, based at least in part, on a determination that the at least one security exception occurred.

Abstract translation: 在用于接收与至少一个安全异常相关联的策略信息，与至少一个程序的执行有关的安全异常，至少部分地基于策略信息确定与所述安全异常相关联的操作的实施例中提供技术，以及 至少部分地基于确定发生了至少一个安全异常来执行操作。

公开(公告)号：US10511638B2

公开(公告)日：2019-12-17

申请号：US16168273

申请日：2018-10-23

Applicant: Intel Corporation

Inventor： Tarun Viswanathan ,  Uri Kahana ,  Alan D. Ross ,  Eran Birk

IPC: H04L29/06

Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.

公开(公告)号：US20190058737A1

公开(公告)日：2019-02-21

申请号：US16168273

申请日：2018-10-23

Applicant: Intel Corporation

Inventor： Tarun Viswanathan ,  Uri Kahana ,  Alan D. Ross ,  Eran Birk

IPC: H04L29/06

CPC classification number: H04L63/205 ,  H04L63/08 ,  H04L63/105

Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.