公开(公告)号：US09413765B2

公开(公告)日：2016-08-09

申请号：US14225140

申请日：2014-03-25

Applicant: INTEL CORPORATION

Inventor： Robert C. Swanson ,  Daniel Nemiroff ,  Vincent J. Zimmer ,  Mallik Bulusu ,  John R. Lindsley ,  Robert W. Cone ,  Malay Trivedi ,  Piotr Kwidzinski

IPC: H04L29/06 ,  G06F21/55 ,  G06F21/57

CPC classification number: H04L63/10 ,  G06F3/0622 ,  G06F3/0637 ,  G06F3/0683 ,  G06F13/28 ,  G06F21/554 ,  G06F21/57 ,  G06F21/572

Abstract: Embodiments of multinode hubs for trust operations are disclosed herein. In some embodiments, a multinode hub may include a plurality of memory regions, a trapping module, and a trusted platform module (TPM) component. Each memory region may be associated with and receive trust operation data from a coherent computing node. The trapping module may generate trap notifications in response to accesses to the plurality of memory regions by the associated coherent computing nodes. The trap notifications may indicate which of the plurality of memory locations has been accessed, and the TPM component may process the trust operation data in a memory region indicated by a trap notification. Other embodiments may be disclosed and/or claimed.

Abstract translation: 本文公开了用于信任操作的多节点集线器的实施例。 在一些实施例中，多节点集线器可以包括多个存储器区域，陷阱模块和可信平台模块（TPM）组件。 每个存储器区域可以与相干计算节点相关联并接收来自相干计算节点的信任操作数据。 捕获模块可以响应于相关联的相干计算节点对多个存储器区域的访问而产生陷阱通知。 陷阱通知可以指示已经访问了多个存储器位置中的哪一个，并且TPM组件可以处理由陷阱通知指示的存储器区域中的信任操作数据。 可以公开和/或要求保护其他实施例。

公开(公告)号：US08965749B2

公开(公告)日：2015-02-24

申请号：US13848133

申请日：2013-03-21

Applicant: Intel Corporation

Inventor： Palsamy Sakthikumar ,  Michael A. Rothman ,  Vincent J. Zimmer ,  Robert C. Swanson ,  Mallik Bulusu

IPC: G06F9/455 ,  G06F13/10 ,  G06F21/57 ,  G06F9/48

CPC classification number: G06F13/105 ,  G06F9/4812 ,  G06F21/572 ,  G06F2221/2105

Abstract: A method, apparatus, system, and computer program product for secure server system management. A payload containing system software and/or firmware updates is distributed in an on-demand, secure I/O operation. The I/O operation is performed via a secured communication channel inaccessible by the server operating system to an emulated USB drive. The secure communication channel can be established for the I/O operation only after authenticating the recipient of the payload, and the payload can be protected from access by a potentially-infected server operating system. Furthermore, the payload can be delivered on demand rather than relying on a BIOS update schedule, and the payload can be delivered at speeds of a write operation to a USB drive.

Abstract translation: 一种用于安全服务器系统管理的方法，设备，系统和计算机程序产品。 包含系统软件和/或固件更新的有效载荷以按需安全I / O操作分发。 I / O操作通过服务器操作系统无法访问到模拟USB驱动器的安全通信通道执行。 只有在验证有效负载的收件人之后，才能为I / O操作建立安全通信通道，并且可以保护有效负载免受潜在感染的服务器操作系统的访问。 此外，有效载荷可以按需传送，而不是依赖于BIOS更新计划，并且有效载荷可以以写入操作的速度传送到USB驱动器。

公开(公告)号：US09781117B2

公开(公告)日：2017-10-03

申请号：US15204799

申请日：2016-07-07

Applicant: Intel Corporation

Inventor： Robert C. Swanson ,  Daniel Nemiroff ,  Vincent J. Zimmer ,  Mallik Bulusu ,  John R. Lindsley ,  Robert W. Cone ,  Malay Trivedi ,  Piotr Kwidzinski

IPC: G06F3/06 ,  H04L29/06 ,  G06F21/55 ,  G06F21/57 ,  G06F13/28

CPC classification number: H04L63/10 ,  G06F3/0622 ,  G06F3/0637 ,  G06F3/0683 ,  G06F13/28 ,  G06F21/554 ,  G06F21/57 ,  G06F21/572

Abstract: Embodiments of multinode hubs for trust operations are disclosed herein. In some embodiments, a multinode hub may include a plurality of memory regions, a trapping module, and a trusted platform module (TPM) component. Each memory region may be associated with and receive trust operation data from a coherent computing node. The trapping module may generate trap notifications in response to accesses to the plurality of memory regions by the associated coherent computing nodes. The trap notifications may indicate which of the plurality of memory locations has been accessed, and the TPM component may process the trust operation data in a memory region indicated by a trap notification. Other embodiments may be disclosed and/or claimed.

公开(公告)号：US09686281B2

公开(公告)日：2017-06-20

申请号：US14938223

申请日：2015-11-11

Applicant: Intel Corporation

Inventor： Mallik Bulusu ,  Robert Bruce Bahnsen ,  Vincent J. Zimmer ,  Robert S. Gittins ,  Robert C. Swanson

IPC: G06F21/00 ,  H04L29/06 ,  H04W12/08 ,  H04W12/06

CPC classification number: H04L63/0876 ,  G06F21/00 ,  H04L63/08 ,  H04W12/06 ,  H04W12/08

Abstract: An embodiment includes a secure and stable method for sending information across a compute continuum. For example, the method may include executing an application (e.g., video player) on a first node (e.g., tablet) with a desire to perform “context migration” to a second node (e.g., desktop). This may allow a user to watch a movie on the tablet, stop watching the movie, and then resume watching the movie from the desktop. To do so in a secure and stable manner, the first node may request security and performance credentials from the second node. If both credential sets satisfy thresholds, the first node may transfer content (e.g., encrypted copy of a movie) and state information (e.g., placeholder indicating where the movie was when context transfer began). The second node may then allow the user to resume his or her movie watching from the desktop. Other embodiments are described herein.

公开(公告)号：US20160323284A1

公开(公告)日：2016-11-03

申请号：US15204799

申请日：2016-07-07

Applicant: Intel Corporation

Inventor： Robert C. Swanson ,  Daniel Nemiroff ,  Vincent J. Zimmer ,  Mallik Bulusu ,  John R. Lindsley ,  Robert W. Cone ,  Malay Trivedi ,  Piotr Kwidzinski

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/55 ,  G06F3/06

CPC classification number: H04L63/10 ,  G06F3/0622 ,  G06F3/0637 ,  G06F3/0683 ,  G06F13/28 ,  G06F21/554 ,  G06F21/57 ,  G06F21/572

Abstract: Embodiments of multinode hubs for trust operations are disclosed herein. In some embodiments, a multinode hub may include a plurality of memory regions, a trapping module, and a trusted platform module (TPM) component. Each memory region may be associated with and receive trust operation data from a coherent computing node. The trapping module may generate trap notifications in response to accesses to the plurality of memory regions by the associated coherent computing nodes. The trap notifications may indicate which of the plurality of memory locations has been accessed, and the TPM component may process the trust operation data in a memory region indicated by a trap notification. Other embodiments may be disclosed and/or claimed.

公开(公告)号：US20160292038A1

公开(公告)日：2016-10-06

申请号：US15178142

申请日：2016-06-09

Applicant: Intel Corporation

Inventor： Robert C. Swanson ,  Mariusz Oriol ,  Janusz Jurski ,  Piotr Sawicki ,  Robert W. Cone ,  William J. O'Sullivan ,  Mariusz Stepka ,  Babak Nikjou ,  Madhusudhan Rangarajan ,  Pawel Szymanski ,  Piotr Kwidzinski ,  Robert Bahnsen ,  Mallik Bulusu

IPC: G06F11/14 ,  G06F9/48 ,  G06F1/32

CPC classification number: G06F11/142 ,  G06F1/3296 ,  G06F9/4881 ,  G06F9/5027 ,  G06F9/5088 ,  G06F11/14 ,  G06F11/2023 ,  G06F11/2028 ,  G06F11/203 ,  G06F11/2033 ,  G06F11/2035 ,  G06F11/2043 ,  G06F2201/805 ,  G06F2201/85

Abstract: Technologies for providing manageability redundancy for micro server and clustered System-on-a-Chip (SoC) deployments are presented. A configurable multi-processor apparatus may include multiple integrated circuit (IC) blocks where each IC block includes a task block to perform one or more assignable task functions and a management block to perform management functions with respect to the corresponding IC block. Each task block and each management block may include one or more instruction processors and corresponding memory. Each IC block may be controllable to perform a function of one or more other IC blocks. The IC blocks may communicate with each other via a management communication infrastructure that may include a communication path from each of the management blocks to each of the other management blocks. Via the management communication infrastructure, the management blocks may bridge communication paths between pairs of management blocks.