-
公开(公告)号:US11615194B2
公开(公告)日:2023-03-28
申请号:US16975661
申请日:2018-06-29
Applicant: Intel Corporation
Inventor: Changzheng Wei , Ziye Yang , Junyuan Wang , Cunming Liang , Junhua Hou , Weigang Li , Ping Yu , Yi Yang , Baoqian Li , Xin Zeng
IPC: G06F21/60 , G06F16/14 , H04L9/08 , H04L9/40 , H04L67/1097
Abstract: Embodiments include apparatuses, methods, and systems including one or more servers and one or more storage devices, coupled with each other, to provide virtual storage service to store a file and meta data of the file for a client computing device. The file and the meta data of the file may be encrypted by the client computing device before providing to the virtual storage service. The file may be encrypted with a secret key of the client computing device, and the meta data of the file may be encrypted with a shared session key between the client computing device and the virtual storage service. The encrypted file may be stored in the one or more storage devices, and the encrypted meta data of the file may be stored in one or more secured areas of the one or more servers. Other embodiments may also be described and claimed.
-
公开(公告)号:US11372684B2
公开(公告)日:2022-06-28
申请号:US17220763
申请日:2021-04-01
Applicant: Intel Corporation
Inventor: Ned M. Smith , Changzheng Wei , Songwu Shen , Ziye Yang , Junyuan Wang , Weigang Li , Wenqian Yu
Abstract: Technologies for hybrid acceleration of code include a computing device (100) having a processor (120), a field-programmable gate array (FPGA) (130), and an application-specific integrated circuit (ASIC) (132). The computing device (100) offloads a service request, such as a cryptographic request or a packet processing request, to the FPGA (130). The FPGA (130) performs one or more algorithmic tasks of an algorithm to perform the service request. The FPGA (130) determines one or more primitive tasks associated with an algorithm task and encapsulates each primitive task in a buffer that is accessible by the ASIC (132). The ASIC (132) performs the primitive tasks in response to encapsulation in the buffer, and the FPGA (130) returns results of the algorithm. The primitive operations may include cryptographic primitives such as modular exponentiation, modular multiplicative inverse, and modular multiplication. The results may be returned to the processor (120) or a network interface controller of the computing device (100).
-
公开(公告)号:US10944656B2
公开(公告)日:2021-03-09
申请号:US16311231
申请日:2016-12-31
Applicant: INTEL CORPORATION
Inventor: Xiaodong Liu , Qihua Dai , Weigang Li , Vinodh Gopal
IPC: G06F9/30 , H04L12/26 , G06F16/901 , H04B10/25 , G02B6/38 , G02B6/42 , G02B6/44 , G06F1/18 , G06F1/20 , G06F3/06 , G06F8/65 , G06F9/4401 , G06F9/54 , G06F12/109 , G06F12/14 , G06F13/16 , G06F13/40 , G08C17/02 , G11C5/02 , G11C7/10 , G11C11/56 , G11C14/00 , H03M7/30 , H03M7/40 , H04L12/24 , H04L12/931 , H04L12/947 , H04L29/08 , H04L29/06 , H04Q11/00 , H05K7/14 , G06F9/38 , G06F9/50 , H04L12/851 , H04L12/811 , H05K5/02 , H04W4/80 , G06Q10/08 , G06Q10/00 , G06Q50/04 , H04L12/911 , B25J15/00 , B65G1/04 , H05K7/20 , H04L12/939 , H04W4/02 , H04L12/751 , G06F13/42 , H05K1/18 , G05D23/19 , G05D23/20 , H04L12/927 , H05K1/02 , H04L12/781 , H04Q1/04 , G06F12/0893 , H05K13/04 , G11C5/06 , G06F11/14 , G06F11/34 , G06F12/0862 , G06F15/80 , H04L12/919 , G06F12/10 , G06Q10/06 , G07C5/00 , H04L12/28 , H04L29/12 , H04L9/06 , H04L9/14 , H04L9/32 , H04L12/933
Abstract: Technologies for adaptive processing of multiple buffers is disclosed. A compute device may establish a buffer queue to which applications can submit buffers to be processed, such as by hashing the submitted buffers. The compute device monitors the buffer queue and determines an efficient way of processing the buffer queue based on the number of buffers present. The compute device may process the buffers serially with a single processor core of the compute device or may process the buffers in parallel with single-instruction, multiple data (SIMD) instructions. The compute device may determine which method to use based on a comparison of the throughput of serially processing the buffers as compared to parallel processing the buffers, which may depend on the number of buffers in the buffer queue.
-
公开(公告)号:US20190042739A1
公开(公告)日:2019-02-07
申请号:US16022976
申请日:2018-06-29
Applicant: Intel Corporation
Inventor: John J. Browne , Marcel Cornu , Timothy Verrall , Tomasz Kantecki , Niall Power , Weigang Li , Eoin Walsh , Maryam Tahhan
Abstract: Technologies for cache side channel attack detection and mitigation include an analytics server and one or more monitored computing devices. The analytics server polls each computing device for analytics counter data. The computing device generates the analytics counter data using a resource manager of a processor of the computing device. The analytics counter data may include last-level cache data or memory bandwidth data. The analytics server identifies suspicious core activity based on the analytics counter data and, if identified, deploys a detection process to the computing device. The computing device executes the detection process to identify suspicious application activity. If identified, the computing device may perform one or more corrective actions. Corrective actions include limiting resource usage by a suspicious process using the resource manager of the processor. The resource manager may limit cache occupancy or memory bandwidth used by the suspicious process. Other embodiments are described and claimed.
-
公开(公告)号:US20230418773A1
公开(公告)日:2023-12-28
申请号:US18035705
申请日:2020-12-24
Applicant: Intel Corporation
Inventor: Kaijie Guo , Xin Zeng , Ned Smith , Weigang Li , Junyuan Wang , Songwu Shen , Zijuan Fan , Yao Huo , Maksim Lukoshkov , Laurent Coquerel
IPC: G06F13/28
CPC classification number: G06F13/28
Abstract: Techniques and mechanisms for determining an operation to be performed with a direct memory access (DMA) request. An inspection unit (105) is coupled between an input-output memory management unit (IOMMU) (120) and an endpoint device (118). The inspection unit (105) stores a registry (330) comprising entries (332) which each correspond to a respective address, and a respective one or more resources of the endpoint device (118). A given entry (332) of the registry (330) is created based on a message from the IOM MU (120) which indicates the successful completion of an address translation to facilitate a DMA request. The endpoint device (118) performs a search, based on a DMA request, to determine if any registry (330) entry (332) indicates a combination of an address and an endpoint resource, where said combination matches a corresponding combination indicated by the DMA request. Communication of the DMA request to the IOMMU (120) is contingent on a result of the search.
-
Patent Agency Ranking
公开(公告)号:US11736277B2
公开(公告)日:2023-08-22
申请号:US17463453
申请日:2021-08-31
Applicant: INTEL CORPORATION
Inventor: Changzhen Wei , Junyuan Wang , Ned Smith , Weigang Li , Ping Yu
CPC classification number: H04L9/0833 , G06F21/45 , G16Y30/10 , H04L9/0822 , H04L9/321 , H04L9/3215 , H04L9/3255 , H04L63/0442
Abstract: Technologies for key management of internet-of-things (IoT) devices include an IoT device, an authority center server, and a group management server. The IoT device is configured to authenticate with an authority center server via an offline communication channel, receive a group member private key as a function of the authentication with the authority center server, and authenticate with a group management server via a secure online communication channel using the group member private key. The IoT device is further configured to receive a group shared key as a function of the authentication with the group management server, encrypt secret data with the group shared key, and transmit the encrypted secret data to the group management server. Other embodiments are described herein.
-
公开(公告)号:US11115193B2
公开(公告)日:2021-09-07
申请号:US16649192
申请日:2017-12-29
Applicant: INTEL CORPORATION
Inventor: Changzheng Wei , Junyuan Wang , Ned Smith , Weigang Li , Ping Yu
Abstract: Technologies for key management of internet-of-things (IoT) devices include an IoT device, an authority center server, and a group management server. The IoT device is configured to authenticate with an authority center server via an offline communication channel, receive a group member private key as a function of the authentication with the authority center server, and authenticate with a group management server via a secure online communication channel using the group member private key. The IoT device is further configured to receive a group shared key as a function of the authentication with the group management server, encrypt secret data with the group shared key, and transmit the encrypted secret data to the group management server. Other embodiments are described herein.
-
公开(公告)号:US20210034546A1
公开(公告)日:2021-02-04
申请号:US17041768
申请日:2018-06-29
Applicant: Intel Corporation
Inventor: Weigang Li , Changzheng Wei , John Barry , Maryam Tahhan , Jonas Alexander Svennebring , Niall D. McDonnell , Alexander Leckey , Patrick Fleming , Christopher MacNamara , John Joseph Browne
Abstract: There is disclosed a computing apparatus, including: a memory; a memory encryption controller to encrypt at least a region of the memory; and a network interface to communicatively couple the computing apparatus to a remote host; wherein the memory encryption controller is configured to send an encrypted packet decryptable via an encryption key directly from the memory to the remote host via the network interface, bypassing a network protocol stack.
-
公开(公告)号:US10860714B2
公开(公告)日:2020-12-08
申请号:US16022976
申请日:2018-06-29
Applicant: Intel Corporation
Inventor: John J. Browne , Marcel Cornu , Timothy Verrall , Tomasz Kantecki , Niall Power , Weigang Li , Eoin Walsh , Maryam Tahhan
Abstract: Technologies for cache side channel attack detection and mitigation include an analytics server and one or more monitored computing devices. The analytics server polls each computing device for analytics counter data. The computing device generates the analytics counter data using a resource manager of a processor of the computing device. The analytics counter data may include last-level cache data or memory bandwidth data. The analytics server identifies suspicious core activity based on the analytics counter data and, if identified, deploys a detection process to the computing device. The computing device executes the detection process to identify suspicious application activity. If identified, the computing device may perform one or more corrective actions. Corrective actions include limiting resource usage by a suspicious process using the resource manager of the processor. The resource manager may limit cache occupancy or memory bandwidth used by the suspicious process. Other embodiments are described and claimed.
-
公开(公告)号:US20190014117A1
公开(公告)日:2019-01-10
申请号:US15865984
申请日:2018-01-09
Applicant: Intel Corporation
Inventor: Weigang Li , Ned M. Smith , Changzheng Wei
Abstract: Various systems and methods of scalable and secure resource isolation and sharing for Internet of Things (IoT) networks, are described. Techniques for requesting inter-domain resource access and enabling resource sharing with use of an inter domain token are also described. In an example, communications in an IoT network to establish connectivity between a first device in a first domain and a second device in a second domain may include: receiving, from the first device at a collaboration cloud service, a request to access a resource of the second device; requesting and receiving, from an authorization provider, an inter-domain authorization token; and requesting, from the second device, access to the resource using the inter-domain authorization token; communications from the first device to access the second device are then performed between the first device and the second device based on a session key obtained with the inter-domain authorization token.
-
-
-
-
-
-
-
-
-
Search Results
28
records
(took 0.02 seconds)
