公开(公告)号：US20170024569A1

公开(公告)日：2017-01-26

申请号：US14974944

申请日：2015-12-18

Applicant: Intel Corporation

Inventor： Bin Xing ,  Pradeep M. Pappachan ,  Siddhartha Chhabra ,  Reshma Lal ,  Steven B. McGowan

IPC: G06F21/60 ,  G06F13/28

Abstract: Technologies for trusted I/O (TIO) include a computing device with a cryptographic engine and one or more I/O controllers. The computing device executes a TIO core service that has a cryptographic engine programming privileged granted by an operating system. The TIO core service receives a request from an application to protect a DMA channel. The TIO core service requests the operating system to protect the DMA channel, and the operating system verifies the cryptographic engine programming privilege of the TIO core service in response. The operating system programs the cryptographic engine to protect the DMA channel in response to verifying the cryptographic engine programming privilege of the TIO core service. If a privileged delegate determines that a user has confirmed termination of protection of the DMA channel, the TIO core service may unprotect the DMA channel. Other embodiments are described and claimed.

Abstract translation: 可信任I / O（TIO）技术包括具有加密引擎和一个或多个I / O控制器的计算设备。 计算设备执行具有由操作系统许可的加密引擎编程的TIO核心服务。 TIO核心服务接收来自应用程序的请求以保护DMA通道。 TIO核心服务请求操作系统保护DMA通道，操作系统会对TIO核心服务的加密引擎编程权限进行验证。 响应于验证TIO核心服务的加密引擎编程权限，操作系统对加密引擎进行编程以保护DMA通道。 如果特权代表确定用户已经确认终止对DMA通道的保护，TIO核心服务可能会取消保护DMA通道。 描述和要求保护其他实施例。

公开(公告)号：US20160283411A1

公开(公告)日：2016-09-29

申请号：US14671222

申请日：2015-03-27

Applicant: Intel Corporation

Inventor： Micah J. Sheller ,  Bin Xing ,  Vincent R. Scarlata

IPC: G06F12/14 ,  G06F21/62

CPC classification number: G06F12/1458 ,  G06F21/51 ,  G06F21/57 ,  G06F21/6218 ,  G06F2212/1052

Abstract: An embodiment includes at least one machine readable medium on which is stored code that, when executed enables a system to initialize a trusted loader enclave (TL) and a measurement and storage manager enclave (MSM) within a memory of the system, to receive by the MSM a TL measurement of the TL from a trusted processor of the system, to determine whether to establish a secure channel between the MSM and the TL based at least in part on the TL measurement, and responsive to a determination to establish the secure channel, to establish the secure channel and store particular code in the TL. Additional embodiments are described and claimed.

Abstract translation: 一个实施例包括至少一个机器可读介质，其上存储有代码，当被执行时，系统能够使系统初始化系统的存储器内的受信任加载器飞地（TL）和测量和存储管理器飞地（MSM），以便通过 MSM是来自系统的可信处理器的TL的TL测量，以至少部分地基于TL测量来确定是否在MSM和TL之间建立安全信道，并且响应于建立安全信道的确定 ，以建立安全通道并将特定代码存储在TL中。 描述和要求保护附加的实施例。

公开(公告)号：US20220083347A1

公开(公告)日：2022-03-17

申请号：US17019880

申请日：2020-09-14

Applicant: Intel Corporation

Inventor： Scott Constable ,  Bin Xing ,  Fangfei Liu ,  Thomas Unterluggauer ,  Krystof Zmudzinski

IPC: G06F9/4401 ,  G06F9/30

Abstract: A method comprises receiving an instruction to resume operations of an enclave in a cloud computing environment and generating a pseud-random time delay before resuming operations of the enclave in the cloud computing environment.

公开(公告)号：US20220035923A1

公开(公告)日：2022-02-03

申请号：US17451922

申请日：2021-10-22

Applicant: Intel Corporation

Inventor： Pradeep M. Pappachan ,  Reshma Lal ,  Bin Xing ,  Siddhartha Chhabra ,  Vincent R. Scarlata ,  Steven B. McGowan

IPC: G06F21/57 ,  G06F21/60

Abstract: Technologies for trusted I/O attestation and verification include a computing device with a cryptographic engine and one or more I/O controllers. The computing device collects hardware attestation information associated with statically attached hardware I/O components that are associated with a trusted I/O usage protected by the cryptographic engine. The computing device verifies the hardware attestation information and securely enumerates one or more dynamically attached hardware components in response to verification. The computing device collects software attestation information for trusted software components loaded during secure enumeration. The computing device verifies the software attestation information. The computing device may collect firmware attestation information for firmware loaded in the I/O controllers and verify the firmware attestation information. The computing device may collect application attestation information for a trusted application that uses the trusted I/O usage and verify the application attestation information. Other embodiments are described and claimed.

公开(公告)号：US20220014381A1

公开(公告)日：2022-01-13

申请号：US17448520

申请日：2021-09-22

Applicant: Intel Corporation

Inventor： Bin Xing

IPC: H04L9/32 ,  H04L9/06 ,  G06F9/48

Abstract: A system and method of MAC generation include receiving, by a destination computing system, an encrypted page from a source computing system; decrypting the encrypted page; adding version data for the decrypted page to a receiver message authentication code (MAC) for the decrypted page; receiving a sender MAC corresponding to the encrypted page received from the source computing system, the sender MAC including version data for the encrypted page; comparing the sender MAC to the receiver MAC; and indicating an error when the sender MAC does not match the receiver MAC and indicating a success when the sender MAC matches the receiver MAC.

公开(公告)号：US10943012B2

公开(公告)日：2021-03-09

申请号：US16260850

申请日：2019-01-29

Applicant: Intel Corporation

Inventor： Pradeep M. Pappachan ,  Reshma Lal ,  Bin Xing ,  Siddhartha Chhabra ,  Vincent R. Scarlata ,  Steven B. McGowan

IPC: G06F21/57 ,  G06F21/60

Abstract: Technologies for trusted I/O attestation and verification include a computing device with a cryptographic engine and one or more I/O controllers. The computing device collects hardware attestation information associated with statically attached hardware I/O components that are associated with a trusted I/O usage protected by the cryptographic engine. The computing device verifies the hardware attestation information and securely enumerates one or more dynamically attached hardware components in response to verification. The computing device collects software attestation information for trusted software components loaded during secure enumeration. The computing device verifies the software attestation information. The computing device may collect firmware attestation information for firmware loaded in the I/O controllers and verify the firmware attestation information. The computing device may collect application attestation information for a trusted application that uses the trusted I/O usage and verify the application attestation information. Other embodiments are described and claimed.

公开(公告)号：US10726165B2

公开(公告)日：2020-07-28

申请号：US16417907

申请日：2019-05-21

Applicant: Intel Corporation

Inventor： Soham Jayesh Desai ,  Reshma Lal ,  Pradeep Pappachan ,  Bin Xing

IPC: G06F11/30 ,  G06F21/85 ,  G06F13/38 ,  G06F13/42 ,  G06F21/44 ,  G06F21/72 ,  G06F21/57 ,  G06F21/53

Abstract: Technologies for secure enumeration of USB devices include a computing device having a USB controller and a trusted execution environment (TEE). The TEE may be a secure enclave protected secure enclave support of the processor. In response to a USB device connecting to the USB controller, the TEE sends a secure command to the USB controller to protect a device descriptor for the USB device. The secure command may be sent over a secure channel to a static USB device. A driver sends a get device descriptor request to the USB device, and the USB device responds with the device descriptor. The USB controller redirects the device descriptor to a secure memory buffer, which may be located in a trusted I/O processor reserved memory region. The TEE retrieves and validates the device descriptor. If validated, the TEE may enable the USB device for use. Other embodiments are described and claimed.

公开(公告)号：US10511598B2

公开(公告)日：2019-12-17

申请号：US15083988

申请日：2016-03-29

Applicant: Intel Corporation

Inventor： Mark W. Shanahan ,  Bin Xing

IPC: H04L29/06 ,  G06F12/14 ,  G06F21/74 ,  G06F12/08 ,  G06F12/0875

Abstract: Technologies for dynamic loading of integrity protected modules into a secure enclave include a computing device having a processor with secure enclave support. The computing device divides an executable image into multiple chunks, hashes each of the chunks with corresponding attributes that affect security to generate a corresponding hash value, and generates a hash tree as a function of the hash values. The computing device generates an initial secure enclave memory image that includes the root value of the hash tree. At runtime, the computing device accesses a chunk of the executable image from within the secure enclave, which generates a page fault. In response to the page fault, the secure enclave verifies the associated chunk based on the hash tree and accepts the chunk into the secure enclave in response to successful verification. The root value of the hash tree is integrity-protected. Other embodiments are described and claimed.

公开(公告)号：US10354095B2

公开(公告)日：2019-07-16

申请号：US15087029

申请日：2016-03-31

Applicant: Intel Corporation

Inventor： Bin Xing

IPC: G06F12/00 ,  G06F21/71 ,  G06F9/445

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to initialize enclaves on target processors. An example apparatus includes an image file retriever to retrieve configuration parameters associated with an enclave file, and an address space manager to calculate a minimum virtual address space value for an enclave image layout based on the configuration parameters, and generate an optimized enclave image layout to allow enclave image execution on unknown target processor types by multiplying the minimum address space value with a virtual address factor to determine an optimized virtual address space value for the optimized enclave image layout.

公开(公告)号：US10339327B2

公开(公告)日：2019-07-02

申请号：US15628012

申请日：2017-06-20

Applicant: Intel Corporation

Inventor： Pradeep M. Pappachan ,  Reshma Lal ,  Siddhartha Chhabra ,  Gideon Gerzon ,  Baruch Chaikin ,  Bin Xing ,  William A. Stevens, Jr.

IPC: G06F21/76 ,  G06F21/60 ,  H04L29/06 ,  G06F21/57 ,  G06F13/28 ,  H04L9/32 ,  G06F13/20 ,  G06F21/62 ,  G06F21/85 ,  G09C1/00 ,  G06F21/70 ,  G06F21/51 ,  H04L9/06

Abstract: Technologies for securely binding a manifest to a platform include a computing device having a security engine and a field-programmable fuse. The computing device receives a platform manifest indicative of a hardware configuration of the computing device and a manifest hash. The security engine of the computing device blows a bit of a field programmable fuse and then stores the manifest hash and a counter value of the field-programmable fuse in integrity-protected non-volatile storage. In response to a platform reset, the security engine verifies the stored manifest hash and counter value and then determines whether the stored counter value matches the field-programmable fuse. If verified and current, trusted software may calculate a hash of the platform manifest and compare the calculated hash to the stored manifest hash. If matching, the platform manifest may be used to discover platform hardware. Other embodiments are described and claimed.