公开(公告)号：US20140282945A1

公开(公告)日：2014-09-18

申请号：US13995247

申请日：2013-03-15

Applicant: INTEL CORPORATION

Inventor： Ned M. Smith ,  Conor P. Cahill ,  Micah J. Sheller ,  Jason Martin

IPC: H04L29/06

CPC classification number: H04L63/06 ,  G06F21/32 ,  G06F21/62 ,  G06F21/78 ,  H04L63/0861

Abstract: Generally, this disclosure describes technologies for securely storing and using biometric authentication information, such as biometric reference templates. In some embodiments, the technologies include a client device that stores one or more biometric reference templates in a memory thereof. The client device may transfer such templates to an authentication device. The transfer may be conditioned on verification that the authentication device includes a suitable protected environment for the templates and will execute an acceptable temporary storage policy. The technologies may also include an authentication device that is configured to temporarily store biometric reference templates received from a client device in a protected environment thereof. Upon completion of biometric authentication or the occurrence of a termination event, the authentication devices may delete the biometric reference templates from the protected environment.

Abstract translation: 通常，本公开描述了用于安全地存储和使用生物测定认证信息（诸如生物测定参考模板）的技术。 在一些实施例中，技术包括将一个或多个生物测定参考模板存储在其存储器中的客户端设备。 客户端设备可以将这样的模板传送到认证设备。 传输可以根据认证设备包括用于模板的合适的受保护环境并将执行可接受的临时存储策略的验证。 这些技术还可以包括认证设备，其被配置为在其受保护的环境中临时存储从客户端设备接收的生物测定参考模板。 在完成生物认证或发生终止事件时，认证设备可以从受保护的环境中删除生物测定参考模板。

公开(公告)号：US10237682B2

公开(公告)日：2019-03-19

申请号：US15480058

申请日：2017-04-05

Applicant: INTEL CORPORATION

Inventor： Ned M. Smith ,  Micah J. Sheller ,  Nathan Heldt-Sheller

IPC: H04W4/021 ,  H04W12/08

Abstract: Various embodiments are generally directed to the provision and use of geometric location based security systems that use multiple beacons for determining a location. A beacon transmitted from an ultrasound broadcast as well as one or more different wireless broadcasts can be used to geo-locate a device and provide access controls based on the geo-location.

公开(公告)号：US10097350B2

公开(公告)日：2018-10-09

申请号：US15423975

申请日：2017-02-03

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Conor P. Cahill ,  Victoria C. Moore ,  Jason Martin ,  Micah J. Sheller

IPC: G06F17/30 ,  H04L9/08 ,  H04L29/06

Abstract: In an embodiment, a security engine of a processor includes an identity provider logic to generate a first key pair of a key pairing associating system user and a service provider that provides a web service and having a second system coupled to the system via a network, to perform a secure communication with the second system to enable the second system to verify that the identity provider logic is executing in a trusted execution environment, and responsive to the verification, to send a first key of the first key pair to the second system. This key may enable the second system to verify an assertion communicated by the identity provider logic that the user has been authenticated to the system according to a multi-factor authentication. Other embodiments are described and claimed.

公开(公告)号：US10083304B2

公开(公告)日：2018-09-25

申请号：US15445298

申请日：2017-02-28

Applicant: Intel Corporation

Inventor： Jasmeet Chhabra ,  Ned M. Smith ,  Micah J. Sheller ,  Nathan Heldt-Sheller

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/31 ,  G06F21/32 ,  G06F21/53 ,  G06N99/00 ,  H04W12/06 ,  H04W12/12

CPC classification number: G06F21/577 ,  G06F21/31 ,  G06F21/316 ,  G06F21/32 ,  G06F21/53 ,  G06F21/57 ,  G06F2221/034 ,  G06F2221/2115 ,  G06N20/00 ,  H04L63/083 ,  H04L63/0861 ,  H04L2463/082 ,  H04W12/06 ,  H04W12/12

Abstract: Technologies for information security include a computing device with one or more sensors. The computing device may authenticate a user and, after successful authentication, analyze sensor data to determine whether it is likely that the user authenticated under duress. If so, the computing device performs a security operation such as generating an alert or presenting false but plausible data to the user. Additionally or alternatively, the computing device, within a trusted execution environment, may monitor sensor data and apply a machine-learning classifier to the sensor data to identify an elevated risk of malicious attack. For example, the classifier may identify potential user identification fraud. The computing device may trigger a security response if elevated risk of attack is detected. For example, the trusted execution environment may trigger increased authentication requirements or increased anti-theft monitoring for the computing device. Other embodiments are described and claimed.

公开(公告)号：US20180239976A1

公开(公告)日：2018-08-23

申请号：US15439224

申请日：2017-02-22

Applicant: Intel Corporation

Inventor： Cory Cornelius ,  Jason Martin ,  Ramune Nagisetty ,  Micah J. Sheller ,  Thao W. Xiong ,  Reese Bowes

IPC: G06K9/00 ,  G06T7/11 ,  G06K9/62 ,  G06F1/16 ,  H04L29/06

Abstract: In one embodiment, an apparatus includes: a bioimpedance sensor to generate bioimpedance information based on bioimpedance sample information from at least some of a plurality of electrodes to be adapted about a portion of a person; at least one biometric sensor to generate biometric information based on biometric sample information from at least some of the plurality of electrodes; at least one environmental sensor to generate environmental context data; and an integration circuit to receive the bioimpedance information, the biometric information and the environmental context data and to adjust the bioimpedance information based at least in part on a value of one or more of the biometric information and the environmental context data. Other embodiments are described and claimed.

公开(公告)号：US10055556B2

公开(公告)日：2018-08-21

申请号：US14866950

申请日：2015-09-26

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Nathan Heldt-Sheller ,  Micah J. Sheller ,  Kevin C. Wells ,  Hannah L. Scurfield ,  Nathaniel J. Goss ,  Sindhu Pandian ,  Brad H. Needham

IPC: G06F7/04 ,  G06F21/31 ,  H04W12/06 ,  G06F21/53 ,  H04L9/32 ,  H04W88/02

CPC classification number: G06F21/31 ,  G06F21/41 ,  G06F21/53 ,  G06F21/88 ,  G06F2221/2105 ,  G06F2221/2111 ,  G06F2221/2147 ,  H04L9/3226 ,  H04L63/0815 ,  H04L2209/127 ,  H04L2209/805 ,  H04W12/00503 ,  H04W12/00504 ,  H04W12/00508 ,  H04W12/06 ,  H04W88/02

Abstract: Technologies for authenticating a user of a computing device based on an authentication context state includes generating context state outputs indicative of various context states of a mobile computing device based on sensor data generated by sensors of the mobile computing device. An authentication manager of the computing device implements an authentication state machine to authenticate a user of the computing device. The authentication state machine includes a number of authentication states, and each authentication state includes one or more transitions to another authentication state. Each of the transitions is dependent upon a context state output. The computing device may also include a device security manager, which implements a security state machine that includes a number of security states. Transition between security states is dependent upon the present authentication state of the user. The device security manager may implement a different security function in each security state.

公开(公告)号：US10009327B2

公开(公告)日：2018-06-26

申请号：US15451600

申请日：2017-03-07

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Conor P. Cahill ,  Micah J. Sheller ,  Jason Martin

IPC: G06F15/16 ,  G06F7/04 ,  H04L29/06

CPC classification number: H04L63/06 ,  G06F21/32 ,  G06F21/62 ,  G06F21/78 ,  H04L63/0861

Abstract: Generally, this disclosure describes technologies for securely storing and using biometric authentication information, such as biometric reference templates. In some embodiments, the technologies include a client device that stores one or more biometric reference templates in a memory thereof. The client device may transfer such templates to an authentication device. The transfer may be conditioned on verification that the authentication device includes a suitable protected environment for the templates and will execute an acceptable temporary storage policy. The technologies may also include an authentication device that is configured to temporarily store biometric reference templates received from a client device in a protected environment thereof. Upon completion of biometric authentication or the occurrence of a termination event, the authentication devices may delete the biometric reference templates from the protected environment.

公开(公告)号：US20180069855A1

公开(公告)日：2018-03-08

申请号：US15812956

申请日：2017-11-14

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Hannah L. Scurfield ,  Nathan Heldt-Sheller ,  Micah J. Sheller ,  Nathaniel J. Goss ,  Kevin C. Wells ,  Sindhu Pandian

IPC: H04L29/06 ,  G06F21/31 ,  H04L29/08 ,  G06N99/00

CPC classification number: H04L63/0861 ,  G06F21/31 ,  G06F21/316 ,  G06F2221/2105 ,  G06N20/00 ,  H04L63/0884 ,  H04L67/306

Abstract: In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier.

公开(公告)号：US20170154179A1

公开(公告)日：2017-06-01

申请号：US15370637

申请日：2016-12-06

Applicant: Intel Corporation

Inventor： Bradley W. Corrion ,  Micah J. Sheller ,  Jeffrey M. Tripp

IPC: G06F21/36 ,  G06F3/0488 ,  G06F3/0484 ,  G06F21/31

CPC classification number: G06F21/36 ,  G06F3/04845 ,  G06F3/04886 ,  G06F21/31 ,  G06F21/552 ,  G06F21/56 ,  G06F2221/034 ,  H04L63/083

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to facilitate secure screen input. An example disclosed system includes a user interface (UI) manager to generate a UI comprising a quantity of ordinal entry points, each one of the quantity of ordinal entry points comprising a repeating selectable pattern, an ordinal sequence generator to generate an initial randomized combination of the quantity of ordinal entry points, the randomized combination stored in a trusted execution environment, and an offset calculator to calculate a password entry value by comparing an offset value and direction value retrieved from the UI with the initial randomized combination of the quantity of ordinal entry points.

公开(公告)号：US09602492B2

公开(公告)日：2017-03-21

申请号：US14714513

申请日：2015-05-18

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Conor P. Cahill ,  Victoria C. Moore ,  Jason Martin ,  Micah J. Sheller

IPC: G06F17/30 ,  H04L29/06 ,  G06F21/45 ,  G06F21/31 ,  G06F21/33

CPC classification number: H04L9/0861 ,  G06F21/31 ,  G06F21/33 ,  G06F21/45 ,  H04L9/3234 ,  H04L63/0281 ,  H04L63/061 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/0838 ,  H04L63/1466 ,  H04L2209/127 ,  H04L2463/082

Abstract: In an embodiment, a security engine of a processor includes an identity provider logic to generate a first key pair of a key pairing associating system user and a service provider that provides a web service and having a second system coupled to the system via a network, to perform a secure communication with the second system to enable the second system to verify that the identity provider logic is executing in a trusted execution environment, and responsive to the verification, to send a first key of the first key pair to the second system. This key may enable the second system to verify an assertion communicated by the identity provider logic that the user has been authenticated to the system according to a multi-factor authentication. Other embodiments are described and claimed.