中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

47 records (took 0.037 seconds)

    PROGRAMMABLE INTEGRATED CIRCUIT CONFIGURED AS A REMOTE TRUST ANCHOR TO SUPPORT MULTITENANCY
    21.
    发明申请
    PROGRAMMABLE INTEGRATED CIRCUIT CONFIGURED AS A REMOTE TRUST ANCHOR TO SUPPORT MULTITENANCY 审中-公开

    公开(公告)号:US20200228388A1

    公开(公告)日:2020-07-16

    申请号:US16832593

    申请日:2020-03-27

    Applicant: Intel Corporation

    Inventor: Steffen Schulz Patrick Koeberl Alpa Narendra Trivedi Scott Weber

    IPC: H04L29/08 H04L29/06

    Abstract: A multitenancy system that includes a host provider, a programmable device, and multiple tenants is provided. The host provider may publish a multitenancy mode sharing and allocation policy that includes a list of terms to which the programmable device and tenants can adhere. The programmable device may include a secure device manager configured to operate in a multitenancy mode to load a tenant persona into a given partial reconfiguration (PR) sandbox region on the programmable device. The secure device manager may be used to enforce spatial isolation between different PR sandbox regions and temporal isolation between successive tenants in one PR sandbox region.

    Pseudonymous remote attestation utilizing a chain-of-trust
    23.
    发明授权
    Pseudonymous remote attestation utilizing a chain-of-trust 有权
    使用信任链的伪匿名远程认证

    公开(公告)号:US09521125B2

    公开(公告)日:2016-12-13

    申请号:US14693174

    申请日:2015-04-22

    Applicant: Intel Corporation

    Inventor: Steffen Schulz

    IPC: H04L29/06

    CPC classification number: H04L63/0435 H04L63/0414 H04L63/061 H04L63/0876

    Abstract: The present application is directed to pseudonymous attestation utilizing a chain of trust. An example prover device may include a chain-of-trust based on keys derived cryptographically from a shared symmetric key and pseudonymous identification data. The chain-of-trust may be used to cryptographically generate a pseudonymous public key and private key. The prover device may provide at least pseudonymous identification data and the pseudonymous public key to a verifier device. The verifier device may access pseudonymous data published by a certifier determine whether the prover device is authentic and includes known-good versions of software (e.g., sourced from the certifier). In this manner, the verifier device may be assured that the prover device is authentic without knowing the actual identity of the prover device. In at least one embodiment, the prover device may also include a trusted execution environment (TEE).

    Abstract translation: 本申请旨在利用信任链进行假名认证。 示例证明器设备可以包括基于从共享对称密钥和伪匿名识别数据密码导出的密钥的信任链。 信任链可用于密码地生成假公共密钥和私钥。 证明器装置可以向验证器装置提供至少假名识别数据和假公开密钥。 验证器设备可以访问验证者发布的假名数据,确定证明器设备是否可信,并且包括已知良好版本的软件(例如来自验证者)。 以这种方式,验证器设备可以确保证明器设备是真实的,而不知道证明器设备的实际身份。 在至少一个实施例中,证明器装置还可以包括可信执行环境(TEE)。

    Symmetric keying and chain of trust
    24.
    发明授权
    Symmetric keying and chain of trust 有权
    对称键控和信任链

    公开(公告)号:US09509502B2

    公开(公告)日:2016-11-29

    申请号:US14209129

    申请日:2014-03-13

    Applicant: Intel Corporation

    Inventor: Steffen Schulz

    IPC: H04L9/32 H04L9/08 H04L29/06

    CPC classification number: H04L9/0827 H04L9/3213 H04L9/3271 H04L63/062 H04L63/0807

    Abstract: The present application is directed to symmetric keying and chain of trust. In one embodiment a prover may communicate with a verifier to perform device or data authentication. The verifier may issue a challenge to authenticate the prover, to which the prover may respond with key data and ticket data that may be forwarded to a certifier. If the ticket data is recognized, the certifier may transmit an authorization token to the verifier, which may then set a symmetric attestation key. The prover may utilize the symmetric attestation key to establish a chain of trust for use in responding to challenges to application or data authenticity. The symmetric attestation key may be used to generate a first level key that may be utilized to generate program keys. A challenge response may include at least program key data that may be authenticated by the verifier using the symmetric attestation key.

    Abstract translation: 本申请涉及对称密钥和信任链。 在一个实施例中,证明者可以与验证者通信以执行设备或数据认证。 验证者可能会发出验证认证证书的挑战,证明者可以通过密钥数据和可能转发给认证者的票据数据进行响应。 如果票据数据被识别,则验证者可以向验证者发送授权令牌,然后可以设置对称证明密钥。 证明者可以利用对称认证密钥建立一个信任链,用于应对应用或数据真实性的挑战。 对称证明密钥可以用于生成可用于生成程序密钥的第一级密钥。 挑战响应可以至少包括可以由验证者使用对称认证密钥认证的程序密钥数据。

    BROADCAST REMOTE SEALING FOR SCALABLE TRUSTED EXECUTION ENVIRONMENT PROVISIONING
    30.
    发明申请
    BROADCAST REMOTE SEALING FOR SCALABLE TRUSTED EXECUTION ENVIRONMENT PROVISIONING 有权

    公开(公告)号:US20220222202A1

    公开(公告)日:2022-07-14

    申请号:US17708412

    申请日:2022-03-30

    Applicant: Intel Corporation

    Inventor: Steffen Schulz Alpa Trivedi Patrick Koeberl

    IPC: G06F15/78 G06F30/398 G06N3/04 H04L9/08 G06F9/30 G06F9/50 G06F15/177 H04L9/40 G06F11/07 G06F30/331 G06F9/38

    Abstract: An apparatus to facilitate broadcast remote sealing for scalable trusted execution environment provisioning is disclosed. The apparatus includes an execution platform for secure execution of a workload of the tenant to: perform an attestation of the execution platform with a cloud service provider (CSP); receive a command from the CSP to create a group of trusted execution platforms; create the group comprising the execution platform; confirm an existence and a status of the group based on the attestation of the execution platform and based on a current group status of the group; report a trusted computing base (TCB) of the first execution platform to other member execution platforms of the group, wherein the other member execution platforms satisfy minimum TCB requirements of the group; and execute an encrypted workload of the tenant using a group private key, wherein the workload of the tenant is encrypted using a group public key.

Patent Agency Ranking