公开(公告)号：US20170132014A1

公开(公告)日：2017-05-11

申请号：US15402661

申请日：2017-01-10

Applicant: Intel Corporation

Inventor： James A. Sutton, II ,  David W. Grawrock

IPC: G06F9/44 ,  G06F12/14 ,  H04L9/32 ,  G06F13/42 ,  G06F21/57 ,  G06F9/445

CPC classification number: G06F9/4403 ,  G01N23/223 ,  G01N33/502 ,  G01N33/6872 ,  G01N2223/076 ,  G06F9/44505 ,  G06F12/0802 ,  G06F12/145 ,  G06F12/1458 ,  G06F13/4282 ,  G06F21/57 ,  G06F21/572 ,  G06F2212/1052 ,  G06F2212/60 ,  G06F2213/0026 ,  G06F2221/033 ,  H04L9/32 ,  H04L9/3247

Abstract: A method and apparatus for initiating secure operations in a microprocessor system is described. In one embodiment, one initiating logical processor initiates the process by halting the execution of the other logical processors, and then loading initialization and secure virtual machine monitor software into memory. The initiating processor then loads the initialization software into secure memory for authentication and execution. The initialization software then authenticates and registers the secure virtual machine monitor software prior to secure system operations.

公开(公告)号：US20160056960A1

公开(公告)日：2016-02-25

申请号：US14864450

申请日：2015-09-24

Applicant: Intel Corporation

Inventor： James A. Sutton ,  David W. Grawrock

IPC: H04L9/32 ,  G06F21/57

CPC classification number: G06F9/4403 ,  G01N23/223 ,  G01N33/502 ,  G01N33/6872 ,  G01N2223/076 ,  G06F9/44505 ,  G06F12/0802 ,  G06F12/145 ,  G06F12/1458 ,  G06F13/4282 ,  G06F21/57 ,  G06F21/572 ,  G06F2212/1052 ,  G06F2212/60 ,  G06F2213/0026 ,  G06F2221/033 ,  H04L9/32 ,  H04L9/3247

Abstract: A method and apparatus for initiating secure operations in a microprocessor system is described. In one embodiment, one initiating logical processor initiates the process by halting the execution of the other logical processors, and then loading initialization and secure virtual machine monitor software into memory. The initiating processor then loads the initialization software into secure memory for authentication and execution. The initialization software then authenticates and registers the secure virtual machine monitor software prior to secure system operations.

公开(公告)号：US09146833B2

公开(公告)日：2015-09-29

申请号：US13722158

申请日：2012-12-20

Applicant: Intel Corporation

Inventor： David W. Grawrock ,  David Ott ,  Corey Malone ,  Jesse Walker

IPC: G06F11/36 ,  G06F9/44

CPC classification number: G06F11/3636 ,  G06F8/70 ,  G06F11/36 ,  G06F11/3616

Abstract: In an embodiment a software application may include a “baseline trace” indicating proper application execution. The baseline trace may include counts for various types of instructions (e.g., how many times each of a LR instruction and a MV instruction occurs during an execution of code). The finished application includes the baseline trace. Upon execution the application randomly selects which of the various types of instructions to count during execution (e.g., LR or MV instruction) to produce a “real time trace”. The application executes and produces the real-time trace. The baseline trace is then compared to the real-time trace, which is specific to the randomly chosen type of instruction. If the traces are within a pre-determined range of each other the user has a level of assurance the software is operating correctly. Other embodiments are described herein.

Abstract translation: 在一个实施例中，软件应用可以包括指示正确应用执行的“基线迹线”。 基线迹线可以包括各种类型的指令的计数（例如，在执行代码期间，LR指令和MV指令的每一个发生多少次）。 完成的应用程序包括基线轨迹。 一旦执行，应用程序随机选择在执行期间计数各种类型的指令（例如，LR或MV指令）以产生“实时跟踪”。 应用程序执行并产生实时跟踪。 然后将基线轨迹与随机选择的指令类型特有的实时跟踪进行比较。 如果迹线在彼此的预定范围内，则用户具有软件正确操作的保证级别。 本文描述了其它实施例。

公开(公告)号：US10175994B2

公开(公告)日：2019-01-08

申请号：US15402666

申请日：2017-01-10

Applicant: Intel Corporation

Inventor： James A. Sutton, II ,  David W. Grawrock

IPC: G06F9/4401 ,  G06F12/14 ,  G06F21/57 ,  G06F9/445 ,  G01N23/223 ,  G01N33/50 ,  G01N33/68 ,  H04L9/32 ,  G06F12/0802 ,  G06F13/42

Abstract: A method and apparatus for initiating secure operations in a microprocessor system is described. In one embodiment, one initiating logical processor initiates the process by halting the execution of the other logical processors, and then loading initialization and secure virtual machine monitor software into memory. The initiating processor then loads the initialization software into secure memory for authentication and execution. The initialization software then authenticates and registers the secure virtual machine monitor software prior to secure system operations.

公开(公告)号：US20180006826A1

公开(公告)日：2018-01-04

申请号：US15201219

申请日：2016-07-01

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  David W. Grawrock

IPC: H04L9/32 ,  H04L9/30 ,  H04L9/14 ,  H04L9/06 ,  H04L29/06 ,  H04L9/00

CPC classification number: H04L9/3263 ,  H04L9/006 ,  H04L9/0637 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3247 ,  H04L9/3265 ,  H04L9/3268 ,  H04L63/06 ,  H04L63/062 ,  H04L63/0823 ,  H04L2209/38 ,  H04L2209/56

Abstract: Techniques for implementing public key infrastructure using blockchains are described. An apparatus may receive, from a introducee principal, a proof-of-work. The apparatus may combine the proof-of-work with an identifier of the introducee principal. The apparatus may generate an introduction of the introducee principal. The introduction may include signing, using an asymmetric private key assigned to the apparatus, the combination of the proof-of-work and the identifier of the introducee principal. The apparatus may publish the introduction of the introducee principal to a blockchain.

公开(公告)号：US09779249B2

公开(公告)日：2017-10-03

申请号：US15292301

申请日：2016-10-13

Applicant: Intel Corporation

Inventor： John H. Wilson ,  Ioannis T. Schoinas ,  Mazin S. Yousif ,  Linda J. Rankin ,  David W. Grawrock ,  Robert J. Greiner ,  James A. Sutton ,  Kushagra Vaid ,  Willard M. Wiseman

IPC: G06F21/00 ,  G06F21/57 ,  G06F21/44 ,  G06F21/50 ,  G06F21/71

CPC classification number: G06F21/575 ,  G06F21/44 ,  G06F21/445 ,  G06F21/50 ,  G06F21/606 ,  G06F21/64 ,  G06F21/71 ,  G06F2221/034

Abstract: In one embodiment of the present invention, a method includes verifying a master processor of a system; validating a trusted agent with the master processor if the master processor is verified; and launching the trusted agent on a plurality of processors of the system if the trusted agent is validated. After execution of such a trusted agent, a secure kernel may then be launched, in certain embodiments. The system may be a multiprocessor server system having a partially or fully connected topology with arbitrary point-to-point interconnects, for example.

公开(公告)号：US09721100B2

公开(公告)日：2017-08-01

申请号：US14317595

申请日：2014-06-27

Applicant: Intel Corporation

Inventor： David W. Grawrock ,  Sarat Kompalli

IPC: G06F21/57 ,  G06F21/71

CPC classification number: G06F21/57 ,  G06F21/71

Abstract: Technologies for monitoring protected functionality of an integrated circuit device include an integrated circuit device having a protected function module. The protected function module includes a modifiable security device. When the protected function module is activated or powered up, an attribute of the modifiable security device is irreversibly modified. The integrated circuit device may be a processor, and the protected function module may be a debug module of the processor. The modifiable circuit device may be an oscillator. The frequency of the oscillator may change when the oscillator is powered due to oscillator aging. The integrated circuit device may be included in a computing device. The integrated circuit device may expose data indicative of the attribute of the modifiable security device to firmware or software of the computing device. The data may be exposed through a cryptographically signed, firmware-readable memory space. Other embodiments are described and claimed.

公开(公告)号：US20170147359A1

公开(公告)日：2017-05-25

申请号：US15402666

申请日：2017-01-10

Applicant: Intel Corporation

Inventor： James A. Sutton, II ,  David W. Grawrock

IPC: G06F9/44 ,  G06F13/42 ,  G06F9/445 ,  G06F21/57 ,  H04L9/32

CPC classification number: G06F9/4403 ,  G01N23/223 ,  G01N33/502 ,  G01N33/6872 ,  G01N2223/076 ,  G06F9/44505 ,  G06F12/0802 ,  G06F12/145 ,  G06F12/1458 ,  G06F13/4282 ,  G06F21/57 ,  G06F21/572 ,  G06F2212/1052 ,  G06F2212/60 ,  G06F2213/0026 ,  G06F2221/033 ,  H04L9/32 ,  H04L9/3247

Abstract: A method and apparatus for initiating secure operations in a microprocessor system is described. In one embodiment, one initiating logical processor initiates the process by halting the execution of the other logical processors, and then loading initialization and secure virtual machine monitor software into memory. The initiating processor then loads the initialization software into secure memory for authentication and execution. The initialization software then authenticates and registers the secure virtual machine monitor software prior to secure system operations.

公开(公告)号：US20170098085A1

公开(公告)日：2017-04-06

申请号：US15292301

申请日：2016-10-13

Applicant: Intel Corporation

Inventor： John H. Wilson ,  Ioannis T. Schoinas ,  Mazin S. Yousif ,  Linda J. Rankin ,  David W. Grawrock ,  Robert J. Greiner ,  James A. Sutton ,  Kushagra Vaid ,  Willard M. Wiseman

IPC: G06F21/57 ,  G06F21/44

CPC classification number: G06F21/575 ,  G06F21/44 ,  G06F21/445 ,  G06F21/50 ,  G06F21/606 ,  G06F21/64 ,  G06F21/71 ,  G06F2221/034

Abstract: In one embodiment of the present invention, a method includes verifying a master processor of a system; validating a trusted agent with the master processor if the master processor is verified; and launching the trusted agent on a plurality of processors of the system if the trusted agent is validated. After execution of such a trusted agent, a secure kernel may then be launched, in certain embodiments. The system may be a multiprocessor server system having a partially or fully connected topology with arbitrary point-to-point interconnects, for example.

公开(公告)号：US09361121B2

公开(公告)日：2016-06-07

申请号：US14222939

申请日：2014-03-24

Applicant: Intel Corporation

Inventor： James A. Sutton, II ,  David W. Grawrock

IPC: G06F9/44 ,  G06F21/57 ,  G06F9/445 ,  G01N23/223 ,  G01N33/50 ,  G01N33/68 ,  G06F12/14

CPC classification number: G06F9/4403 ,  G01N23/223 ,  G01N33/502 ,  G01N33/6872 ,  G01N2223/076 ,  G06F9/44505 ,  G06F12/0802 ,  G06F12/145 ,  G06F12/1458 ,  G06F13/4282 ,  G06F21/57 ,  G06F21/572 ,  G06F2212/1052 ,  G06F2212/60 ,  G06F2213/0026 ,  G06F2221/033 ,  H04L9/32 ,  H04L9/3247

Abstract: A method and apparatus for initiating secure operations in a microprocessor system is described. In one embodiment, one initiating logical processor initiates the process by halting the execution of the other logical processors, and then loading initialization and secure virtual machine monitor software into memory. The initiating processor then loads the initialization software into secure memory for authentication and execution. The initialization software then authenticates and registers the secure virtual machine monitor software prior to secure system operations.