公开(公告)号：US20210144517A1

公开(公告)日：2021-05-13

申请号：US17119785

申请日：2020-12-11

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Kshitij Arun Doshi ,  Kapil Sood ,  Tarun Viswanathan

IPC: H04W4/08 ,  H04W12/04 ,  H04L29/08

Abstract: Various aspects of methods, systems, and use cases for multi-entity (e.g., multi-tenant) edge computing deployments are disclosed. Among other examples, various configurations and features enable the management of resources (e.g., controlling and orchestrating hardware, acceleration, network, processing resource usage), security (e.g., secure execution and communication, isolation, conflicts), and service management (e.g., orchestration, connectivity, workload coordination), in edge computing deployments, such as by a plurality of edge nodes of an edge computing environment configured for executing workloads from among multiple tenants.

公开(公告)号：US20190229897A1

公开(公告)日：2019-07-25

申请号：US16368982

申请日：2019-03-29

Applicant: Intel Corporation

Inventor： Timothy Verrall ,  Thomas Willhalm ,  Francesc Guim Bernat ,  Karthik Kumar ,  Ned M. Smith ,  Rajesh Poornachandran ,  Kapil Sood ,  Tarun Viswanathan ,  John J. Browne ,  Patrick Kutch

IPC: H04L9/08

Abstract: Technologies for accelerated key caching in an edge hierarchy include multiple edge appliance devices organized in tiers. An edge appliance device receives a request for a key, such as a private key. The edge appliance device determines whether the key is included in a local key cache and, if not, requests the key from an edge appliance device included in an inner tier of the edge hierarchy. The edge appliance device may request the key from an edge appliance device included in a peer tier of the edge hierarchy. The edge appliance device may activate per-tenant accelerated logic to identify one or more keys in the key cache for eviction. The edge appliance device may activate per-tenant accelerated logic to identify one or more keys for pre-fetching. Those functions of the edge appliance device may be performed by an accelerator such as an FPGA. Other embodiments are described and claimed.

公开(公告)号：US20190042783A1

公开(公告)日：2019-02-07

申请号：US16143724

申请日：2018-09-27

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Mark Schmisseur ,  Kshitij Doshi ,  Kapil Sood ,  Tarun Viswanathan

IPC: G06F21/62 ,  G06F21/60 ,  H04L9/08 ,  H04W12/08 ,  H04W12/02

Abstract: An embodiment of a semiconductor apparatus may include technology to receive data with a unique identifier, and bypass encryption logic of a media controller based on the unique identifier. Other embodiments are disclosed and claimed.

公开(公告)号：US20190042314A1

公开(公告)日：2019-02-07

申请号：US15869909

申请日：2018-01-12

Applicant: Intel Corporation

Inventor： Timothy Verrall ,  John J. Browne ,  Tomasz Kantecki ,  Maryam Tahhan ,  Eoin Walsh ,  Andrew Duignan ,  Alan Carey ,  Wojciech Andralojc ,  Damien Power ,  Tarun Viswanathan

IPC: G06F9/50 ,  G06F9/48

Abstract: Particular embodiments described herein provide for an electronic device that can be configured to partition a resource into a plurality of partitions and allocate a reserved portion and a corresponding burst portion in each of the plurality of partitions. Each of the allocated reserved portions and corresponding burst portions are reserved for a specific component or application, where any part of the allocated burst portion not being used by the specific component or application can be used by other components and/or applications.

公开(公告)号：US20170171218A1

公开(公告)日：2017-06-15

申请号：US15435550

申请日：2017-02-17

Applicant: Intel Corporation

Inventor： Keith Shippy ,  Tobias Kohlenberg ,  Mubashir Mian ,  Ned Smith ,  Omer Ben-Shalom ,  Tarun Viswanathan ,  Dennis Morgan ,  Timothy Verrall ,  Manish Dave ,  Eran Birk

IPC: H04L29/06

CPC classification number: H04L63/105 ,  G06F21/316 ,  G06F2221/2105 ,  G06F2221/2113 ,  H04L63/08 ,  H04L2463/082 ,  H04W12/06 ,  H04W88/02

Abstract: Systems and methods may provide for receiving runtime input from one or more unlock interfaces of a device and selecting a level of access with regard to the device from a plurality of levels of access based on the runtime input. The selected level of access may have an associated security policy, wherein an authentication of the runtime input may be conducted based on the associated security policy. In one example, one or more cryptographic keys are used to place the device in an unlocked state with regard to the selected level of access if the authentication is successful. If the authentication is unsuccessful, on the other hand, the device may be maintained in a locked state with regard to the selected level of access.

公开(公告)号：US12199962B2

公开(公告)日：2025-01-14

申请号：US18435546

申请日：2024-02-07

Applicant: Intel Corporation

Inventor： Kapil Sood ,  Seosamh O'Riordain ,  Ned M. Smith ,  Tarun Viswanathan

IPC: H04L9/40 ,  G06F9/4401 ,  G06F9/455 ,  G06F9/46 ,  G06F9/50 ,  G06F21/53 ,  G06F21/57 ,  G06F21/62

Abstract: Technologies for providing secure utilization of tenant keys include a compute device. The compute device includes circuitry configured to obtain a tenant key. The circuitry is also configured to receive encrypted data associated with a tenant. The encrypted data defines an encrypted image that is executable by the compute device to perform a workload on behalf of the tenant in a virtualized environment. Further, the circuitry is configured to utilize the tenant key to decrypt the encrypted data and execute the workload without exposing the tenant key to a memory that is accessible to another workload associated with another tenant.

公开(公告)号：US11797690B2

公开(公告)日：2023-10-24

申请号：US16845885

申请日：2020-04-10

Applicant: Intel Corporation

Inventor： Ned Smith ,  Kshitij A. Doshi ,  Francesc Guim Bernat ,  Kapil Sood ,  Tarun Viswanathan

IPC: G06F21/60 ,  H04L9/32 ,  G06F15/173

CPC classification number: G06F21/602 ,  G06F15/17331 ,  H04L9/3268

Abstract: Examples herein relate to an interface selectively providing access to a memory region for a work request from an entity by providing selective access to a physical address of the memory region and selective access to a cryptographic key for use by a memory controller to access the memory region. In some examples, providing selective access to a physical address conversion is based on one or more of: validation of a certificate received with the work request and an identifier of the entity being associated with a process with access to the memory region. Access to the memory region can be specified to be one or more of: create, read, update, delete, write, or notify. A memory region can be a page or sub-page sized region. Different access rights can be associated with different sub-portions of the memory region, wherein the access rights comprise one or more of: create, read, update, delete, write, or notify.

公开(公告)号：US20230171234A1

公开(公告)日：2023-06-01

申请号：US18047934

申请日：2022-10-19

Applicant: Intel Corporation

Inventor： Kapil Sood ,  Seosamh O'Riordain ,  Ned M. Smith ,  Tarun Viswanathan

IPC: H04L9/40 ,  G06F9/455 ,  G06F9/50 ,  G06F21/53 ,  G06F21/62 ,  G06F21/57 ,  G06F9/4401 ,  G06F9/46

CPC classification number: H04L63/06 ,  G06F9/45533 ,  G06F9/5077 ,  G06F21/53 ,  G06F21/6209 ,  H04L63/083 ,  G06F21/57 ,  H04L63/062 ,  H04L63/0435 ,  G06F9/4401 ,  G06F9/45558 ,  G06F9/468 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Technologies for providing secure utilization of tenant keys include a compute device. The compute device includes circuitry configured to obtain a tenant key. The circuitry is also configured to receive encrypted data associated with a tenant. The encrypted data defines an encrypted image that is executable by the compute device to perform a workload on behalf of the tenant in a virtualized environment. Further, the circuitry is configured to utilize the tenant key to decrypt the encrypted data and execute the workload without exposing the tenant key to a memory that is accessible to another workload associated with another tenant.

公开(公告)号：US20220200788A1

公开(公告)日：2022-06-23

申请号：US17561558

申请日：2021-12-23

Applicant: Intel Corporation

Inventor： Timothy Verrall ,  Thomas Willhalm ,  Francesc Guim Bernat ,  Karthik Kumar ,  Ned M. Smith ,  Rajesh Poornachandran ,  Kapil Sood ,  Tarun Viswanathan ,  John J. Browne ,  Patrick Kutch

IPC: H04L9/08

Abstract: Technologies for accelerated key caching in an edge hierarchy include multiple edge appliance devices organized in tiers. An edge appliance device receives a request for a key, such as a private key. The edge appliance device determines whether the key is included in a local key cache and, if not, requests the key from an edge appliance device included in an inner tier of the edge hierarchy. The edge appliance device may request the key from an edge appliance device included in a peer tier of the edge hierarchy. The edge appliance device may activate per-tenant accelerated logic to identify one or more keys in the key cache for eviction. The edge appliance device may activate per-tenant accelerated logic to identify one or more keys for pre-fetching. Those functions of the edge appliance device may be performed by an accelerator such as an FPGA. Other embodiments are described and claimed.

公开(公告)号：US11157642B2

公开(公告)日：2021-10-26

申请号：US16143724

申请日：2018-09-27

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Mark Schmisseur ,  Kshitij Doshi ,  Kapil Sood ,  Tarun Viswanathan

IPC: G06F21/62 ,  G06F21/60 ,  H04L9/08 ,  H04L29/08 ,  H04W12/08 ,  H04W12/02 ,  H04L29/06

Abstract: An embodiment of a semiconductor apparatus may include technology to receive data with a unique identifier, and bypass encryption logic of a media controller based on the unique identifier. Other embodiments are disclosed and claimed.