公开(公告)号：US20210112073A1

公开(公告)日：2021-04-15

申请号：US17129223

申请日：2020-12-21

Applicant: Intel Corporation

Inventor： Steffen Schulz ,  Alpa Trivedi ,  Patrick Koeberl

IPC: H04L29/06 ,  G06F21/76

Abstract: An apparatus to facilitate broadcast remote sealing for scalable trusted execution environment provisioning is disclosed. The apparatus includes one or more processors to: request a group status report to confirm a status of a group of trusted execution platforms from a cloud service provider (CSP) providing scalable runtime validation for on-device design rule checks; validate, by a tenant, a minimum trusted computing base (TCB) declared with the group status report; determine, based on validation of the minimum TCB, whether a set of group members of the group of trusted execution platforms satisfies security requirements of the tenant; responsive to the set of group members satisfying the security requirement, utilize a group public key to encrypt a workload of the tenant; and send the encrypted workload to the CSP for storage by the CSP and subsequent execution by an execution platform of the group using a private group key.

公开(公告)号：US20210110099A1

公开(公告)日：2021-04-15

申请号：US17132306

申请日：2020-12-23

Applicant: Intel Corporation

Inventor： Furkan Turan ,  Patrick Koeberl ,  Alpa Trivedi ,  Steffen Schulz ,  Scott Weber

IPC: G06F30/398

Abstract: An apparatus to facilitate scalable runtime validation for on-device design rule checks is disclosed. The apparatus includes a memory to store a contention set, one or more multiplexors, and a validator communicably coupled to the memory. In one implementation, the validator is to: receive design rule information for the one or more multiplexers, the design rule information referencing the contention set; analyze, using the design rule information, a user bitstream against the contention set at a programming time of the apparatus, the user bitstream for programming the one or more multiplexors; and provide an error indication responsive to identifying a match between the user bitstream and the contention set.

公开(公告)号：US10565132B2

公开(公告)日：2020-02-18

申请号：US15651886

申请日：2017-07-17

Applicant: Intel Corporation

Inventor： Steffen Schulz ,  Patrick Koeberl

IPC: G06F12/00 ,  G06F13/00 ,  G06F13/28 ,  G06F12/14 ,  G06F11/30 ,  G06F11/07

Abstract: In various implementations, a system includes a memory, a processor, and an execution-aware memory protection unit (EA-MPU). The EA-MPU is configured to regulate memory access by the processor based at least on the identity of a subject executable that requests access, and on the address to which access is requested, and on permissions information that identifies which subject executables are to be granted access to each of several memory regions. In various implementations, the permissions information itself is stored among the several memory regions. Various configurations of the permissions information can be used to provide shared memory regions for communication among two or more stand-alone trusted software modules, to protect access to devices accessible through memory-mapped I/O (MMIO), to implement a flexible watchdog timer, to provide security for software updates, to provide dynamic root of trust measurement services, and/or to support an operating system.

公开(公告)号：US10516654B2

公开(公告)日：2019-12-24

申请号：US15070166

申请日：2016-03-15

Applicant: Intel Corporation

Inventor： Meiyuan Zhao ,  Jesse Walker ,  Xiruo Liu ,  Steffen Schulz ,  Jianqing Zhang

IPC: H04L29/06 ,  H04W12/06

Abstract: In one embodiment, a computing device includes at least one hardware processor to execute instructions, a network interface to enable communication with a second computing device and a third computing device, and at least one storage medium. Such medium may store instructions that when executed by the computing device enable the computing device to request delegation of a key provisioning privilege for the second computing device from the third computing device via a parent-guardian delegation protocol comprising a three-party key distribution protocol with the second computing device and the third computing device, the three-party key distribution protocol having interposed therein a two-party authenticated key exchange protocol between the computing device and the third computing device. Other embodiments are described and claimed.

公开(公告)号：US09768951B2

公开(公告)日：2017-09-19

申请号：US15161873

申请日：2016-05-23

Applicant: Intel Corporation

Inventor： Steffen Schulz ,  Matthias Schunter

IPC: H04L9/08

CPC classification number: H04L9/0827 ,  G06F21/51 ,  G06F21/53 ,  G06F2221/033

Abstract: The present disclosure is directed to sealing data using chain of trust key derivation. In at least one embodiment, a chain of trust may be used to derive sealing keys for sealing data on a device. The device may comprise, for example, at least a memory and processor. The processor may be to at least load code modules from the memory. Following the loading of a code module, the processor may further be to measure the code module, determine a sealing key corresponding to the code module, wherein the sealing key is determined based at least on a prior sealing key corresponding to a previously loaded code module and the measurement of the code module, and seal data corresponding to the loaded code module using the sealing key. Since the sealing keys are state dependent, a method for authorized migration of sealed data during software upgrades is also disclosed.

公开(公告)号：US09697142B2

公开(公告)日：2017-07-04

申请号：US15192049

申请日：2016-06-24

Applicant: INTEL CORPORATION

Inventor： Patrick Koeberl ,  Steffen Schulz

IPC: G06F12/14 ,  G06F9/38 ,  G06F9/30

CPC classification number: G06F12/1441 ,  G06F9/3005 ,  G06F9/3802 ,  G06F9/3824

Abstract: Execution-Aware Memory protection technologies are described. A processor includes a processor core and a memory protection unit (MPU). The MPU includes a memory protection table and memory protection logic. The memory protection table defines a first protection region in main memory, the first protection region including a first instruction region and a first data region. The memory protection logic determines a protection violation by a first instruction when 1) an instruction address, resulting from an instruction fetch operation corresponding to the first instruction, is not within the first instruction region or 2) a data address, resulting from an execute operation corresponding to the first instruction, is not within the first data region.

公开(公告)号：US20170155514A1

公开(公告)日：2017-06-01

申请号：US14955255

申请日：2015-12-01

Applicant: INTEL CORPORATION

Inventor： Steffen Schulz ,  Rafael Misoczki ,  Manoj R. Sastry ,  Jesse Walker

IPC: H04L9/32 ,  H04L9/30 ,  H04L9/14 ,  G06F9/445 ,  H04L29/06

CPC classification number: H04L9/3247 ,  G06F8/65 ,  H04L9/0891 ,  H04L9/14 ,  H04L9/304 ,  H04L9/3242 ,  H04L63/06 ,  H04L63/123 ,  H04L67/34

Abstract: In a method for validating software updates, a data processing system contains a current version of a software component. The data processing system saves at least first and second current advance keys (AKs). After saving the current AKs, the data processing system receives an update package for a new version of the software component. The data processing system extracts a digital signature and two or more new AKs from the update package. The data processing system uses at least one current AK to determine whether the digital signature is valid. In response to a determination that the digital signature is valid, the data processing system uses a software image from the update package to update the software component, and the data processing system saves the new AKs, for subsequent utilization as the current AKs. Other embodiments are described and claimed.