公开(公告)号：US20170149792A1

公开(公告)日：2017-05-25

申请号：US14951129

申请日：2015-11-24

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Nathan Heldt-Sheller

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/104 ,  H04L9/3263 ,  H04L63/0823 ,  H04L63/101 ,  H04L63/126 ,  H04L63/20

Abstract: Systems and techniques for resilient network construction using enhanced privacy identification are described herein. A group certificate may be generated for a first device group. The first device group may include a plurality of devices having a shared attribute. A request may be received from a device of the plurality of devices for a data exchange session with a data partner device. The data partner device may be included in a second device group. The data exchange session may be enabled based on a set of permissions related to the group certificate. The set of permissions may define, at least in part, the accessibility of the second device group to the first device group

公开(公告)号：US20160366188A1

公开(公告)日：2016-12-15

申请号：US14856857

申请日：2015-09-17

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Mats G. Agerstam ,  Nathan Heldt-Sheller

IPC: H04L29/06

CPC classification number: H04L63/205 ,  H04L63/101 ,  H04L67/12 ,  H04W4/70 ,  H04W12/08

Abstract: In one embodiment, a method includes receiving a first request from a first device to access a first resource of the system and determining whether to grant access to the first resource based on a first access control list stored in the system, the first access control list associated with the first device, the first device having a first relevance value, and based on the determination, granting the access to the first resource; and receiving a second request from a second device to access a second resource of the system and forwarding the second request to an access manager service coupled to the system to determine whether to grant access to the second resource based on a second access control list stored in the access manager service associated with the second device, the second device having a second relevance value, receive an access grant from the access manager service and based thereon, granting the access to the second resource.

Abstract translation: 在一个实施例中，一种方法包括从第一设备接收访问系统的第一资源的第一请求，并且基于存储在系统中的第一访问控制列表来确定是否授予对第一资源的访问权限，第一访问控制列表 与所述第一设备相关联，所述第一设备具有第一相关性值，并且基于所述确定，授予对所述第一资源的访问; 以及从第二设备接收访问所述系统的第二资源的第二请求，并且将所述第二请求转发给耦合到所述系统的访问管理器服务，以基于存储在所述第二访问控制列表中确定是否授予对所述第二资源的访问 与第二设备相关联的接入管理器服务，第二设备具有第二相关性值，从接入管理器服务接收接入授权，并基于此授予对第二资源的接入。

公开(公告)号：US20160366181A1

公开(公告)日：2016-12-15

申请号：US15045676

申请日：2016-02-17

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Rajesh Poornachandran ,  Nathan Heldt-Sheller

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F21/57 ,  G06F21/6236 ,  H04L63/102 ,  H04L63/1425

Abstract: In one embodiment, an apparatus comprises a first logic to receive security attribute information from a plurality of devices, generate a connectivity graph of the plurality of devices based at least in part on the security attribute information and identify an interoperability issue between a first device and a second device based on the connectivity graph. The apparatus may further include a second logic to generate a recommendation to resolve the interoperability issue and a third logic to provide provisioning information to at least one of the first device and the second device based on the recommendation. Other embodiments are described and claimed.

Abstract translation: 在一个实施例中，一种装置包括用于从多个设备接收安全属性信息的第一逻辑，至少部分地基于所述安全属性信息来生成所述多个设备的连通性图，并且识别第一设备和 基于连接图的第二个设备。 该装置还可以包括第二逻辑以产生解决互操作性问题的建议，以及第三逻辑，用于基于该推荐向第一设备和第二设备中的至少一个提供供应信息。 描述和要求保护其他实施例。