公开(公告)号：US20200169563A1

公开(公告)日：2020-05-28

申请号：US16532057

申请日：2019-08-05

Applicant: Intel Corporation

Inventor： Alex Nayshtut ,  Omer Ben-Shalom ,  Hong Li

IPC: H04L29/06 ,  H04L29/08 ,  G06F21/62 ,  G06F21/55 ,  H04W12/00

Abstract: Technologies to facilitate supervision of an online identify include a gateway server to facilitate and monitor access to an online service by a user of a “child” client computer device. The gateway server may include an identity manager to receive a request for access to the online service from the client computing device, retrieve access information to the online service, and facilitate access to the online service for the client computing device using the access information. The access information is kept confidential from the user. The gateway server may also include an activity monitor module to control activity between the client computing device and the online service based on the set of policy rules of a policy database. The gateway server may transmit notifications of such activity to a “parental” client computing device for review and/or approval, which also may be used to update the policy database.

公开(公告)号：US10375080B2

公开(公告)日：2019-08-06

申请号：US15477867

申请日：2017-04-03

Applicant: Intel Corporation

Inventor： Alex Nayshtut ,  Omer Ben-Shalom ,  Hong Li

IPC: H04L29/06 ,  G06F21/55 ,  G06F21/62 ,  H04L29/08

Abstract: Technologies to facilitate supervision of an online identify include a gateway server to facilitate and monitor access to an online service by a user of a “child” client computer device. The gateway server may include an identity manager to receive a request for access to the online service from the client computing device, retrieve access information to the online service, and facilitate access to the online service for the client computing device using the access information. The access information is kept confidential from the user. The gateway server may also include an activity monitor module to control activity between the client computing device and the online service based on the set of policy rules of a policy database. The gateway server may transmit notifications of such activity to a “parental” client computing device for review and/or approval, which also may be used to update the policy database.

公开(公告)号：US20190050564A1

公开(公告)日：2019-02-14

申请号：US16033272

申请日：2018-07-12

Applicant: Intel Corporation

Inventor： Oleg Pogorelik ,  Alex Nayshtut ,  Ran Asher Cohen ,  Guy Barnhart-Magen

IPC: G06F21/55 ,  G06N3/04 ,  G06N3/063 ,  G06N5/04 ,  G06N99/00 ,  G06F21/53

Abstract: An embodiment of a semiconductor package apparatus may include technology to perform run-time analysis of inputs and outputs of a machine learning model of an inference engine, detect an activity indicative of an attempt to retrieve the machine learning model based on the run-time analysis, and perform one or more preventive actions upon detection of the activity indicative of the attempted model retrieval. Other embodiments are disclosed and claimed.

公开(公告)号：US20190042730A1

公开(公告)日：2019-02-07

申请号：US15938015

申请日：2018-03-28

Applicant: Intel Corporation

Inventor： Koichi Yamada ,  Sevin F. Varoglu ,  Ajay Harikumar ,  Alex Nayshtut

IPC: G06F21/52 ,  G06F21/56 ,  G06F21/55

Abstract: After a heuristic event counter in a processor has triggered a performance monitoring interrupt (PMI) when the processor was executing a target program in user mode, and after the processor has switched to kernel mode in response to the PMI, a heuristic event handler automatically performs preliminary analysis in kernel mode, without switching back to user mode, to determine whether heavyweight code analysis is warranted. The preliminary analysis comprises (a) obtaining an instruction pointer (IP) for the target program from a last branch record (LBR) buffer in the processor, (b) using transaction hardware in the processor to determine whether the IP from LBR buffer points to a readable page in memory, and (c) determining that heavyweight code analysis is not warranted in response to a determination that the page pointed to by the IP from LBR buffer is not readable. Other embodiments are described and claimed.

公开(公告)号：US10116451B2

公开(公告)日：2018-10-30

申请号：US15349410

申请日：2016-11-11

Applicant: Intel Corporation

Inventor： Akshay Ramesh Kadam ,  Vishnuvarthanan Balraj ,  Alex Nayshtut

IPC: G06F11/30 ,  G06F21/00 ,  H04L9/32 ,  G06F3/06 ,  G06F11/14

Abstract: A storage device is divided into a trusted storage region (TSR) and a standard storage region (SSR). A backup and recovery tool (BRT) is used to generate a public/private key pair and provide the public key to the storage device. The BRT detects a trigger to back up a file from the SSR to the TSR and sends a write instruction to the storage device to perform the backup. The BRT signs the write instruction with the private key. The storage device uses the public key to verify the write instruction and performs the backup based on the verification. The TSR cannot be accessed without the private key, therefore if a malware attack is detected in the storage device, the device may be formatted to delete infected files. A fresh operating system may be installed on the formatted storage device and the file may be recovered from the TSR.

公开(公告)号：US09705916B2

公开(公告)日：2017-07-11

申请号：US13629965

申请日：2012-09-28

Applicant: Intel Corporation

Inventor： Omer Ben-Shalom ,  Alex Nayshtut ,  Moshe Maor

IPC: H04B7/00 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L63/164 ,  H04L63/18 ,  H04L69/32

Abstract: Systems and methods may provide for establishing an out-of-band (OOB) channel between a local wireless interface and a remote backend receiver, and receiving information from a peripheral device via the local wireless interface. Additionally, the information may be sent to the backend receiver via the OOB channel, wherein the OOB channel bypasses a local operating system. In one example, a secure Bluetooth stack is used to receive the information from the peripheral device.

公开(公告)号：US20170170957A1

公开(公告)日：2017-06-15

申请号：US15116102

申请日：2014-03-03

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Alex Nayshtut

IPC: H04L9/08 ,  H04L9/32 ,  H04L29/06 ,  G06F21/53

CPC classification number: H04L9/0822 ,  G06F21/53 ,  G06F2221/034 ,  H04L9/0863 ,  H04L9/0877 ,  H04L9/3231 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/0861 ,  H04L63/20 ,  H04W12/00403 ,  H04W12/04 ,  H04W12/06

Abstract: A destination data processing system (DPS) receives a key migration block from a source DPS. The key migration block includes an encrypted version of a primary key. The destination DPS receives user input that identifies (a) an authentication policy and (b) a context policy. The destination DPS collects authentication data from the user, based on the identified authentication policy. The destination DPS collects context data, based on the identified context policy. The destination DPS uses the authentication data and the context data to decrypt the key migration block. The authentication data may comprise multiple types of authentication data, possibly including biometric data. The user may also input an index, and the destination DPS may use the index to retrieve a number from a random number server. The destination DPS may use that number to decrypt the key migration block. Other embodiments are described and claimed.

公开(公告)号：US09602500B2

公开(公告)日：2017-03-21

申请号：US14367434

申请日：2013-12-20

Applicant: INTEL CORPORATION

Inventor： Alex Nayshtut ,  Hormuzd M. Khosravi ,  Omer Ben-Shalom ,  Barry R. Pivitt ,  Ned M. Smith

IPC: H04L9/08 ,  H04L29/06 ,  H04L9/32

CPC classification number: H04L63/0823 ,  H04L9/3268 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/061

Abstract: An embodiment includes a method executed by at least one processor of a first computing node comprising: generating a key pair including a first public key and a corresponding first private key; receiving an instance of a certificate, including a second public key, from a second computing node located remotely from the first computing node; associating the instance of the certificate with the key pair; receiving an additional instance of the certificate; verifying the additional instance of the certificate is associated with the key pair; and encrypting and exporting the first private key in response to verifying the additional instance of the certificate is associated with the key pair. Other embodiments are described herein.

公开(公告)号：US09558330B2

公开(公告)日：2017-01-31

申请号：US14580772

申请日：2014-12-23

Applicant: Intel Corporation

Inventor： Oleg Pogorelik ,  Ned M. Smith ,  Alex Nayshtut ,  Avishay Sharaga

IPC: G06F21/10 ,  G06F21/62 ,  G06F21/71 ,  G06F21/30 ,  B29C67/00 ,  G05B19/4099 ,  H04L29/06 ,  B33Y50/02

CPC classification number: G06F21/10 ,  B29C64/386 ,  B29C67/0088 ,  B33Y50/02 ,  G05B19/4099 ,  G05B2219/35134 ,  G05B2219/36542 ,  G05B2219/49007 ,  G05B2219/49008 ,  G05B2219/49023 ,  G06F21/00 ,  G06F2221/0768 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/102

Abstract: Technologies for 3D printing digital rights management (DRM) include a 3D printing device communicatively coupled with a 3D model storage server and a rights management server over a network. The 3D printing device may establish a model unlock engine in a first trusted execution environment and a key release engine in a second trusted execution environment. The model unlock engine may extract a content access policy and a content key from an encrypted 3D model and generate a content key request to the key release engine. The key release engine may validate the content key request and decrypt the content key in response to the content access policy being satisfied. The model unlock engine may further decrypt 3D model content included in the 3D model using the decrypted content key to facilitate the printing of the 3D model.

Abstract translation: 用于3D打印数字版权管理（DRM）的技术包括通过网络与3D模型存储服务器和权限管理服务器通信耦合的3D打印设备。 3D打印设备可以在第一可信执行环境中建立模型解锁引擎，并且在第二可信执行环境中建立密钥释放引擎。 模型解锁引擎可以从加密的3D模型中提取内容访问策略和内容密钥，并向密钥发布引擎生成内容密钥请求。 密钥发布引擎可以根据满足的内容访问策略来验证内容密钥请求并解密内容密钥。 模型解锁引擎可以使用解密的内容密钥来进一步解密包含在3D模型中的3D模型内容，以便于3D模型的打印。

公开(公告)号：US20160350761A1

公开(公告)日：2016-12-01

申请号：US14724025

申请日：2015-05-28

Applicant: Intel Corporation

Inventor： Michael Raziel ,  Ned M. Smith ,  Alex Nayshtut ,  Hormuzd M. Khosravi ,  Abhilasha Bhargav-Spantzel ,  Meir Shaked

IPC: G06Q20/40

CPC classification number: G06Q20/40145 ,  G06Q2220/00

Abstract: A method for managing a reference template for authentication includes generating the reference template using gait data collected during a training period. A user is authenticated utilizing the reference template. A universal background model (UBM) is generated using gait data collected after the training period. The reference template is updated using the UBM.

Abstract translation: 用于管理用于认证的参考模板的方法包括使用在训练期间收集的步态数据来生成参考模板。 使用参考模板对用户进行身份验证。 通过训练后采集的步态数据生成通用背景模型（UBM）。 参考模板使用UBM进行更新。