公开(公告)号：US20160373474A1

公开(公告)日：2016-12-22

申请号：US14866565

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： Kapil Sood ,  Manuel Nedbal

IPC: H04L29/06 ,  H04L12/24

CPC classification number: H04L63/1425 ,  G06F21/50 ,  G06F21/53 ,  H04L41/28 ,  H04L63/062 ,  H04L63/20

Abstract: Technologies for secure personalization of a security monitoring virtual network function (VNF) in a network functions virtualization (NFV) architecture include various security monitoring components, including a NFV security services controller, a VNF manager, and a security monitoring VNF. The security monitoring VNF is configured to receive provisioning data from the NFV security services controller and perform a mutually authenticated key exchange procedure using at least a portion of the provisioning data to establish a secure communication path between the security monitoring VNF and a VNF manager. The security monitoring VNF is further configured to receive personalization data from the VNF manager via the secure communication path and perform a personalization operation to configure one or more functions of the security monitoring VNF based on the personalization data. Other embodiments are described and claimed.

Abstract translation: 在网络功能虚拟化（NFV）架构中安全监控虚拟网络功能（VNF）的安全个性化技术包括各种安全监控组件，包括NFV安全服务控制器，VNF管理器和安全监控VNF。 安全监控VNF被配置为从NFV安全服务控制器接收供应数据，并使用供应数据的至少一部分执行相互认证的密钥交换过程，以在安全监控VNF和VNF管理器之间建立安全通信路径。 安全监视VNF还被配置为经由安全通信路径从VNF管理器接收个性化数据，并且执行个性化操作以基于个性化数据来配置安全监控VNF的一个或多个功能。 描述和要求保护其他实施例。

公开(公告)号：US20250106191A1

公开(公告)日：2025-03-27

申请号：US18975721

申请日：2024-12-10

Applicant: Intel Corporation

Inventor： Kapil Sood ,  Seosamh O'Riordain ,  Ned M. Smith ,  Tarun Viswanathan

IPC: H04L9/40 ,  G06F9/4401 ,  G06F9/455 ,  G06F9/46 ,  G06F9/50 ,  G06F21/53 ,  G06F21/57 ,  G06F21/62

Abstract: Technologies for providing secure utilization of tenant keys include a compute device. The compute device includes circuitry configured to obtain a tenant key. The circuitry is also configured to receive encrypted data associated with a tenant. The encrypted data defines an encrypted image that is executable by the compute device to perform a workload on behalf of the tenant in a virtualized environment. Further, the circuitry is configured to utilize the tenant key to decrypt the encrypted data and execute the workload without exposing the tenant key to a memory that is accessible to another workload associated with another tenant.

公开(公告)号：US12244507B2

公开(公告)日：2025-03-04

申请号：US17033140

申请日：2020-09-25

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Ned M. Smith ,  Kshitij Arun Doshi ,  Suraj Prabhakaran ,  Timothy Verrall ,  Kapil Sood ,  Tarun Viswanathan

IPC: H04L47/28 ,  H04L47/74 ,  H04L47/78 ,  H04L49/15

Abstract: Systems and techniques for intelligent data forwarding in edge networks are described herein. A request may be received from an edge user device for a service via a first endpoint. A time value may be calculated using a timestamp of the request. Motion characteristics may be determined for the edge user device using the time value. A response to the request may be transmitted to a second endpoint based on the motion characteristics.

公开(公告)号：US20240305616A1

公开(公告)日：2024-09-12

申请号：US18435546

申请日：2024-02-07

Applicant: Intel Corporation

Inventor： Kapil Sood ,  Seosamh O'Riordain ,  Ned M. Smith ,  Tarun Viswanathan

IPC: H04L9/40 ,  G06F9/4401 ,  G06F9/455 ,  G06F9/46 ,  G06F9/50 ,  G06F21/53 ,  G06F21/57 ,  G06F21/62

CPC classification number: H04L63/06 ,  G06F9/4401 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/468 ,  G06F9/5077 ,  G06F21/53 ,  G06F21/57 ,  G06F21/6209 ,  H04L63/0435 ,  H04L63/062 ,  H04L63/083 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Technologies for providing secure utilization of tenant keys include a compute device. The compute device includes circuitry configured to obtain a tenant key. The circuitry is also configured to receive encrypted data associated with a tenant. The encrypted data defines an encrypted image that is executable by the compute device to perform a workload on behalf of the tenant in a virtualized environment. Further, the circuitry is configured to utilize the tenant key to decrypt the encrypted data and execute the workload without exposing the tenant key to a memory that is accessible to another workload associated with another tenant.

公开(公告)号：US20240168890A1

公开(公告)日：2024-05-23

申请号：US18058401

申请日：2022-11-23

Applicant: Intel Corporation

Inventor： Chitra Natarajan ,  Aneesh Aggarwal ,  Ritu Gupta ,  Niall Declan McDonnell ,  Kapil Sood ,  Youngsoo Choi ,  Asad Khan ,  Lokpraveen Mosur ,  Subhiksha Ravisundar ,  George Leonard Tkachuk

IPC: G06F12/12

CPC classification number: G06F12/12 ,  G06F2212/1021

Abstract: A processor package comprises a caching agent that is operable to respond to a first sequence of direct-to-cache (DTC) write misses to a partition in a set in a cache by writing data from those write misses to the partition. When the partition comprises W ways, the caching agent is operable to write data from those write misses to all W ways in the partition. After writing data from those write misses to the partition, and before any data from the partition in the set has been read, the caching agent is operable to receive a second sequence of DTC write misses to the partition, and in response, complete those write misses while retaining the data from the first sequence in at least W-1 of the ways in the partition. Other embodiments are described and claimed.

公开(公告)号：US11936637B2

公开(公告)日：2024-03-19

申请号：US18047934

申请日：2022-10-19

Applicant: Intel Corporation

Inventor： Kapil Sood ,  Seosamh O'Riordain ,  Ned M. Smith ,  Tarun Viswanathan

IPC: H04L9/40 ,  G06F9/4401 ,  G06F9/455 ,  G06F9/46 ,  G06F9/50 ,  G06F21/53 ,  G06F21/57 ,  G06F21/62

CPC classification number: H04L63/06 ,  G06F9/4401 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/468 ,  G06F9/5077 ,  G06F21/53 ,  G06F21/57 ,  G06F21/6209 ,  H04L63/0435 ,  H04L63/062 ,  H04L63/083 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Technologies for providing secure utilization of tenant keys include a compute device. The compute device includes circuitry configured to obtain a tenant key. The circuitry is also configured to receive encrypted data associated with a tenant. The encrypted data defines an encrypted image that is executable by the compute device to perform a workload on behalf of the tenant in a virtualized environment. Further, the circuitry is configured to utilize the tenant key to decrypt the encrypted data and execute the workload without exposing the tenant key to a memory that is accessible to another workload associated with another tenant.

公开(公告)号：US11775621B2

公开(公告)日：2023-10-03

申请号：US17991592

申请日：2022-11-21

Applicant: Intel Corporation

Inventor： Malini K. Bhandaru ,  Kapil Sood ,  Christian Maciocco ,  Isaku Yamahata ,  Yunhong Jiang

IPC: G06F21/00 ,  G06F21/10

CPC classification number: G06F21/105 ,  G06F2221/0704 ,  G06F2221/0711 ,  G06F2221/0773

Abstract: At least one machine readable medium comprising a plurality of instructions that in response to being executed by a system cause the system to send a unique identifier to a license server, establish a secure channel based on the unique identifier, request a license for activating an appliance from a license server over the secure channel, receive license data from the license server over the secure channel; determine whether the license is valid, and activate the appliance in response to a determination that the license data is valid.

公开(公告)号：US20230289229A1

公开(公告)日：2023-09-14

申请号：US17854322

申请日：2022-06-30

Applicant: Intel Corporation

Inventor： Utkarsh Y. Kakaiya ,  Saurabh Gayen ,  Kapil Sood ,  Naveen Lakkakula

IPC: G06F9/50 ,  G06F9/48 ,  G06F21/57

CPC classification number: G06F9/5027 ,  G06F9/4881 ,  G06F21/57

Abstract: Methods and apparatus relating to confidential computing extensions for highly scalable accelerators are described. One or more embodiments provide extensions for scalable accelerator(s) to be able to directly assign accelerator work-queue(s) to Trusted Execution Environment (TEE) Virtual Machines (TVMs). Other embodiments are also disclosed and claimed.

公开(公告)号：US20230095881A1

公开(公告)日：2023-03-30

申请号：US17991592

申请日：2022-11-21

Applicant: Intel Corporation

Inventor： Malini K. Bhandaru ,  Kapil Sood ,  Christian Maciocco ,  Isaku Yamahata ,  Yunhong Jiang

IPC: G06F21/10

Abstract: At least one machine readable medium comprising a plurality of instructions that in response to being executed by a system cause the system to send a unique identifier to a license server, establish a secure channel based on the unique identifier, request a license for activating an appliance from a license server over the secure channel, receive license data from the license server over the secure channel; determine whether the license is valid, and activate the appliance in response to a determination that the license data is valid.

公开(公告)号：US20220350912A1

公开(公告)日：2022-11-03

申请号：US17745740

申请日：2022-05-16

Applicant: Intel Corporation

Inventor： David J. Harriman ,  Ioannis T. Schoinas ,  Kapil Sood ,  Raghunandan Makaram ,  Yu-Yuan Chen

IPC: G06F21/62 ,  G06F21/64

Abstract: First data is stored. A request for the first data is received from a communication device over a link established with a communication device. An access control engine comprising circuitry is to control access to the first data to the communication device based on an authentication state of the communication device and a protection state of the link.