-
公开(公告)号:US11799651B2
公开(公告)日:2023-10-24
申请号:US16315867
申请日:2019-01-04
申请人: Baidu USA LLC , Baidu.com Times Technology (Beijing) Co., Ltd. , KUNLUNXIN TECHNOLOGY (BEIJING) COMPANY LIMITED
发明人: Yong Liu , Yueqiang Cheng , Jian Ouyang , Tao Wei
IPC分类号: H04L9/32 , G06F7/58 , H04L9/30 , H04L67/141
CPC分类号: H04L9/32 , G06F7/588 , H04L9/30 , H04L9/3265 , H04L67/141
摘要: According to one embodiment, a DP accelerator includes one or more execution units (EUs) configured to perform data processing operations in response to an instruction received from a host system coupled over a bus. The DP accelerator includes a time unit (TU) coupled to the security unit to provide timestamp services. The DP accelerator includes a security unit (SU) configured to establish and maintain a secure channel with the host system to exchange commands and data associated with the data processing operations, where the security unit includes a secure storage area to store a private root key associated with the DP accelerator, where the private root key is utilized for authentication. The SU includes a random number generator to generate a random number, and a cryptographic engine to perform cryptographic operations on data exchanged with the host system over the bus using a session key derived based on the random number.
-
公开(公告)号:US11616651B2
公开(公告)日:2023-03-28
申请号:US16315973
申请日:2019-01-04
申请人: Baidu USA LLC , Baidu.com Times Technology (Beijing) Co., Ltd. , KUNLUNXIN TECHNOLOGY (BEIJING) COMPANY LIMITED
发明人: Yong Liu , Yueqiang Cheng , Jian Ouyang , Tao Wei
摘要: According to one embodiment, a system receives, at a host channel manager (HCM) of a host system, a request from an application to establish a secure channel with a data processing (DP) accelerator, where the DP accelerator is coupled to the host system over a bus. In response to the request, the system generates a first session key for the secure channel based on a first private key of a first key pair associated with the HCM and a second public key of a second key pair associated with the DP accelerator. In response to a first data associated with the application to be sent to the DP accelerator, the system encrypts the first data using the first session key. The system then transmits the encrypted first data to the DP accelerator via the secure channel over the bus.
-
公开(公告)号:US11281251B2
公开(公告)日:2022-03-22
申请号:US16315924
申请日:2019-01-04
发明人: Yong Liu , Yueqiang Cheng , Jian Ouyang , Tao Wei
IPC分类号: G06F1/00 , G06F1/10 , G06F1/08 , G06F9/38 , H04L67/142
摘要: According to one embodiment, a DP accelerator includes one or more execution units (EUs) configured to perform data processing operations in response to an instruction received from a host system coupled over a bus. The DP accelerator includes a security unit (SU) configured to establish and maintain a secure channel with the host system to exchange commands and data associated with the data processing operations. The DP accelerator includes a time unit (TU) coupled to the security unit to provide timestamp services to the security unit, where the time unit includes a clock generator to generate clock signals locally without having to derive the clock signals from an external source. The TU includes a timestamp generator coupled to the clock generator to generate a timestamp based on the clock signals, and a power supply to provide power to the clock generator and the timestamp generator.
-
公开(公告)号:US11693970B2
公开(公告)日:2023-07-04
申请号:US16315957
申请日:2019-01-04
申请人: Baidu USA LLC , Baidu.com Times Technology (Beijing) Co., Ltd. , KUNLUNXIN TECHNOLOGY (BEIJING) COMPANY LIMITED
发明人: Yong Liu , Yueqiang Cheng , Jian Ouyang , Tao Wei
CPC分类号: G06F21/575 , G06F9/5027 , G06F21/53
摘要: According to one embodiment, a system performs a secure boot using a security module such as a trusted platform module (TPM) of a host system. The system establishes a trusted execution environment (TEE) associated with one or more processors of the host system. The system launches a memory manager within the TEE, where the memory manager is configured to manage memory resources of a data processing (DP) accelerator coupled to the host system over a bus, including maintaining memory usage information of global memory of the DP accelerator. In response to a request received from an application running within the TEE for accessing a memory location of the DP accelerator, the system allows or denies the request based on the memory usage information.
-
公开(公告)号:US11409534B2
公开(公告)日:2022-08-09
申请号:US16315987
申请日:2019-01-04
发明人: Yueqiang Cheng , Yong Liu , Tao Wei , Jian Ouyang
摘要: According to one embodiment, a system receives, at a host system a public attestation key (PK_ATT) or a signed PK_ATT from a data processing (DP) accelerator over a bus. The system verifies the PK_ATT using a public root key (PK_RK) associated with the DP accelerator. In response to successfully verifying the PK_ATT, the system transmits a kernel identifier (ID) to the DP accelerator to request attesting a kernel object stored in the DP accelerator. In response to the system receives a kernel digest or a signed kernel digest corresponding to the kernel object from the DP accelerator, verifying the kernel digest using the PK_ATT. The system sends the verification results to the DP accelerator for the DP accelerator to access the kernel object based on the verification results.
-
公开(公告)号:US11374734B2
公开(公告)日:2022-06-28
申请号:US16315998
申请日:2019-01-04
申请人: Baidu USA LLC , Baidu.com Times Technology (Beijing) Co., Ltd. , KUNLUNXIN TECHNOLOGY (BEIJING) COMPANY LIMITED
发明人: Yueqiang Cheng , Yong Liu , Tao Wei , Jian Ouyang
摘要: A system is disclosed that receives, at a host system from a data processing (DP) accelerator, an accelerator identifier (ID) that uniquely identifies the DP accelerator, wherein the host system is coupled to the DP accelerator over a bus. The system transmits the accelerator ID to a predetermined trusted server over a network. The system receives a certificate from the predetermined trusted server over the network, the certificate certifying the DP accelerator. The system extracts a public root key (PK_RK) from the certificate for verification, the PK_RK corresponding to a private root key (SK_RK) associated with the DP accelerator. The system establishes a secure channel with the DP accelerator using the PK_RK based on the verification to exchange data securely between the host system and the DP accelerator.
-
公开(公告)号:US11328075B2
公开(公告)日:2022-05-10
申请号:US16315939
申请日:2019-01-04
发明人: Yong Liu , Yueqiang Cheng , Jian Ouyang , Tao Wei
摘要: According to one embodiment, a system establishes a secure connection between a host system and a data processing (DP) accelerator over a bus, the secure connection including one or more data channels. The system transmits a first instruction from the host system to the DP accelerator over a command channel, the first instruction requesting the DP accelerator to perform a data preparation operation. The system receives a first request to read a first data from a first memory location of the host system from the DP accelerator over one data channel. In response to the request, the system transmits the first data to the DP accelerator over the data channel, where the first data is utilized for a computation or a configuration operation. The system transmits a second instruction from the host system to the DP accelerator over the command channel to perform the computation or the configuration operation.
-
公开(公告)号:US11609766B2
公开(公告)日:2023-03-21
申请号:US16315890
申请日:2019-01-04
申请人: Baidu USA LLC , Baidu.com Times Technology (Beijing) Co., Ltd. , KUNLUNXIN TECHNOLOGY (BEIJING) COMPANY LIMITED
发明人: Yueqiang Cheng , Yong Liu , Tao Wei , Jian Ouyang
IPC分类号: G06F9/4401 , G06F9/30 , G06F9/38 , G06F9/54
摘要: According to one embodiment, a data processing system performs a secure boot using a security module (e.g., a trusted platform module (TPM)) of a host system. The system verifies that an operating system (OS) and one or more drivers including an accelerator driver associated with a data processing (DP) accelerator is provided by a trusted source. The system launches the accelerator driver within the OS. The system generates a trusted execution environment (TEE) associated with one or more processors of the host system. The system launches an application and a runtime library within the TEE, where the application communicates with the DP accelerator via the runtime library and the accelerator driver.
-
公开(公告)号:US11233652B2
公开(公告)日:2022-01-25
申请号:US16316011
申请日:2019-01-04
发明人: Yueqiang Cheng , Yong Liu , Tao Wei , Jian Ouyang
摘要: According to one embodiment, in response to receiving a temporary public key (PK_d) from a data processing (DP) accelerator, a system generates a first nonce (nc) at the host system, where the DP accelerator is coupled to the host system over a bus. The system transmits a request to create a session key from the host system to the DP accelerator, the request including a host public key (PK_O) and the first nonce. The system receives a second nonce (ns) from the DP accelerator, where the second nonce is encrypted using the host public key and a temporary private key (SK_d) corresponding to the temporary public key. The system generates a first session key based on the first nonce and the second nonce, which is utilized to encrypt or decrypt subsequent data exchanges between the host system and the DP accelerator.
-
公开(公告)号:US11709712B2
公开(公告)日:2023-07-25
申请号:US16598281
申请日:2019-10-10
申请人: Baidu USA LLC
发明人: Yueqiang Cheng , Yong Liu
CPC分类号: G06F9/5027 , G06F21/16 , G06N5/04 , G06N20/10
摘要: In one embodiment, a computer-implemented method performed by a data processing (DP) accelerator, includes receiving, at the DP accelerator, first data representing a set of training data from a host processor; receiving, at the DP accelerator, a watermark kernel from the host processor; and executing the watermark kernel within the DP accelerator on an artificial intelligence (AI) model. The watermark kernel, when executed, is configured to: generate a new watermark by inheriting an existing watermark from a data object of the set of training data, train the AI model using the set of training data, and implant the new watermark within the AI model during training of the AI model. The DP accelerator then transmits second data representing the trained AI model having the new watermark implanted therein to the host processor.
-
-
-
-
-
-
-
-
-
搜索结果
41 条记录 (耗时 0.023 秒)
