-
公开(公告)号:US11609766B2
公开(公告)日:2023-03-21
申请号:US16315890
申请日:2019-01-04
申请人: Baidu USA LLC , Baidu.com Times Technology (Beijing) Co., Ltd. , KUNLUNXIN TECHNOLOGY (BEIJING) COMPANY LIMITED
发明人: Yueqiang Cheng , Yong Liu , Tao Wei , Jian Ouyang
IPC分类号: G06F9/4401 , G06F9/30 , G06F9/38 , G06F9/54
摘要: According to one embodiment, a data processing system performs a secure boot using a security module (e.g., a trusted platform module (TPM)) of a host system. The system verifies that an operating system (OS) and one or more drivers including an accelerator driver associated with a data processing (DP) accelerator is provided by a trusted source. The system launches the accelerator driver within the OS. The system generates a trusted execution environment (TEE) associated with one or more processors of the host system. The system launches an application and a runtime library within the TEE, where the application communicates with the DP accelerator via the runtime library and the accelerator driver.
-
公开(公告)号:US11775347B2
公开(公告)日:2023-10-03
申请号:US16598129
申请日:2019-10-10
发明人: Yueqiang Cheng , Yong Liu
CPC分类号: G06F9/5027 , G06F21/16 , G06N5/04 , G06N20/10
摘要: In one embodiment, a computer-implemented method performed by a data processing (DP) accelerator includes receiving, at the DP accelerator, first data representing an artificial intelligence (AI) model that has been previously trained from a host processor; receiving, at the DP accelerator, a request to implant a watermark in the AI model from the host processor; and implanting, by the DP accelerator, the watermark within the AI model. The DP accelerator then transmits second data representing the AI model having the watermark implanted therein to the host processor. In embodiment, the method further includes extracting, at the DP accelerator, a watermark algorithm identifier (ID) from the request to implant a watermark; and generating the watermark using a watermark algorithm identified by the watermark algorithm ID.
-
公开(公告)号:US11693970B2
公开(公告)日:2023-07-04
申请号:US16315957
申请日:2019-01-04
申请人: Baidu USA LLC , Baidu.com Times Technology (Beijing) Co., Ltd. , KUNLUNXIN TECHNOLOGY (BEIJING) COMPANY LIMITED
发明人: Yong Liu , Yueqiang Cheng , Jian Ouyang , Tao Wei
CPC分类号: G06F21/575 , G06F9/5027 , G06F21/53
摘要: According to one embodiment, a system performs a secure boot using a security module such as a trusted platform module (TPM) of a host system. The system establishes a trusted execution environment (TEE) associated with one or more processors of the host system. The system launches a memory manager within the TEE, where the memory manager is configured to manage memory resources of a data processing (DP) accelerator coupled to the host system over a bus, including maintaining memory usage information of global memory of the DP accelerator. In response to a request received from an application running within the TEE for accessing a memory location of the DP accelerator, the system allows or denies the request based on the memory usage information.
-
公开(公告)号:US11645586B2
公开(公告)日:2023-05-09
申请号:US16598086
申请日:2019-10-10
发明人: Yueqiang Cheng , Yong Liu
CPC分类号: G06N20/10 , G06F21/16 , G06N5/02 , G06F2221/0733
摘要: In one embodiment, a computer-implemented method performed by a data processing (DP) accelerator, the method includes receiving, at the DP accelerator, first data representing a set of training data from a host processor and performing training of an artificial intelligence (AI) model based on the set of training data within the DP accelerator. The method further includes implanting, by the DP accelerator, a watermark within the trained AI model and transmitting second data representing the trained AI model having the watermark implanted therein to the host processor. In an embodiment, the method further includes receiving a pre-trained machine learning model; and performing training for the pre-trained AI model based on the set of training data within the DP accelerator.
-
公开(公告)号:US11775692B2
公开(公告)日:2023-10-03
申请号:US16598428
申请日:2019-10-10
发明人: Yong Liu , Yueqiang Cheng
CPC分类号: G06F21/74 , G06F21/53 , G06F21/72 , H04L9/0838
摘要: In one embodiment, a computer-implemented method of a data processing (DP) accelerator encrypting or decrypting input data can include receiving, from a host device, a command, the input data, and a kernel. The kernel can be an encryption kernel, or a decryption kernel, and the DP accelerator need not know which kernel it has received. The DP accelerator runs the received kernel. In response to the DP accelerator receiving the command, the DP accelerator performs encrypting of the input data using the kernel, if the received kernel is an encryption kernel, otherwise, decrypting the input data using the kernel. The encrypted, or decrypted, input data is then provided to the host device.
-
6.发明授权公开(公告)号:US11728996B2
公开(公告)日:2023-08-15
申请号:US16709020
申请日:2019-12-10
发明人: Yong Liu , Yueqiang Cheng
IPC分类号: H04L9/32 , H04L9/08 , G06F9/54 , H04L45/586
CPC分类号: H04L9/3242 , G06F9/542 , G06F9/546 , H04L9/0825 , H04L45/586
摘要: Embodiments disclose systems and methods to broadcast a message among virtual DP accelerators (DPAs). In one embodiment, in response to receiving a broadcast instruction from an application via a communication switch, the broadcast instruction designating one or more virtual DP accelerators of a plurality of virtual DP accelerators to receive a broadcast message, a system encrypts the broadcast message based on a broadcast session key for a broadcast communication session. The system determines one or more public keys of one or more security key pairs each associated with one of the designated virtual DP accelerators. The system encrypts a plurality of the broadcast session key based on the determined one or more public keys. The system broadcasts the encrypted broadcast message, and the one or more encrypted broadcast session keys to the virtual DP accelerators.
-
公开(公告)号:US11558357B2
公开(公告)日:2023-01-17
申请号:US16693015
申请日:2019-11-22
发明人: Yong Liu , Yueqiang Cheng
摘要: A host processing device (“host”) instructs a plurality of data processing (DP) accelerators to configure themselves for secure communications. The host generates an adjacency table of each of the plurality of DP accelerators (“DPAs”). The host is communicatively coupled to the plurality of DPAs via a switch. The host transmits, to the switch, a list of the DPAs and instructs the switch to generate an adjacency table of the DPAs that includes a unique identifier of each DPAs and a communication port of the switch associated with the DPA. The host establishes a session key communication with each DPA and sends the DPA a list of other DPAs that the DPA is to establish a session key with, for secure communications between the DPAs. The DPA establishes a different session key for each pair of the plurality of DPAs. When all DPAs have established a session key for communication with other DPAs, the host can assign work tasks for performance by a plurality of DPAs, each communicating over a separately secured communication channel.
-
公开(公告)号:US11740940B2
公开(公告)日:2023-08-29
申请号:US16598318
申请日:2019-10-10
发明人: Yueqiang Cheng , Yong Liu
CPC分类号: G06F9/5027 , G06F21/16 , G06N5/04 , G06N20/10
摘要: In one embodiment, a computer-implemented method performed by a data processing (DP) accelerator, includes receiving, at the DP accelerator, an artificial intelligence (AI) model that has been previously trained and a set of input data from a host processor; receiving, at the DP accelerator, a watermark kernel from the host processor; executing the watermark kernel within the DP accelerator on the AI model and the set of input data. The watermark kernel, when executed, is configured to: generate a new watermark by inheriting an existing watermark from a data object of the set of input data or the AI model, perform an AI inference using the AI model based on the input data to generate output data, and implant the new watermark within the output data. The DP accelerator then transmits output data having the new watermark implanted therein to the host processor.
-
公开(公告)号:US11516010B2
公开(公告)日:2022-11-29
申请号:US16709240
申请日:2019-12-10
发明人: Yong Liu , Yueqiang Cheng
摘要: Embodiments disclosed systems and methods to broadcast a message to one or more virtual data processing (DP) accelerators. In response to receiving a broadcast instruction from an application, the broadcast instruction designating one or more virtual DP accelerators of a plurality of virtual DP accelerators to receive a broadcast message, the system encrypts the broadcast message based on a broadcast session key for a broadcast communication session. The system determines one or more public keys of one or more security key pairs each associated with one of the designated virtual DP accelerators. The system encrypts the broadcast session key based on the determined one or more public keys. The system broadcasts the encrypted broadcast message, and the one or more encrypted broadcast session keys to adjacent virtual DP accelerators for propagation.
-
公开(公告)号:US11374734B2
公开(公告)日:2022-06-28
申请号:US16315998
申请日:2019-01-04
申请人: Baidu USA LLC , Baidu.com Times Technology (Beijing) Co., Ltd. , KUNLUNXIN TECHNOLOGY (BEIJING) COMPANY LIMITED
发明人: Yueqiang Cheng , Yong Liu , Tao Wei , Jian Ouyang
摘要: A system is disclosed that receives, at a host system from a data processing (DP) accelerator, an accelerator identifier (ID) that uniquely identifies the DP accelerator, wherein the host system is coupled to the DP accelerator over a bus. The system transmits the accelerator ID to a predetermined trusted server over a network. The system receives a certificate from the predetermined trusted server over the network, the certificate certifying the DP accelerator. The system extracts a public root key (PK_RK) from the certificate for verification, the PK_RK corresponding to a private root key (SK_RK) associated with the DP accelerator. The system establishes a secure channel with the DP accelerator using the PK_RK based on the verification to exchange data securely between the host system and the DP accelerator.
-
-
-
-
-
-
-
-
-
搜索结果
41 条记录 (耗时 0.024 秒)
