中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

14 records (took 0.017 seconds)

    Using a second device to enroll a secure application enclave
    1.
    发明授权
    Using a second device to enroll a secure application enclave 有权

    公开(公告)号:US10437985B2

    公开(公告)日:2019-10-08

    申请号:US15283357

    申请日:2016-10-01

    Applicant: Intel Corporation

    Inventor: Jonathan Trostle Paritosh Saxena Ernie Brickell Thomas J. Barnes

    IPC: G06F21/53 G06F21/34 G06F21/44 G06F21/33

    Abstract: A method, apparatus, and computer-readable medium are provided to determine whether to enroll a computing device as a provider of a secure application enclave for an application. The following information is obtained from a second computing device: a device identifier for a first computing device, application information, and data for a shared secret. The first computing device is configured to provide a secure application enclave to support execution of the application associated with the application information, and the shared secret is shared between the secure application enclave and a user of the first computing device. A determination is made whether to enroll the first computing device as a provider of the secure application enclave for the application using the device identifier, the application information, and the data for the shared secret. The secure application enclave may be notified whether the enrollment of the first computing device is successful.

    Secure key storage
    2.
    发明授权
    Secure key storage 有权

    公开(公告)号:US10284368B2

    公开(公告)日:2019-05-07

    申请号:US15399568

    申请日:2017-01-05

    Applicant: Intel Corporation

    Inventor: Jiangtao Li Anand Rajan Roel Maes Sanu K Mathew Ram Krishnamurthy Ernie Brickell

    IPC: H04L29/06 H04L9/08 G09C1/00

    Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processor. In one embodiments, a key provisioner/tester apparatus may include a memory device to receive a unique hardware key generated by a first logic of a processor. The key provisioner/tester apparatus may further include a cipher device to permanently store an encrypted first key in nonvolatile memory of the processor, detect whether the stored encrypted first key is valid, and to isolate at least one of the first logic and the nonvolatile memory of the processor from all sources that are exterior to the processor in response to detecting that the stored encrypted first key is valid.

    Using a trusted execution environment as a trusted third party providing privacy for attestation
    5.
    发明授权
    Using a trusted execution environment as a trusted third party providing privacy for attestation 有权

    公开(公告)号:US10397005B2

    公开(公告)日:2019-08-27

    申请号:US15475896

    申请日:2017-03-31

    Applicant: Intel Corporation

    Inventor: Ernie Brickell

    IPC: H04L9/14 H04L9/32 H04L9/00 H04L9/30

    Abstract: A method, apparatus, and computer-readable medium providing instructions to cause a computing device to establish a portion of a memory of the computing device as a trusted execution environment and execute a trusted third party application within the trusted execution environment. The trusted third party application is to receive a signed public key and an identifier for a verifier from a user client attestation application executing on a client platform. The signed public key is signed with an identifiable platform attestation private key for the client platform. The trusted third party application is further to verify the signed public key, determine a policy of the verifier, encode the policy into a trusted third party anonymous certificate for the signed public key, issue the trusted third party anonymous certificate without including identification information of the client platform, and send the trusted third party anonymous certificate to the user client attestation application.

    ARBITRARY BASE VALUE FOR EPID CALCULATION
    7.
    发明申请
    ARBITRARY BASE VALUE FOR EPID CALCULATION 审中-公开

    公开(公告)号:US20180006822A1

    公开(公告)日:2018-01-04

    申请号:US15200477

    申请日:2016-07-01

    Applicant: Intel Corporation

    Inventor: Ernie Brickell

    IPC: H04L9/32 H04L9/30

    CPC classification number: H04L9/3247 H04L9/0833 H04L9/0872 H04L9/088 H04L9/30

    Abstract: Systems and methods for using an arbitrary base value for EPID calculations are provided herein. A system to use arbitrary base values in enhanced privacy ID (EPID) calculation, where the system includes a microcontroller; and a memory coupled to the microcontroller; wherein the microcontroller is to: obtain an arbitrary value at a member device, the member device being a member of a group of member devices, each member device in the group of member devices having a unique private EPID key assigned from a pool of private keys, where any of the pool of private keys is able to sign content that is verifiable by a single group public key, and the arbitrary value being one of a time-based value or a usage-based value; construct an EPID base using the arbitrary value; and transmit content signed with the private key using the EPID base to a verifier.

    Using A Trusted Execution Environment As A Trusted Third Party Providing Privacy For Attestation
    9.
    发明申请
    Using A Trusted Execution Environment As A Trusted Third Party Providing Privacy For Attestation 审中-公开

    公开(公告)号:US20180287802A1

    公开(公告)日:2018-10-04

    申请号:US15475896

    申请日:2017-03-31

    Applicant: Intel Corporation

    Inventor: Ernie Brickell

    IPC: H04L9/32 H04L9/14 H04L9/30

    CPC classification number: H04L9/3263 H04L9/006 H04L9/14 H04L9/3013 H04L9/302 H04L9/3066 H04L9/3247 H04L2209/127

    Abstract: A method, apparatus, and computer-readable medium providing instructions to cause a computing device to establish a portion of a memory of the computing device as a trusted execution environment and execute a trusted third party application within the trusted execution environment. The trusted third party application is to receive a signed public key and an identifier for a verifier from a user client attestation application executing on a client platform. The signed public key is signed with an identifiable platform attestation private key for the client platform. The trusted third party application is further to verify the signed public key, determine a policy of the verifier, encode the policy into a trusted third party anonymous certificate for the signed public key, issue the trusted third party anonymous certificate without including identification information of the client platform, and send the trusted third party anonymous certificate to the user client attestation application.

    LOCAL VERIFICATION OF CODE AUTHENTICATION
    10.
    发明申请
    LOCAL VERIFICATION OF CODE AUTHENTICATION 审中-公开

    公开(公告)号:US20190273738A1

    公开(公告)日:2019-09-05

    申请号:US16294538

    申请日:2019-03-06

    Applicant: Intel Corporation

    Inventor: Ernie Brickell

    IPC: H04L29/06 H04L9/32

    Abstract: Embodiments are directed to a computing device having execution hardware including at least one processor core, and non-volatile memory that stores verification module and a private symmetric key unique to the computing device. The verification module, when executed on the execution hardware, causes the execution hardware to perform pre-execution local authenticity verification of externally-supplied code in response to a command to launch that code. The local authenticity verification includes computation of a cryptographic message authentication code (MAC) of the externally-supplied code based on the private symmetric key, and verification of the MAC against a stored local authenticity verification value previously written to the non-volatile memory. In response to a positive verification of the of the MAC, execution of the externally-supplied code is permitted.

Patent Agency Ranking