公开(公告)号：US12047503B2

公开(公告)日：2024-07-23

申请号：US18051825

申请日：2022-11-01

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Omer Ben-Shalom ,  Alex Nayshtut

IPC: H04L9/14 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04L9/14 ,  H04L9/0822 ,  H04L9/0825 ,  H04L9/0836 ,  H04L9/3247

Abstract: Technologies for secure collective authorization include multiple computing devices in communication over a network. A computing device may perform a join protocol with a group leader to receive a group private key that is associated with an interface implemented by the computing device. The interface may be an instance of an object model implemented by the computing device or membership of the computing device in a subsystem. The computing device receives a request for attestation to the interface, selects the group private key for the interface, and sends an attestation in response to the request. Another computing device may receive the attestation and verify the attestation with a group public key corresponding to the group private key. The group private key may be an enhanced privacy identifier (EPID) private key, and the group public key may be an EPID public key. Other embodiments are described and claimed.

公开(公告)号：US11354407B2

公开(公告)日：2022-06-07

申请号：US16235736

申请日：2018-12-28

Applicant: INTEL CORPORATION

Inventor： Omer Ben-Shalom ,  Hila Yitzhaki ,  Yoni Wolf ,  Dror Shilo ,  Gyora M. Benedek ,  Ezra Caltum

IPC: G06F21/55 ,  G06F21/56 ,  G06F21/53 ,  G06F21/57 ,  G06F21/64 ,  G06F21/60 ,  H04L9/40 ,  G06F21/74 ,  G06F8/41

Abstract: Various embodiments are generally directed to techniques for library behavior verification, such as by generating executables for software with indications of permitted behaviors by the library. Some embodiments are particularly directed to monitoring library behavior and performing one or more protective actions based on abnormal or unpermitted library behavior. In many embodiments, libraries and library manifests may be validated based on one or more signatures. In various embodiments, library behavior data comprising a set of permitted behaviors for the library may be determined based on the library manifest. In various such embodiments, a compiler may embed indications of the permitted library behavior in executables.

公开(公告)号：US20210264274A1

公开(公告)日：2021-08-26

申请号：US17314041

申请日：2021-05-06

Applicant: Intel Corporation

Inventor： Raizy Kellerman ,  Michael Kounavis ,  Omer Ben-Shalom ,  Alex Nayshtut ,  Oleg Pogorelik

IPC: G06N3/08 ,  H04L9/08 ,  G06N3/063

Abstract: Partitioning a deep neural network (DNN) model into one or more sets of one or more private layers and one or more sets of one or more public layers, a set of one or more private layers being at least one key in a cryptographic system; and deploying the partitioned DNN model on one or more computing systems.

公开(公告)号：US11082431B2

公开(公告)日：2021-08-03

申请号：US16532057

申请日：2019-08-05

Applicant: Intel Corporation

Inventor： Alex Nayshtut ,  Omer Ben-Shalom ,  Hong Li

IPC: H04L29/06 ,  G06F21/55 ,  G06F21/62 ,  H04L29/08 ,  H04W12/37

Abstract: Technologies to facilitate supervision of an online identify include a gateway server to facilitate and monitor access to an online service by a user of a “child” client computer device. The gateway server may include an identity manager to receive a request for access to the online service from the client computing device, retrieve access information to the online service, and facilitate access to the online service for the client computing device using the access information. The access information is kept confidential from the user. The gateway server may also include an activity monitor module to control activity between the client computing device and the online service based on the set of policy rules of a policy database. The gateway server may transmit notifications of such activity to a “parental” client computing device for review and/or approval, which also may be used to update the policy database.

公开(公告)号：US11076134B2

公开(公告)日：2021-07-27

申请号：US16883670

申请日：2020-05-26

Applicant: Intel Corporation

Inventor： Giuseppe Raffa ,  Glen J. Anderson ,  Lenitra M. Durham ,  Richard Beckwith ,  Kathy Yuen ,  Joshua Ekandem ,  Jamie Sherman ,  Ariel Moshkovitz ,  Omer Ben-Shalom ,  Jennifer Anne Healey ,  Stephen Brown ,  Tamara Gaidar ,  Yosi Govezensky

IPC: G06F17/00 ,  H04N7/18 ,  G05D1/00 ,  H04N5/232 ,  G08G5/00

Abstract: Various systems and methods for personal sensory drones are described herein. A personal sensory drone system includes a drone remote control system comprising: a task module to transmit a task to a drone swarm for the drone swarm to execute, the drone swarm including at least two drones; a transceiver to receive information from the drone swarm related to the task; and a user interface module to present a user interface based on the information received from the drone swarm.

公开(公告)号：US20210150025A1

公开(公告)日：2021-05-20

申请号：US17132934

申请日：2020-12-23

Applicant: Intel Corporation

Inventor： Omer Ben-Shalom ,  Alex Nayshtut ,  Behnam Eliyahu ,  Denis Klimov

IPC: G06F21/55 ,  G06F21/56 ,  G06F21/57 ,  G06F21/62

Abstract: A system and method of detecting and remediating attacks includes receiving operating system (OS) read/write data from an OS, the OS read/write data describing at least one of reads from and writes to a storage device over a file system interface of the OS; collecting storage device read/write data, the storage device read/write data describing at least one of reads from and writes to the storage device; comparing the OS read/write data to the storage device read/write data; and determining if there is a discrepancy between the OS read/write data and the storage device read/write data. If there is a discrepancy, determining if there is an anomaly detected between OS read/write data and the storage device read/write data. If there is an anomaly, causing a remediation action to be taken to stop a malware attack.

公开(公告)号：US20200329050A1

公开(公告)日：2020-10-15

申请号：US16913557

申请日：2020-06-26

Applicant: Intel Corporation

Inventor： Alex Nayshtut ,  Omer Ben-Shalom ,  Hong Li

IPC: H04L29/06 ,  G06F21/55 ,  G06F21/62 ,  H04L29/08 ,  H04W12/00

Abstract: Technologies to facilitate supervision of an online identify include a gateway server to facilitate and monitor access to an online service by a user of a “child” client computer device. The gateway server may include an identity manager to receive a request for access to the online service from the client computing device, retrieve access information to the online service, and facilitate access to the online service for the client computing device using the access information. The access information is kept confidential from the user. The gateway server may also include an activity monitor module to control activity between the client computing device and the online service based on the set of policy rules of a policy database. The gateway server may transmit notifications of such activity to a “parental” client computing device for review and/or approval, which also may be used to update the policy database.

公开(公告)号：US20190052819A1

公开(公告)日：2019-02-14

申请号：US15825876

申请日：2017-11-29

Applicant: Intel Corporation

Inventor： Oleg Pogorelik ,  Alex Nayshtut ,  Omer Ben-Shalom ,  Shay Pluderman ,  Roy Gavrielov

IPC: H04N5/272 ,  G06K9/46 ,  G06F17/30

Abstract: Methods, apparatus, systems and articles of manufacture to protect sensitive information in video collaboration systems are disclosed. A disclosed example method includes an analytics engine to recognize a feature in a first frame of a first video stream, a policy enforcer to apply an obscuration policy to the recognized feature to identify whether to mask the recognized feature, and a masker to obscure the recognized feature in the first frame to form a second frame in a second video stream.

公开(公告)号：US09912645B2

公开(公告)日：2018-03-06

申请号：US15198508

申请日：2016-06-30

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Omer Ben-Shalom ,  Alex Nayshtut

IPC: H04L29/06 ,  G06F21/62 ,  H04L9/30 ,  H04L29/08

CPC classification number: H04L63/0428 ,  G06F21/6218 ,  H04L9/30 ,  H04L63/083 ,  H04L63/10 ,  H04L67/10 ,  H04L67/12 ,  H04L69/22

Abstract: Methods and apparatus to securely share data are disclosed. An example includes retrieving, by executing an instruction with a processor at a first computing device associated with a first user of a cloud service, an encrypted archive file and a wrapped encryption key from a second computing device associated with a second user of the cloud service, the wrapped encryption key wrapped with key data associated with the first user of the cloud service at the second computing device, unwrapping the wrapped encryption key with the key data to obtain an unwrapped encryption key, and decrypting the encrypted archive file with the unwrapped encryption key to obtain a decrypted archive file.

公开(公告)号：US20160323264A1

公开(公告)日：2016-11-03

申请号：US14367434

申请日：2013-12-20

Applicant: INTEL CORPORATION

Inventor： Alex Nayshtut ,  Hormuzd M. Khosravi ,  Omer Ben-Shalom ,  Barry R. Pivitt ,  Ned M. Smith

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  H04L9/3268 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/061

Abstract: An embodiment includes a method executed by at least one processor of a first computing node comprising: generating a key pair including a first public key and a corresponding first private key; receiving an instance of a certificate, including a second public key, from a second computing node located remotely from the first computing node; associating the instance of the certificate with the key pair; receiving an additional instance of the certificate; verifying the additional instance of the certificate is associated with the key pair; and encrypting and exporting the first private key in response to verifying the additional instance of the certificate is associated with the key pair. Other embodiments are described herein.

Abstract translation: 实施例包括由第一计算节点的至少一个处理器执行的方法，包括：生成包括第一公钥和对应的第一私钥的密钥对; 从位于远离所述第一计算节点的第二计算节点接收包括第二公钥的证书的实例; 将证书的实例与密钥对相关联; 接收证书的附加实例; 验证证书的附加实例与密钥对相关联; 并且响应于验证证书的附加实例而加密和导出第一私钥与密钥对相关联。 本文描述了其它实施例。