公开(公告)号：US09727345B2

公开(公告)日：2017-08-08

申请号：US13854001

申请日：2013-03-29

Applicant: Intel Corporation

Inventor： Eliezer Weissmann ,  Rinat Rappoport ,  Michael Mishaeli ,  Hisham Shafi ,  Oron Lenz ,  Jason W. Brandt ,  Stephen A. Fischer ,  Bret L. Toll ,  Inder M. Sodhi ,  Alon Naveh ,  Ganapati N. Srinivasa ,  Ashish V. Choubal ,  Scott D. Hahn ,  David A. Koufaty ,  Russell J. Fenger ,  Gaurav Khanna ,  Eugene Gorbatov ,  Mishali Naik ,  Andrew J. Herdrich ,  Abirami Prabhakaran ,  Sanjeev S. Sahagirdar ,  Paul Brett ,  Paolo Narvaez ,  Andrew D. Henroid ,  Dheeraj R. Subbareddy

IPC: G06F9/44 ,  G06F9/455 ,  G06F9/50

CPC classification number: G06F9/4401 ,  G06F9/45558 ,  G06F9/5077 ,  G06F9/5094 ,  Y02D10/22 ,  Y02D10/36

Abstract: A heterogeneous processor architecture and a method of booting a heterogeneous processor is described. A processor according to one embodiment comprises: a set of large physical processor cores; a set of small physical processor cores having relatively lower performance processing capabilities and relatively lower power usage relative to the large physical processor cores; and a package unit, to enable a bootstrap processor. The bootstrap processor initializes the homogeneous physical processor cores, while the heterogeneous processor presents the appearance of a homogeneous processor to a system firmware interface.

公开(公告)号：US11528258B2

公开(公告)日：2022-12-13

申请号：US16229964

申请日：2018-12-21

Applicant: INTEL CORPORATION

Inventor： Oron Lenz ,  Alex Nayshtut ,  Alex Berenzon ,  Ishai Nadler ,  Yoni Wolf

IPC: H04L29/00 ,  H04L9/40 ,  G06F21/60 ,  G06F21/57 ,  H04L9/08 ,  H04L67/10 ,  G06F16/182 ,  H04L9/06 ,  G06F21/64 ,  H04L9/00

Abstract: A system and apparatus for data confidentiality in a distributed ledger are disclosed. The system and apparatus preserve qualities of distributed ledgers, such as transparency, integrity, and redundancy, while also providing confidentiality, scalability, and security not previously available in distributed ledgers. The system includes a data confidentiality module that exploits a trusted execution environment for both transaction processing and key synchronization. The apparatus accessing the distributed ledger provides for new nodes joining the network, sending transactions to the ledger by existing nodes, securely processing the transaction using the trusted execution environment, securing transmission to the logic layer for application of business logic, reading and writing data to local storage, and reading encrypted transactions.

公开(公告)号：US10097554B2

公开(公告)日：2018-10-09

申请号：US15681955

申请日：2017-08-21

Applicant: Intel Corporation

Inventor： Oron Lenz ,  Noam Milshten ,  Ilya Berdichevsky

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/10

Abstract: Technologies for secure server access include a client computing device that loads a license agent into a secure enclave established by a processor of the client computing device. The license agent receives a request from an application to access a remote server device. The license agent opens a secure connection with the server device and performs remote attestation of the secure enclave. The license agent authenticates the user and transmits a machine identifier and a user identifier to the server device. The machine identifier may be based on an enclave sealing key of the client computing device. The server device verifies that the machine identifier and the user identifier are bound to a valid application license. If the machine identifier and the user identifier are successfully verified, the application communicates with the server device using the secure connection. Other embodiments are described and claimed.

公开(公告)号：US20180060078A1

公开(公告)日：2018-03-01

申请号：US15672254

申请日：2017-08-08

Applicant: Intel Corporation

Inventor： Eliezer Weissmann ,  Rinat Rappoport ,  Michael Mishaeli ,  Hisham Shafi ,  Oron Lenz ,  Jason W. Brandt ,  Stephen A. Fischer ,  Bret L. Toll ,  Inder M. Sodhi ,  Alon Naveh ,  Ganapati N. Srinivasa ,  Ashish V, Choubal ,  Scott D. Hahn ,  David A. Koufaty ,  Russel J. Fenger ,  Gaurav Khanna ,  Eugene Gorbatov ,  Mishali Naik ,  Andrew J. Herdrich ,  Abirami Prabhakaran ,  Sanjeev S. Sahagirdar ,  Paul Brett ,  Paolo Narvaez ,  Andrew D. Henroid ,  Dheeraj R. Subbareddy

IPC: G06F9/44 ,  G06F9/50 ,  G06F9/455

Abstract: A heterogeneous processor architecture and a method of booting a heterogeneous processor is described. A processor according to one embodiment comprises: a set of large physical processor cores; a set of small physical processor cores having relatively lower performance processing capabilities and relatively lower power usage relative to the large physical processor cores; and a package unit, to enable a bootstrap processor. The bootstrap processor initializes the homogeneous physical processor cores, while the heterogeneous processor presents the appearance of a homogeneous processor to a system firmware interface.

公开(公告)号：US09749323B2

公开(公告)日：2017-08-29

申请号：US14670959

申请日：2015-03-27

Applicant: Intel Corporation

Inventor： Oron Lenz ,  Noam Milshten ,  Ilya Berdichevsky

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/10

CPC classification number: H04L63/10 ,  G06F21/10 ,  G06F21/577 ,  H04L63/06 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/0876 ,  H04L63/102 ,  H04L2463/103

Abstract: Technologies for secure server access include a client computing device that loads a license agent into a secure enclave established by a processor of the client computing device. The license agent receives a request from an application to access a remote server device. The license agent opens a secure connection with the server device and performs remote attestation of the secure enclave. The license agent authenticates the user and transmits a machine identifier and a user identifier to the server device. The machine identifier may be based on an enclave sealing key of the client computing device. The server device verifies that the machine identifier and the user identifier are bound to a valid application license. If the machine identifier and the user identifier are successfully verified, the application communicates with the server device using the secure connection. Other embodiments are described and claimed.

公开(公告)号：US10135828B2

公开(公告)日：2018-11-20

申请号：US15681955

申请日：2017-08-21

Applicant: Intel Corporation

Inventor： Oron Lenz ,  Noam Milshten ,  Ilya Berdichevsky

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/10

Abstract: Technologies for secure server access include a client computing device that loads a license agent into a secure enclave established by a processor of the client computing device. The license agent receives a request from an application to access a remote server device. The license agent opens a secure connection with the server device and performs remote attestation of the secure enclave. The license agent authenticates the user and transmits a machine identifier and a user identifier to the server device. The machine identifier may be based on an enclave sealing key of the client computing device. The server device verifies that the machine identifier and the user identifier are bound to a valid application license. If the machine identifier and the user identifier are successfully verified, the application communicates with the server device using the secure connection. Other embodiments are described and claimed.

公开(公告)号：US20180041513A1

公开(公告)日：2018-02-08

申请号：US15681955

申请日：2017-08-21

Applicant: Intel Corporation

Inventor： Oron Lenz ,  Noam Milshten ,  Ilya Berdichevsky

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/10

CPC classification number: H04L63/10 ,  G06F21/10 ,  G06F21/577 ,  H04L63/06 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/0876 ,  H04L63/102 ,  H04L2463/103

Abstract: Technologies for secure server access include a client computing device that loads a license agent into a secure enclave established by a processor of the client computing device. The license agent receives a request from an application to access a remote server device. The license agent opens a secure connection with the server device and performs remote attestation of the secure enclave. The license agent authenticates the user and transmits a machine identifier and a user identifier to the server device. The machine identifier may be based on an enclave sealing key of the client computing device. The server device verifies that the machine identifier and the user identifier are bound to a valid application license. If the machine identifier and the user identifier are successfully verified, the application communicates with the server device using the secure connection. Other embodiments are described and claimed.