-
公开(公告)号:US20190004974A1
公开(公告)日:2019-01-03
申请号:US15639119
申请日:2017-06-30
Applicant: INTEL CORPORATION
Inventor: Siddhartha Chhabra , Saeedeh Komijani
IPC: G06F12/14 , G06F12/0875
Abstract: Various embodiments are generally directed to techniques for crypto-aware cache partitioning, such as with a metadata cache for an integrity tree, for instance. Some embodiments are particularly directed to a cache manager that implements partitioning of a cryptographic metadata cache based on locality characteristics of the cryptographic metadata. For instance, locality characteristics of different levels of an integrity tree may be utilized to partition a metadata cache for the integrity tree.
-
公开(公告)号:US10325118B2
公开(公告)日:2019-06-18
申请号:US15861924
申请日:2018-01-04
Applicant: Intel Corporation
Inventor: Siddhartha Chhabra , Francis X. Mckeen , Carlos V. Rozas , Saeedeh Komijani , Tamara S. Lehman
Abstract: Memory security technologies are described. An example processing system includes a processor core and a memory controller coupled to the processor core and a memory. The processor core can receive a content read instruction from an application. The processor core can identify a cache line (CL) from a plurality of CLs of a cryptographic cache block (CCB) requested in the content read instruction. The processor core can load, from a cryptographic tree, tree nodes with security metadata. The processor core can retrieve, from the memory, the CCB. The processor core can generate a second MAC from the CCB. The processor core can compare the first MAC with the second MAC. The processor core can decrypt the CCB using security metadata when the first MAC matches the second MAC. The processor core can send at least the identified CL from the decrypted CCB to the application.
-
公开(公告)号:US20190042734A1
公开(公告)日:2019-02-07
申请号:US15848962
申请日:2017-12-20
Applicant: INTEL CORPORATION
Inventor: Michael Kounavis , David Durham , Sergej Deutsch , Saeedeh Komijani , Amitabh Das
Abstract: Logic may implement implicit integrity techniques to maintain integrity of data. Logic may perform operations on data stored in main memory, cache, flash, data storage, or any other memory. Logic may perform more than one pattern check to determine repetitions of entities within the data. Logic may determine entropy index values and/or Boolean values and/or may compare the results to threshold values to determine if a data unit is valid. Logic may merge a tag with the data unit without expanding the data unit to create an encoded data unit. Logic may decode and process the encoded data unit to determine the data unit and the tag. Logic may determine value histograms for two or more entities, determine a sum of repetitions of the two or more entities, and compare the sum to a threshold value. Logic may determine that a data unit is valid or is corrupted.
-
公开(公告)号:US10929527B2
公开(公告)日:2021-02-23
申请号:US15848962
申请日:2017-12-20
Applicant: INTEL CORPORATION
Inventor: Michael Kounavis , David Durham , Sergej Deutsch , Saeedeh Komijani , Amitabh Das
Abstract: Logic may implement implicit integrity techniques to maintain integrity of data. Logic may perform operations on data stored in main memory, cache, flash, data storage, or any other memory. Logic may perform more than one pattern check to determine repetitions of entities within the data. Logic may determine entropy index values and/or Boolean values and/or may compare the results to threshold values to determine if a data unit is valid. Logic may merge a tag with the data unit without expanding the data unit to create an encoded data unit. Logic may decode and process the encoded data unit to determine the data unit and the tag. Logic may determine value histograms for two or more entities, determine a sum of repetitions of the two or more entities, and compare the sum to a threshold value. Logic may determine that a data unit is valid or is corrupted.
-
公开(公告)号:US10528486B2
公开(公告)日:2020-01-07
申请号:US15639119
申请日:2017-06-30
Applicant: INTEL CORPORATION
Inventor: Siddhartha Chhabra , Saeedeh Komijani
IPC: G06F21/00 , G06F12/14 , G06F12/0875 , G06F21/79 , G06F21/85
Abstract: Various embodiments are generally directed to techniques for crypto-aware cache partitioning, such as with a metadata cache for an integrity tree, for instance. Some embodiments are particularly directed to a cache manager that implements partitioning of a cryptographic metadata cache based on locality characteristics of the cryptographic metadata. For instance, locality characteristics of different levels of an integrity tree may be utilized to partition a metadata cache for the integrity tree.
-
Patent Agency Ranking
公开(公告)号:US11010310B2
公开(公告)日:2021-05-18
申请号:US16777067
申请日:2020-01-30
Applicant: Intel Corporation
Inventor: David M. Durham , Siddhartha Chhabra , Michael E. Kounavis , Sergej Deutsch , Karanvir S. Grewal , Joseph F. Cihula , Saeedeh Komijani
Abstract: Apparatus, systems, computer readable storage mediums and/or methods may provide memory integrity by using unused physical address bits (or other metadata passed through cache) to manipulate cryptographic memory integrity values, allowing software memory allocation routines to control the assignment of pointers (e.g., implement one or more access control policies). Unused address bits (e.g., because of insufficient external memory) passed through cache, may encode key domain information in the address so that different key domain addresses alias to the same physical memory location. Accordingly, by mixing virtual memory mappings and cache line granularity aliasing, any page in memory may contain a different set of aliases at the cache line level and be non-deterministic to an adversary.
-
公开(公告)号:US20200278937A1
公开(公告)日:2020-09-03
申请号:US16777067
申请日:2020-01-30
Applicant: Intel Corporation
Inventor: David M. Durham , Siddhartha Chhabra , Michael E. Kounavis , Sergej Deutsch , Karanvir S. Grewal , Joseph F. Cihula , Saeedeh Komijani
Abstract: Apparatus, systems, computer readable storage mediums and/or methods may provide memory integrity by using unused physical address bits (or other metadata passed through cache) to manipulate cryptographic memory integrity values, allowing software memory allocation routines to control the assignment of pointers (e.g., implement one or more access control policies). Unused address bits (e.g., because of insufficient external memory) passed through cache, may encode key domain information in the address so that different key domain addresses alias to the same physical memory location. Accordingly, by mixing virtual memory mappings and cache line granularity aliasing, any page in memory may contain a different set of aliases at the cache line level and be non-deterministic to an adversary.
-
公开(公告)号:US10585809B2
公开(公告)日:2020-03-10
申请号:US15089140
申请日:2016-04-01
Applicant: Intel Corporation
Inventor: David M. Durham , Siddhartha Chhabra , Michael E. Kounavis , Sergej Deutsch , Karanvir S. Grewal , Joseph F. Cihula , Saeedeh Komijani
Abstract: Apparatus, systems, computer readable storage mediums and/or methods may provide memory integrity by using unused physical address bits (or other metadata passed through cache) to manipulate cryptographic memory integrity values, allowing software memory allocation routines to control the assignment of pointers (e.g., implement one or more access control policies). Unused address bits (e.g., because of insufficient external memory) passed through cache, may encode key domain information in the address so that different key domain addresses alias to the same physical memory location. Accordingly, by mixing virtual memory mappings and cache line granularity aliasing, any page in memory may contain a different set of aliases at the cache line level and be non-deterministic to an adversary.
-
公开(公告)号:US20180204025A1
公开(公告)日:2018-07-19
申请号:US15861924
申请日:2018-01-04
Applicant: Intel Corporation
Inventor: Siddhartha Chhabra , Francis X. Mckeen , Carlos V. Rozas , Saeedeh Komijani , Tamara S. Lehman
CPC classification number: G06F21/72 , G06F12/1408 , G06F21/64 , G06F21/78 , H04L9/002 , H04L9/0637 , H04L9/3242 , H04L2209/12
Abstract: Memory security technologies are described. An example processing system includes a processor core and a memory controller coupled to the processor core and a memory. The processor core can receive a content read instruction from an application. The processor core can identify a cache line (CL) from a plurality of CLs of a cryptographic cache block (CCB) requested in the content read instruction. The processor core can load, from a cryptographic tree, tree nodes with security metadata. The processor core can retrieve, from the memory, the CCB. The processor core can generate a second MAC from the CCB. The processor core can compare the first MAC with the second MAC. The processor core can decrypt the CCB using security metadata when the first MAC matches the second MAC. The processor core can send at least the identified CL from the decrypted CCB to the application.
-
10.发明授权公开(公告)号:US11455392B2
公开(公告)日:2022-09-27
申请号:US16370849
申请日:2019-03-29
Applicant: Intel Corporation
Inventor: Abhishek Basak , Li Chen , Salmin Sultana , Anna Trikalinou , Erdem Aktas , Saeedeh Komijani
IPC: G06F21/56 , G06F12/1027 , G06N20/00 , G06F21/55 , G06F21/79
Abstract: Methods, apparatus, systems and articles of manufacture are disclosed for anomalous memory access pattern detection for translational lookaside buffers. An example apparatus includes a communication interface to retrieve a first eviction data set from a translational lookaside buffer associated with a central processing unit; a machine learning engine to: generate an anomaly detection model based upon at least one of a second eviction data set not including an anomaly and a third eviction data set including the anomaly; and determine whether the anomaly is present in the first eviction data set based on the anomaly detection model; and an alert generator to at least one of modify a bit value or terminate memory access operations when the anomaly is determined to be present.
-
-
-
-
-
-
-
-
-
Search Results
13
records
(took 0.018 seconds)
