Providing silicon integrated code for a system
    2.
    发明授权
    Providing silicon integrated code for a system 有权
    为系统提供硅集成代码

    公开(公告)号:US09098300B2

    公开(公告)日:2015-08-04

    申请号:US13935767

    申请日:2013-07-05

    Abstract: In one embodiment, a semiconductor integrated code (SIC) may be provided in a binary format by a processor manufacturer. This SIC may include platform independent code of the processor manufacturer. Such code may include embedded processor logic to initialize the processor and at least one link that couples the processor to a memory, and embedded memory logic to initialize the memory. Other embodiments are described and claimed.

    Abstract translation: 在一个实施例中,半导体集成代码(SIC)可由处理器制造商以二进制格式提供。 该SIC可以包括处理器制造商的平台无关代码。 这样的代码可以包括用于初始化处理器的嵌入式处理器逻辑和将处理器耦合到存储器的至少一个链路以及嵌入式存储器逻辑以初始化存储器。 描述和要求保护其他实施例。

    Method, Apparatus And System For Transparent Unification Of Virtual Machines

    公开(公告)号:US20180253327A1

    公开(公告)日:2018-09-06

    申请号:US15970939

    申请日:2018-05-04

    Abstract: A computing device comprises instructions that, when executed, enable the computing device to present a logical representation of a unified view of virtual machines (VMs), each of which executes a respective application in the computing device. The logical representation of the unified view includes a plurality of graphical user interface (GUI) elements for the applications. The operation of presenting the logical representation of the unified view is performed, at least in part, by a unification console that executes in a dedicated VM. The unification console also facilitates operations such as receiving user input pertaining to a selected application among the applications and receiving application output from the selected application. The user input from the unification console is redirected to the selected application in its respective VM. Output is rendered for the user, based on the application output received by the unification console. Other embodiments are described and claimed.

    Virtual environment manager
    5.
    发明授权

    公开(公告)号:US10019273B2

    公开(公告)日:2018-07-10

    申请号:US14538451

    申请日:2014-11-11

    Abstract: A virtual environment manager (“VEM”) simplifies the usability of virtual machines and provides users with an enhanced design for creating and/or for managing virtual machines (“VMs”). For example, a user can select description information and management information to be included in descriptors and according to which a VEM will create and manage various VM environments for various host environments. The VEM automatically creates the VM environments and host environments by sending descriptor description information and data files associated with the description information to virtual machine monitors (VMMs), which create the VM environments according to the description information. A VEM at each host may manage VM environments executed by the VMM, according to the descriptor management information. Thus, a set of descriptors to create and manage a set of VMs for a home computer may be easily modified by a user to create and manage a set of VMs for a work or laptop computer.

    TECHNOLOGIES FOR END-TO-END BIOMETRIC-BASED AUTHENTICATION AND PLATFORM LOCALITY ASSERTION

    公开(公告)号:US20170104597A1

    公开(公告)日:2017-04-13

    申请号:US14974893

    申请日:2015-12-18

    CPC classification number: H04L9/3231 H04L9/0816 H04L9/0825

    Abstract: Technologies for end-to-end biometric-based authentication and locality assertion include a computing device with one or more biometric devices. The computing device may securely exchange a key between a driver and a secure enclave. The driver may receive biometric data from the biometric sensor in a virtualization-protected memory buffer and encrypt the biometric data with the shared key. The secure enclave may decrypt the biometric data and perform a biometric authentication operation. The computing device may measure a virtual machine monitor (VMM) to generate attestation information for the VMM. A secure enclave may execute a virtualization report instruction to request the attestation information. The processor may copy the attestation information into the secure enclave memory. The secure enclave may verify the attestation information with a remote attestation server. If verified, the secure enclave may provide a shared secret to the VMM. Other embodiments are described and claimed.

    SYSTEM, APPARATUS AND METHOD FOR CONTROLLING MULTIPLE TRUSTED EXECUTION ENVIRONMENTS IN A SYSTEM
    7.
    发明申请
    SYSTEM, APPARATUS AND METHOD FOR CONTROLLING MULTIPLE TRUSTED EXECUTION ENVIRONMENTS IN A SYSTEM 审中-公开
    用于控制系统中多个受感染执行环境的系统,装置和方法

    公开(公告)号:US20160350534A1

    公开(公告)日:2016-12-01

    申请号:US14725310

    申请日:2015-05-29

    Abstract: In an embodiment, a system is adapted to: record at least one measurement of a virtual trusted execution environment in a storage of the system and generate a secret sealed to a state of this measurement; create, using the virtual trusted execution environment, an isolated environment including a secure enclave and an application, the virtual trusted execution environment to protect the isolated environment; receive, in the application, a first measurement quote associated with the virtual trusted execution environment and a second measurement quote associated with the secure enclave; and communicate quote information regarding the first and second measurement quotes to a remote attestation service to enable the remote attestation service to verify the virtual trusted execution environment and the secure enclave, and responsive to the verification the secret is to be provided to the virtual trusted execution environment and the isolated environment. Other embodiments are described and claimed.

    Abstract translation: 在一个实施例中,系统适于:将虚拟可信执行环境的至少一个测量记录在系统的存储器中,并生成密封到该测量的状态的秘密; 创建,使用虚拟可信执行环境,包括安全飞地和应用程序的隔离环境,保护隔离环境的虚拟可信执行环境; 在所述应用中接收与所述虚拟可信执行环境相关联的第一测量报价和与所述安全飞地相关联的第二测量报价; 并且将关于第一和第二测量报价的报价信息传达到远程认证服务,以使远程认证服务能够验证虚拟可信执行环境和安全飞地,并且响应于验证,将秘密提供给虚拟可信执行 环境和孤立的环境。 描述和要求保护其他实施例。

    Verified sensor data processing
    8.
    发明授权
    Verified sensor data processing 有权
    验证传感器数据处理

    公开(公告)号:US09124635B2

    公开(公告)日:2015-09-01

    申请号:US13690666

    申请日:2012-11-30

    CPC classification number: H04L63/20 G06K9/00228 H04L63/105 H04L67/24

    Abstract: Sensor data may be filtered in a secure environment. The filtering may limit distribution of the sensor data. Filtering may modify the sensor data, for example, to prevent identification of a person depicted in a captured image or to prevent acquiring a user's precise location. Filtering may also add or require other data use controls to access the data. Attestation that a filter policy is being applied and working properly or not may be provided as well.

    Abstract translation: 传感器数据可能会在安全的环境中进行过滤。 滤波可能会限制传感器数据的分布。 过滤可以修改传感器数据,例如,以防止识别拍摄图像中描绘的人,或阻止获取用户的精确位置。 过滤还可以添加或要求其他数据使用控制来访问数据。 也可以提供过滤器策略正在应用和正常工作的证明。

    TECHNOLOGIES FOR END-TO-END BIOMETRIC-BASED AUTHENTICATION AND PLATFORM LOCALITY ASSERTION

    公开(公告)号:US20190036699A1

    公开(公告)日:2019-01-31

    申请号:US16133952

    申请日:2018-09-18

    CPC classification number: H04L9/3231 H04L9/0816 H04L9/0825

    Abstract: Technologies for end-to-end biometric-based authentication and locality assertion include a computing device with one or more biometric devices. The computing device may securely exchange a key between a driver and a secure enclave. The driver may receive biometric data from the biometric sensor in a virtualization-protected memory buffer and encrypt the biometric data with the shared key. The secure enclave may decrypt the biometric data and perform a biometric authentication operation. The computing device may measure a virtual machine monitor (VMM) to generate attestation information for the VMM. A secure enclave may execute a virtualization report instruction to request the attestation information. The processor may copy the attestation information into the secure enclave memory. The secure enclave may verify the attestation information with a remote attestation server. If verified, the secure enclave may provide a shared secret to the VMM. Other embodiments are described and claimed.

    VIRTUAL ENVIRONMENT MANAGER
    10.
    发明申请

    公开(公告)号:US20150074663A1

    公开(公告)日:2015-03-12

    申请号:US14520045

    申请日:2014-10-21

    Abstract: A virtual environment manager (“VEM”) simplifies the usability of virtual machines and provides users with an enhanced design for creating and/or for managing virtual machines (“VMs”). For example, a user can select description information and management information to be included in descriptors and according to which a VEM will create and manage various VM environments for various host environments. The VEM automatically creates the VM environments and host environments by sending descriptor description information and data files associated with the description information to virtual machine monitors (VMMs), which create the VM environments according to the description information. A VEM at each host may manage VM environments executed by the VMM, according to the descriptor management information. Thus, a set of descriptors to create and manage a set of VMs for a home computer may be easily modified by a user to create and manage a set of VMs for a work or laptop computer.

Patent Agency Ranking