利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

19 条记录 (耗时 0.018 秒)

    SCALABLE RUNTIME VALIDATION FOR ON-DEVICE DESIGN RULE CHECKS
    1.
    发明申请
    SCALABLE RUNTIME VALIDATION FOR ON-DEVICE DESIGN RULE CHECKS 有权

    公开(公告)号:US20230089869A1

    公开(公告)日:2023-03-23

    申请号:US18070655

    申请日:2022-11-29

    申请人: Intel Corporation

    发明人: Furkan Turan Patrick Koeberl Alpa Trivedi Steffen Schulz Scott Weber

    IPC分类号: G06F21/85 G06F30/398 G06N3/04 H04L9/08 G06F9/30 G06F9/50 G06F15/177 G06F15/78 H04L9/40 G06F11/07 G06F30/331 G06F9/38 G06F11/30

    摘要: An apparatus to facilitate scalable runtime validation for on-device design rule checks is disclosed. The apparatus includes a memory to store a contention set, multiplexers, and a validator. In one implementation, the validator is to: receive design rule information for the multiplexers, the design rule information referencing the contention set, wherein the contention set identifies a determined harmful bitstream configuration for each multiplexer instance of the multiplexers, and wherein the contention set comprises a mapping of contents of a user bitstream to configuration bits of the multiplexers; receive, at the validator of the apparatus, the user bitstream for programming the multiplexers of the apparatus; analyze, at the validator using the design rule information, the user bitstream against the contention set at a programming time of the apparatus; and provide an error indication responsive to identifying a match between the user bitstream and the contention set.

    ENABLING LATE-BINDING OF SECURITY FEATURES VIA CONFIGURATION SECURITY CONTROLLER FOR ACCELERATOR DEVICES
    3.
    发明申请
    ENABLING LATE-BINDING OF SECURITY FEATURES VIA CONFIGURATION SECURITY CONTROLLER FOR ACCELERATOR DEVICES 有权

    公开(公告)号:US20210150033A1

    公开(公告)日:2021-05-20

    申请号:US17129243

    申请日:2020-12-21

    申请人: Intel Corporation

    发明人: Alpa Trivedi Steffen Schulz Patrick Koeberl

    IPC分类号: G06F21/57 G06F21/44 G06F30/331 G06F9/38

    摘要: An apparatus to facilitate enabling late-binding of security features via configuration security controller for accelerator devices is disclosed. The apparatus includes a security controller to initialize as part of a secure boot and attestation chain of trust; receive configuration data for portions of the security controller, the portions comprising components of the security controller capable of re-programming; verify and validate the configuration data to as originating from a secure and trusted source; and responsive to successful verification and validation of the configuration data, re-program the portions of the security controller based on the configuration data.

    BROADCAST REMOTE SEALING FOR SCALABLE TRUSTED EXECUTION ENVIRONMENT PROVISIONING
    4.
    发明申请
    BROADCAST REMOTE SEALING FOR SCALABLE TRUSTED EXECUTION ENVIRONMENT PROVISIONING 有权

    公开(公告)号:US20210112073A1

    公开(公告)日:2021-04-15

    申请号:US17129223

    申请日:2020-12-21

    申请人: Intel Corporation

    发明人: Steffen Schulz Alpa Trivedi Patrick Koeberl

    IPC分类号: H04L29/06 G06F21/76

    摘要: An apparatus to facilitate broadcast remote sealing for scalable trusted execution environment provisioning is disclosed. The apparatus includes one or more processors to: request a group status report to confirm a status of a group of trusted execution platforms from a cloud service provider (CSP) providing scalable runtime validation for on-device design rule checks; validate, by a tenant, a minimum trusted computing base (TCB) declared with the group status report; determine, based on validation of the minimum TCB, whether a set of group members of the group of trusted execution platforms satisfies security requirements of the tenant; responsive to the set of group members satisfying the security requirement, utilize a group public key to encrypt a workload of the tenant; and send the encrypted workload to the CSP for storage by the CSP and subsequent execution by an execution platform of the group using a private group key.

    SCALABLE RUNTIME VALIDATION FOR ON-DEVICE DESIGN RULE CHECKS
    5.
    发明申请
    SCALABLE RUNTIME VALIDATION FOR ON-DEVICE DESIGN RULE CHECKS 有权

    公开(公告)号:US20210110099A1

    公开(公告)日:2021-04-15

    申请号:US17132306

    申请日:2020-12-23

    申请人: Intel Corporation

    发明人: Furkan Turan Patrick Koeberl Alpa Trivedi Steffen Schulz Scott Weber

    IPC分类号: G06F30/398

    摘要: An apparatus to facilitate scalable runtime validation for on-device design rule checks is disclosed. The apparatus includes a memory to store a contention set, one or more multiplexors, and a validator communicably coupled to the memory. In one implementation, the validator is to: receive design rule information for the one or more multiplexers, the design rule information referencing the contention set; analyze, using the design rule information, a user bitstream against the contention set at a programming time of the apparatus, the user bitstream for programming the one or more multiplexors; and provide an error indication responsive to identifying a match between the user bitstream and the contention set.

    Attestation support for elastic cloud computing environments
    6.
    发明授权
    Attestation support for elastic cloud computing environments 有权

    公开(公告)号:US11637868B2

    公开(公告)日:2023-04-25

    申请号:US17133803

    申请日:2020-12-24

    申请人: Intel Corporation

    发明人: Vincent Scarlata Alpa Trivedi Reshma Lal

    IPC分类号: H04L9/40 G06F9/50

    摘要: Attestation support in cloud computing environments is described. An example of an apparatus includes one or more processors to process data, including data related to hosting of workloads for one or more tenants; an orchestration element to receive a request for support of a workload of a tenant according to a selected membership policy, the orchestration element to select a set of one or more compute nodes to provide computation for the workload; and a security manager to receive the membership policy and to receive attestations from the selected compute nodes and, upon determining that the attestations meet the requirements of the membership policy, to add the one or more compute nodes to a group of compute nodes to provide computation for the workload.

    ENABLING STATELESS ACCELERATOR DESIGNS SHARED ACROSS MUTUALLY-DISTRUSTFUL TENANTS
    7.
    发明申请
    ENABLING STATELESS ACCELERATOR DESIGNS SHARED ACROSS MUTUALLY-DISTRUSTFUL TENANTS 有权

    公开(公告)号:US20220222203A1

    公开(公告)日:2022-07-14

    申请号:US17712350

    申请日:2022-04-04

    申请人: Intel Corporation

    发明人: Alpa Trivedi Carlos Rozas

    IPC分类号: G06F15/78 G06F30/398 G06N3/04 H04L9/08 G06F9/30 G06F9/50 G06F15/177 H04L9/40 G06F11/07 G06F30/331 G06F9/38

    摘要: An apparatus to facilitate enabling stateless accelerator designs shared across mutually-distrustful tenants is disclosed. The apparatus includes a fully-homomorphic encryption (FHE)-capable circuitry to establish a secure session with a trusted environment executing on a host device communicably coupled to the apparatus; generate, as part of establishing the secure session, per-tenant FHE keys for each tenant utilizing the FHE-capable circuitry, the per-tenant FHE keys utilized to encrypt tenant data provided to an FHE-capable compute kernel of the FHE-capable circuitry; process tenant data that is in an FHE-encrypted format encrypted with a per-tenant FHE key of the per-tenant FHE keys; and store the tenant data that is in the FHE-encrypted format encrypted with the per-tenant FHE key of the per-tenant FHE keys.

    ATTESTATION OF OPERATIONS BY TOOL CHAINS
    8.
    发明申请
    ATTESTATION OF OPERATIONS BY TOOL CHAINS 有权

    公开(公告)号:US20220206764A1

    公开(公告)日:2022-06-30

    申请号:US17133880

    申请日:2020-12-24

    申请人: Intel Corporation

    发明人: Vincent Scarlata Alpa Trivedi Reshma Lal Marcela S. Melara Michael Steiner Anjo Vahldiek-Oberwagner

    IPC分类号: G06F8/40

    摘要: Attestation of operations by tool chains is described. An example of a storage medium includes instructions for receiving source code for processing of a secure workload of a tenant; selecting at least a first compute node to provide computation for the workload; processing the source code by an attestable tool chain to generate machine code for the first compute node, including performing one or more conversions of the source code by one or more convertors to generate converted code and generating an attestation associated with each code conversion, and receiving machine code for the first compute node and generating an attestation associated with the first compute node; and providing each of the attestations from the first stage and the second stage for verification.

    ENABLING SECURE STATE-CLEAN DURING CONFIGURATION OF PARTIAL RECONFIGURATION BITSTREAMS ON FPGA
    10.
    发明申请
    ENABLING SECURE STATE-CLEAN DURING CONFIGURATION OF PARTIAL RECONFIGURATION BITSTREAMS ON FPGA 有权

    公开(公告)号:US20210110069A1

    公开(公告)日:2021-04-15

    申请号:US17129250

    申请日:2020-12-21

    申请人: Intel Corporation

    发明人: Alpa Trivedi Scott Weber Steffen Schulz Patrick Koeberl

    IPC分类号: G06F21/76 G06F21/57 G06F21/53 G06F21/30

    摘要: An apparatus to facilitate enabling secure state-clean during configuration of partial reconfiguration bitstreams on accelerator devices is disclosed. The apparatus includes a security engine to receive an incoming partial reconfiguration (PR) bitstream corresponding to a new PR persona to configure a region of the apparatus; perform, as part of a PR configuration sequence for the new PR persona, a first clear operation to clear previously-set persona configuration bits in the region; perform, as part of the PR configuration sequence subsequent to the first clear operation, a set operation to set new persona configuration bits in the region; and perform, as part of the PR configuration sequence, a second clear operation to clear memory blocks of the region that became unfrozen subsequent to the set operation, the second clear operation performed using a persona-dependent mask corresponding to the new PR persona.