公开(公告)号：US10223014B1

公开(公告)日：2019-03-05

申请号：US15719058

申请日：2017-09-28

Applicant: Intel Corporation

Inventor： Sean R. Atsatt ,  Andrew Draper ,  Ting Lu ,  Steve Tuyen Vu ,  Scott Weber

IPC: G06G7/38 ,  H03K19/173 ,  G06F3/06

Abstract: A system for maintaining reconfigurable partitions in an integrated device includes a first buffer having channels that store configuration data and a mask. The system also includes first decompression circuitry having a second buffer coupled to the first buffer that stores the configuration data and second decompression circuitry having a third buffer coupled to the first buffer that stores the mask. The system also includes partition maintenance circuitry that applies the mask to the configuration data after the first decompression circuitry has decompressed the configuration data and the second decompression circuitry has decompressed the mask.

公开(公告)号：US12189775B2

公开(公告)日：2025-01-07

申请号：US17725876

申请日：2022-04-21

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Andrew Draper ,  Xiaoyu Ruan

IPC: G06F21/57

Abstract: An apparatus is disclosed. The apparatus comprises one or more processors to receive a request to perform a firmware update at a device, prepare a second trusted compute base (TCB) layer for the firmware update, generate a first compound device identifier (CDI) associated with a first TCB layer to be used by the second TCB layer to attest an operational state of the first TCB layer prior to applying the update and generate a second CDI associated with the first TCB layer to be used by the second TCB layer to attest the operational state of the first layer after the update has been applied and perform the firmware update of the second TCB layer.

公开(公告)号：US12010144B2

公开(公告)日：2024-06-11

申请号：US17351004

申请日：2021-06-17

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Jose Benchimol ,  Andrew Draper

IPC: H04L29/06 ,  G06F11/34 ,  H04L9/40 ,  G06F11/30 ,  G06F21/57

CPC classification number: H04L63/20 ,  G06F11/3409 ,  G06F11/3055 ,  G06F11/3089 ,  G06F21/57

Abstract: Various examples of device and system implementations and methods for performing end-to-end attestation operations for multi-layer hardware devices are disclosed. In an example, attestation operations are performed by a verifier, including: obtaining layered attestation evidence regarding a state of a compute device, with the layered attestation evidence including attesting evidence provided from a second hardware layer of the compute device, such that the attesting evidence provided from the second hardware layer is generated from attesting evidence provided from a first hardware layer of the compute device to the second hardware layer of the compute device; obtaining endorsement information relating to the layered attestation evidence for the state of the compute device; determining an appraisal policy for performing attestation of the compute device from the layered attestation evidence; and applying the appraisal policy and the endorsement information to the layered attestation evidence, to perform attestation of the compute device.

公开(公告)号：US20220245252A1

公开(公告)日：2022-08-04

申请号：US17725876

申请日：2022-04-21

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Andrew Draper ,  Xiaoyu Ruan

IPC: G06F21/57

Abstract: An apparatus is disclosed. The apparatus comprises one or more processors to receive a request to perform a firmware update at a device, prepare a second trusted compute base (TCB) layer for the firmware update, generate a first compound device identifier (CDI) associated with a first TCB layer to be used by the second TCB layer to attest an operational state of the first TCB layer prior to applying the update and generate a second CDI associated with the first TCB layer to be used by the second TCB layer to attest the operational state of the first layer after the update has been applied and perform the firmware update of the second TCB layer.

公开(公告)号：US20190095113A1

公开(公告)日：2019-03-28

申请号：US15719058

申请日：2017-09-28

Applicant: Intel Corporation

Inventor： Sean R. Atsatt ,  Andrew Draper ,  Ting Lu ,  Steve Tuyen Vu ,  Scott Weber

IPC: G06F3/06

Abstract: A system for maintaining reconfigurable partitions in an integrated device includes a first buffer having channels that store configuration data and a mask. The system also includes first decompression circuitry having a second buffer coupled to the first buffer that stores the configuration data and second decompression circuitry having a third buffer coupled to the first buffer that stores the mask. The system also includes partition maintenance circuitry that applies the mask to the configuration data after the first decompression circuitry has decompressed the configuration data and the second decompression circuitry has decompressed the mask.