公开(公告)号：US20200167488A1

公开(公告)日：2020-05-28

申请号：US16774719

申请日：2020-01-28

Applicant: Intel Corporation

Inventor： Salessawi Ferede Yitbarek ,  Lawrence A. Booth Jr. ,  Brent Thomas ,  Reshma Lal ,  Pradeep M. Pappachan ,  Akshay Kadam

IPC: G06F21/60 ,  G06F21/76 ,  H04L9/14 ,  H04L9/08

Abstract: Embodiments are directed to protection of communications between a trusted execution environment and a hardware accelerator utilizing enhanced end-to-end encryption and inter-context security. An embodiment of an apparatus includes one or more processors having one or more trusted execution environments (TEEs) including a first TEE to include a first trusted application; an interface with a hardware accelerator, the hardware accelerator including trusted embedded software or firmware; and a computer memory to store an untrusted kernel mode driver for the hardware accelerator, the one or more processors to establish an encrypted tunnel between the first trusted application in the first TEE and the trusted software or firmware, generate a call for a first command from the first trusted application, generate an integrity tag for the first command, and transfer command parameters for the first command and the integrity tag to the kernel mode driver to generate the first command.

公开(公告)号：US10528768B2

公开(公告)日：2020-01-07

申请号：US15706180

申请日：2017-09-15

Applicant: Intel Corporation

Inventor： Suchit Subhaschandra ,  Srivatsan Krishnan ,  Brent Thomas ,  Pratik Marolia

IPC: H04L29/06 ,  G06F21/76 ,  G06F21/31

Abstract: Methods and apparatus to provide user-level access authorization for cloud-based filed-programmable gate arrays are disclosed. An example apparatus includes a field-programmable gate array (FPGA) including a first memory and a second memory different from the first memory. The first memory stores a bitstream. The second memory stores a first user tag associated with the bitstream. The example apparatus further includes a kernel having an FPGA driver operatively coupled to the FPGA. The FPGA driver is to receive a command associated with accessing the FPGA from a user-executed application. The FPGA driver is further to identify a second user tag associated with the command. The FPGA driver is further to determine whether the command is to be accepted based on the second user tag.

公开(公告)号：US20190087606A1

公开(公告)日：2019-03-21

申请号：US15706180

申请日：2017-09-15

Applicant: Intel Corporation

Inventor： Suchit Subhaschandra ,  Srivatsan Krishnan ,  Brent Thomas ,  Pratik Marolia

IPC: G06F21/76 ,  G06F21/31

CPC classification number: G06F21/76 ,  G06F21/31

Abstract: Methods and apparatus to provide user-level access authorization for cloud-based filed-programmable gate arrays are disclosed. An example apparatus includes a field-programmable gate array (FPGA) including a first memory and a second memory different from the first memory. The first memory stores a bitstream. The second memory stores a first user tag associated with the bitstream. The example apparatus further includes a kernel having an FPGA driver operatively coupled to the FPGA. The FPGA driver is to receive a command associated with accessing the FPGA from a user-executed application. The FPGA driver is further to identify a second user tag associated with the command. The FPGA driver is further to determine whether the command is to be accepted based on the second user tag.