公开(公告)号：US20160117498A1

公开(公告)日：2016-04-28

申请号：US14523886

申请日：2014-10-25

Applicant: Intel Corporation

Inventor： Paritosh Saxena ,  Adrian M.M.T. Dunbar ,  Michael S. Hughes ,  John Teddy ,  David Michael Durham ,  Balaji Vembu ,  Prashant Dewan ,  Debra Cablao ,  Nicholas D. Triantafillou ,  Craig D. Schmugar ,  Jason M. Surprise

IPC: G06F21/44 ,  G06F21/71 ,  G06F21/57

CPC classification number: G06F21/552 ,  G06F1/28 ,  G06F9/45558 ,  G06F9/5027 ,  G06F12/14 ,  G06F12/145 ,  G06F12/1491 ,  G06F21/445 ,  G06F21/554 ,  G06F21/558 ,  G06F21/56 ,  G06F21/566 ,  G06F21/57 ,  G06F21/71 ,  G06F21/74 ,  G06F2009/45587 ,  G06F2209/509 ,  G06F2212/1052 ,  G06F2221/034 ,  G06F2221/2149 ,  G06T1/20 ,  G09G5/363

Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a security application to configure a security task, the security task to detect a malicious element on a computing platform, the computing platform including a central processing unit and a graphics processing unit; and an offloader to determine whether the central processing unit or the graphics processing unit is to execute the security task; and when the graphics processing unit is to execute the security task, offload the security task to the graphics processing unit for execution.

公开(公告)号：US20160117497A1

公开(公告)日：2016-04-28

申请号：US14523884

申请日：2014-10-25

Applicant: Intel Corporation

Inventor： Paritosh Saxena ,  Adrian M.M.T. Dunbar ,  Michael S. Hughes ,  John Teddy ,  David Michael Durham ,  Balaji Vembu ,  Prashant Dewan ,  Debra Cablao ,  Nicholas D. Triantafillou ,  Craig D. Schmugar ,  Jason M. Surprise

IPC: G06F21/44 ,  G06F21/71 ,  G06F21/57

CPC classification number: G06F21/566 ,  G06F21/52 ,  G06F21/74

Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a security application to configure a security task, the security task to detect a malicious element on a computing platform, the computing platform including a central processing unit and a graphics processing unit; and an offloader to determine whether the central processing unit or the graphics processing unit is to execute the security task; and when the graphics processing unit is to execute the security task, offload the security task to the graphics processing unit for execution.

公开(公告)号：US20160283721A1

公开(公告)日：2016-09-29

申请号：US15179665

申请日：2016-06-10

Applicant: Intel Corporation

Inventor： Daniel Nemiroff ,  Paul J. Thadikaran ,  Andrew H. Gafken ,  Purushottam Goel ,  Nicholas D. Triantafillou ,  Paritosh Saxena ,  Debra Cablao

IPC: G06F21/57 ,  G06F21/64 ,  G06F21/62 ,  G06F21/56

CPC classification number: G06F21/577 ,  G06F9/4401 ,  G06F21/554 ,  G06F21/561 ,  G06F21/575 ,  G06F21/6218 ,  G06F21/64 ,  G06F2221/033 ,  H04L9/3247

Abstract: Embodiments of techniques and systems for out-of-band verification of host OS components are described. In embodiments, a out-of-band host OS boot sequence verification system (“BSVS”) may access system memory without detection by a host OS process, or “out of band.” The BSVS may access host OS components in the system memory and may generate signatures from memory footprints of the host OS components. These signatures may then be compared to trusted signatures to verify integrity of the host OS components. In embodiments, this verification may be performed during a boot of a host OS or on demand. In embodiments, the trusted signatures may be pre-stored by the BSVS before a boot; in some embodiments, the trusted signatures may be previously-computed and then stored by the BSVS. Other embodiments may be described and claimed.

Abstract translation: 描述用于主机OS组件的带外验证的技术和系统的实施例。 在实施例中，带外主机OS引导序列验证系统（“BSVS”）可以在主机OS进程或“带外”检测的情况下访问系统存储器.BSVS可以访问系统存储器中的主机OS组件 并且可以从主机OS组件的内存覆盖区生成签名。 然后可以将这些签名与可信签名进行比较以验证主机OS组件的完整性。 在实施例中，可以在主机OS的引导期间或者根据需要执行该验证。 在实施例中，信任签名可以在引导之前被BSVS预先存储; 在一些实施例中，可信任签名可以被预先计算，然后由BSVS存储。 可以描述和要求保护其他实施例。