-
Patent Agency Ranking
公开(公告)号:US20170353319A1
公开(公告)日:2017-12-07
申请号:US15279527
申请日:2016-09-29
Applicant: Intel Corporation
Inventor: Vincent R. Scarlata , Francis X. McKeen , Carlos V. Rozas , Simon P. Johnson , Bo Zhang , James D. Beaney, JR. , Piotr Zmijewski , Wesley H. Smith , Eduardo Cabre
CPC classification number: H04L9/3252 , G06F21/44 , G06F21/53 , G09C1/00 , H04L9/0866 , H04L9/14 , H04L9/302 , H04L9/3066 , H04L9/3234 , H04L9/3247 , H04L9/3249 , H04L63/06 , H04L63/062 , H04L63/0823 , H04L63/12 , H04L2209/127
Abstract: A computing platform implements one or more secure enclaves including a first provisioning enclave to interface with a first provisioning service to obtain a first attestation key from the first provisioning service, a second provisioning enclave to interface with a different, second provisioning service to obtain a second attestation key from the second provisioning service, and a provisioning certification enclave to sign first data from the first provisioning enclave and second data from the second provisioning enclave using a hardware-based provisioning attestation key. The signed first data is used by the first provisioning enclave to authenticate to the first provisioning service to obtain the first attestation key and the signed second data is used by the second provisioning enclave to authenticate to the second provisioning service to obtain the second attestation key.
-
公开(公告)号:US20170366359A1
公开(公告)日:2017-12-21
申请号:US15201400
申请日:2016-07-02
Applicant: Intel Corporation
Inventor: Vincent R. Scarlata , Francis X. McKeen , Carlos V. Rozas , Simon P, Johnson , Bo Zhang , James D. Beaney, JR. , Piotr Zmijewski , Wesley Hamilton Smith , Eduardo Cabre , Uday R. Savagaonkar
CPC classification number: H04L9/3263 , G09C1/00 , H04L9/0816 , H04L9/0822 , H04L9/14 , H04L9/3268 , H04L63/06 , H04L63/0823 , H04L63/12
Abstract: Embodiments include systems, methods, computer readable media, and devices configured to, for a first processor of a platform, generate a platform root key; create a data structure to encapsulate the platform root key, the data structure comprising a platform provisioning key and an identification of a registration service; and transmit, on a secure connection, the data structure to the registration service to register the platform root key for the first processor of the platform. Embodiments include systems, methods, computer readable media, and devices configured to store a device certificate received from a key generation facility; receive a manifest from a platform, the manifest comprising an identification of a processor associated with the platform; and validate the processor using a stored device certificate.
-
公开(公告)号:US20150278528A1
公开(公告)日:2015-10-01
申请号:US14227411
申请日:2014-03-27
Applicant: Intel Corporation
Inventor: Bin Cedric Xing , Mark W. Shanahan , James D. Beaney, JR.
IPC: G06F21/60
Abstract: A system is disclosed and includes a processor to automatically execute enclave initialization code within a host application at run time of the host application. The enclave initialization code includes marshaling code to create a secure enclave separate from the host application. The marshaling code is generated at build time of the host application. The system also includes a dynamic random access memory (DRAM) including a dedicated DRAM portion to store the secure enclave. Other embodiments are described and claimed.
Abstract translation: 公开了一种系统,并且包括处理器,用于在主机应用的运行时间内在主机应用内自动执行飞地初始化代码。 飞地初始化代码包括编组代码,以创建与主机应用程序分开的安全飞地。 编组代码是在主机应用程序的构建时生成的。 该系统还包括动态随机存取存储器(DRAM),其包括用于存储安全飞地的专用DRAM部分。 描述和要求保护其他实施例。
-
公开(公告)号:US20210006416A1
公开(公告)日:2021-01-07
申请号:US16856968
申请日:2020-04-23
Applicant: Intel Corporation
Inventor: Vincent R. Scarlata , Francis X. McKeen , Carlos V. Rozas , Simon P. Johnson , Bo Zhang , James D. Beaney, JR. , Piotr Zmijewski , Wesley Hamilton Smith , Eduardo Cabre , Uday R. Savagaonkar
Abstract: Embodiments include systems, methods, computer readable media, and devices configured to, for a first processor of a platform, generate a platform root key; create a data structure to encapsulate the platform root key, the data structure comprising a platform provisioning key and an identification of a registration service; and transmit, on a secure connection, the data structure to the registration service to register the platform root key for the first processor of the platform. Embodiments include systems, methods, computer readable media, and devices configured to store a device certificate received from a key generation facility; receive a manifest from a platform, the manifest comprising an identification of a processor associated with the platform; and validate the processor using a stored device certificate.
-
公开(公告)号:US20190052469A1
公开(公告)日:2019-02-14
申请号:US16162776
申请日:2018-10-17
Applicant: Intel Corporation
Inventor: Vincent R. Scarlata , Francis X. McKeen , Carlos V. Rozas , Simon P. Johnson , Bo Zhang , James D. Beaney, JR. , Piotr Zmijewski , Wesley H. Smith , Eduardo Cabre
Abstract: A computing platform implements one or more secure enclaves including a first provisioning enclave to interface with a first provisioning service to obtain a first attestation key from the first provisioning service, a second provisioning enclave to interface with a different, second provisioning service to obtain a second attestation key from the second provisioning service, and a provisioning certification enclave to sign first data from the first provisioning enclave and second data from the second provisioning enclave using a hardware-based provisioning attestation key. The signed first data is used by the first provisioning enclave to authenticate to the first provisioning service to obtain the first attestation key and the signed second data is used by the second provisioning enclave to authenticate to the second provisioning service to obtain the second attestation key.
-
-
-
-
Search Results
5
records
(took 0.014 seconds)
