公开(公告)号：US12244601B2

公开(公告)日：2025-03-04

申请号：US17541155

申请日：2021-12-02

Applicant: Intel Corporation

Inventor： Anahit Tarkhanyan ,  Reshma Lal ,  Jianping Xu ,  Christine E. Severns-Williams

IPC: H04L9/40 ,  G06F9/50

Abstract: A system includes an orchestrator to receive a first request for resources for a workload of a tenant and to select a first node cluster in a first compute domain to be provisioned for the workload. The system also includes a first security manager to run in a trusted execution environment of one or more processors to receive attestation results for a second node cluster from a second security manager in a second compute domain, and to establish the first node cluster and the second node cluster as a trusted group of node clusters for the workload based, at least in part, on determining that a first compute node in the first node cluster meets one or more security requirements of a workload execution policy associated with the workload and that the attestation results indicate that a second compute node in the second node cluster meets the one or more security requirements.

公开(公告)号：US12003489B2

公开(公告)日：2024-06-04

申请号：US17544355

申请日：2021-12-07

Applicant: Intel Corporation

Inventor： Reshma Lal ,  Anahit Tarkhanyan ,  Jianping Xu ,  Christine E. Severns-Williams

IPC: H04L9/40 ,  H04L9/08 ,  H04L9/32 ,  H04L43/04 ,  H04L43/06 ,  H04L43/0817

CPC classification number: H04L63/0428 ,  H04L9/0819 ,  H04L9/321 ,  H04L9/3263 ,  H04L43/04 ,  H04L43/06 ,  H04L63/0823 ,  H04L63/10 ,  H04L63/1433 ,  H04L63/1475 ,  H04L43/0817 ,  H04L63/20

Abstract: One or more machine readable storage media, an apparatus, and a method. The apparatus provides a mechanism to implement a trusted telemetry governor (TTG) inside a trusted execution environment. The TTG is to determine a security policy to be applied to telemetry data corresponding to component of a computing infrastructure, receive the telemetry data in encrypted format and, based on the security policy: process the telemetry data including at least one of generating transformed telemetry data or analyzing the telemetry data to generate a report therefrom, and generating telemetry information from the telemetry data. The telemetry information includes at least one of processed telemetry data, a report, or a recommendation based on an analysis of the telemetry data. The TTG is to send the telemetry information outside of the trusted execution environment to a consumer of the telemetry data.

公开(公告)号：US08970561B2

公开(公告)日：2015-03-03

申请号：US14021304

申请日：2013-09-09

Applicant: Intel Corporation

Inventor： Jianping Xu

IPC: G06F3/033 ,  G06K9/00 ,  G06F3/0346 ,  G06F3/0354 ,  G06F3/043 ,  G07C9/00

CPC classification number: G06K9/00167 ,  G06F3/0346 ,  G06F3/03545 ,  G06F3/043 ,  G06K9/00154 ,  G07C9/0015

Abstract: A digital signature collection and authentication system includes an ink pen having an ultrasonic transmitter that transmits ultrasonic energy to a plurality of ultrasonic receivers. A computer triangulates the location of the pen versus time to generate the signature shape, and to generate velocity and acceleration data. The pen also includes a pressure sensitive tip to record pressure applied to the pen tip. The pen also includes a higher frequency burst transmitter useful to generate a time reference, and to transmit the pressure information. The computer packetizes the shape, velocity, acceleration, and pressure data with a time stamp and an IP address or phone number, encrypts the packet and sends it to a host computer for authentication. Other embodiments are described and claimed.

Abstract translation: 数字签名收集和认证系统包括具有向超声波接收器发送超声波能量的超声波发射器的墨水笔。 计算机将笔的位置与时间进行三角测量以生成签名形状，并生成速度和加速度数据。 该笔还包括压力敏感的尖端以记录施加到笔尖的压力。 该笔还包括用于产生时间基准的较高频率脉冲串发射器，以及传送压力信息。 计算机使用时间戳和IP地址或电话号码对形状，速度，加速度和压力数据进行打包，对数据包进行加密，并将其发送到主机进行认证。 描述和要求保护其他实施例。

公开(公告)号：US20220141201A1

公开(公告)日：2022-05-05

申请号：US17544355

申请日：2021-12-07

Applicant: Intel Corporation

Inventor： Reshma Lal ,  Anahit Tarkhanyan ,  Jianping Xu ,  Christine E. Severns-Williams

IPC: H04L9/40 ,  H04L43/04 ,  H04L9/08 ,  H04L43/06 ,  H04L9/32 ,  H04L43/0817

Abstract: One or more machine readable storage media, an apparatus, and a method. The apparatus provides a mechanism to implement a trusted telemetry governor (TTG) inside a trusted execution environment. The TTG is to determine a security policy to be applied to telemetry data corresponding to component of a computing infrastructure, receive the telemetry data in encrypted format and, based on the security policy: process the telemetry data including at least one of generating transformed telemetry data or analyzing the telemetry data to generate a report therefrom, and generating telemetry information from the telemetry data. The telemetry information includes at least one of processed telemetry data, a report, or a recommendation based on an analysis of the telemetry data. The TTG is to send the telemetry information outside of the trusted execution environment to a consumer of the telemetry data.

公开(公告)号：US20220094690A1

公开(公告)日：2022-03-24

申请号：US17541155

申请日：2021-12-02

Applicant: Intel Corporation

Inventor： Anahit Tarkhanyan ,  Reshma Lal ,  Jianping Xu ,  Christine E. Severns-Williams

IPC: H04L9/32 ,  G06F9/50

Abstract: A system includes an orchestrator to receive a first request for resources for a workload of a tenant and to select a first node cluster in a first compute domain to be provisioned for the workload. The system also includes a first security manager to run in a trusted execution environment of one or more processors to receive attestation results for a second node cluster from a second security manager in a second compute domain, and to establish the first node cluster and the second node cluster as a trusted group of node clusters for the workload based, at least in part, on determining that a first compute node in the first node cluster meets one or more security requirements of a workload execution policy associated with the workload and that the attestation results indicate that a second compute node in the second node cluster meets the one or more security requirements.

公开(公告)号：US09405724B2

公开(公告)日：2016-08-02

申请号：US13930976

申请日：2013-06-28

Applicant: Intel Corporation

Inventor： Jianping Xu ,  Asit K. Mishra ,  Joshua B. Fryman ,  David S. Dunning

IPC: G06F9/30 ,  G06F15/173

CPC classification number: G06F15/17325

Abstract: A reconfigurable tree apparatus with a bypass mode and a method of using the reconfigurable tree apparatus are disclosed. The reconfigurable tree apparatus uses a short-circuit register to selectively designate participating agents for such operations as barriers, multicast, and reductions. The reconfigurable tree apparatus enables an agent to initiate a barrier, multicast, or reduction operation, leaving software to determine the participating agents for each operation. Although the reconfigurable tree apparatus is implemented using a small number of wires, multiple in-flight barrier, multicast, and reduction operations can take place. The method and apparatus have low complexity, easy reconfigurability, and provide the energy savings necessary for future exa-scale machines.

Abstract translation: 公开了具有旁路模式的可重构树装置和使用可重构树装置的方法。 可重构树装置使用短路寄存器来选择性地指定用于诸如屏障，多播和减少的操作的参与代理。 可重构树装置使得代理能够启动屏障，多播或缩减操作，使软件确定每个操作的参与代理。 虽然使用少量的线路来实现可重构树设备，但是可以进行多个飞行中的屏障，多播和减少操作。 该方法和装置具有复杂性低，易于重新配置，并为未来的规模化机器提供所需的能量节省。