公开(公告)号：US10135828B2

公开(公告)日：2018-11-20

申请号：US15681955

申请日：2017-08-21

Applicant: Intel Corporation

Inventor： Oron Lenz ,  Noam Milshten ,  Ilya Berdichevsky

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/10

Abstract: Technologies for secure server access include a client computing device that loads a license agent into a secure enclave established by a processor of the client computing device. The license agent receives a request from an application to access a remote server device. The license agent opens a secure connection with the server device and performs remote attestation of the secure enclave. The license agent authenticates the user and transmits a machine identifier and a user identifier to the server device. The machine identifier may be based on an enclave sealing key of the client computing device. The server device verifies that the machine identifier and the user identifier are bound to a valid application license. If the machine identifier and the user identifier are successfully verified, the application communicates with the server device using the secure connection. Other embodiments are described and claimed.

公开(公告)号：US20180041513A1

公开(公告)日：2018-02-08

申请号：US15681955

申请日：2017-08-21

Applicant: Intel Corporation

Inventor： Oron Lenz ,  Noam Milshten ,  Ilya Berdichevsky

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/10

CPC classification number: H04L63/10 ,  G06F21/10 ,  G06F21/577 ,  H04L63/06 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/0876 ,  H04L63/102 ,  H04L2463/103

Abstract: Technologies for secure server access include a client computing device that loads a license agent into a secure enclave established by a processor of the client computing device. The license agent receives a request from an application to access a remote server device. The license agent opens a secure connection with the server device and performs remote attestation of the secure enclave. The license agent authenticates the user and transmits a machine identifier and a user identifier to the server device. The machine identifier may be based on an enclave sealing key of the client computing device. The server device verifies that the machine identifier and the user identifier are bound to a valid application license. If the machine identifier and the user identifier are successfully verified, the application communicates with the server device using the secure connection. Other embodiments are described and claimed.

公开(公告)号：US10097554B2

公开(公告)日：2018-10-09

申请号：US15681955

申请日：2017-08-21

Applicant: Intel Corporation

Inventor： Oron Lenz ,  Noam Milshten ,  Ilya Berdichevsky

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/10

Abstract: Technologies for secure server access include a client computing device that loads a license agent into a secure enclave established by a processor of the client computing device. The license agent receives a request from an application to access a remote server device. The license agent opens a secure connection with the server device and performs remote attestation of the secure enclave. The license agent authenticates the user and transmits a machine identifier and a user identifier to the server device. The machine identifier may be based on an enclave sealing key of the client computing device. The server device verifies that the machine identifier and the user identifier are bound to a valid application license. If the machine identifier and the user identifier are successfully verified, the application communicates with the server device using the secure connection. Other embodiments are described and claimed.

公开(公告)号：US09749323B2

公开(公告)日：2017-08-29

申请号：US14670959

申请日：2015-03-27

Applicant: Intel Corporation

Inventor： Oron Lenz ,  Noam Milshten ,  Ilya Berdichevsky

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/10

CPC classification number: H04L63/10 ,  G06F21/10 ,  G06F21/577 ,  H04L63/06 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/0876 ,  H04L63/102 ,  H04L2463/103

Abstract: Technologies for secure server access include a client computing device that loads a license agent into a secure enclave established by a processor of the client computing device. The license agent receives a request from an application to access a remote server device. The license agent opens a secure connection with the server device and performs remote attestation of the secure enclave. The license agent authenticates the user and transmits a machine identifier and a user identifier to the server device. The machine identifier may be based on an enclave sealing key of the client computing device. The server device verifies that the machine identifier and the user identifier are bound to a valid application license. If the machine identifier and the user identifier are successfully verified, the application communicates with the server device using the secure connection. Other embodiments are described and claimed.