-
Patent Agency Ranking
公开(公告)号:US20230259364A9
公开(公告)日:2023-08-17
申请号:US17485400
申请日:2021-09-25
Applicant: Intel Corporation
Inventor: PRASHANT DEWAN , ARUN HODIGERE , KARUNAKARA KARUNAKARA KOTARY
CPC classification number: G06F9/30145 , G06F9/3017 , G06F9/268 , G06F12/0246
Abstract: An apparatus and method for efficient microcode patching. For example, one embodiment of an apparatus comprises: a package comprising one or more integrated circuit dies, the one or more integrated circuit dies comprising: a plurality of cores; and a security controller coupled to the plurality of cores, a first core of the plurality of cores comprising: a decoder to decode a microcode patching instruction, the microcode patching instruction comprising an operand to be used to identify an address; and execution circuitry to execute the microcode patching instruction, wherein responsive to the microcode patching instruction, the execution circuitry and/or security controller are to: retrieve a microcode patch from a location in memory based on the address, validate the microcode patch, apply the microcode patch to update or replace microcode associated with the one or more integrated circuit dies, and transmit the microcode patch to a persistent storage device; wherein the microcode patch is to be subsequently retrieved from the persistent storage device by one or more external security controllers of one or more external integrated circuit dies, the one or more external security controllers to cause the microcode patch to be applied to update or replace microcode associated with the one or more external integrated circuit dies.
-
公开(公告)号:US20170372063A1
公开(公告)日:2017-12-28
申请号:US15656992
申请日:2017-07-21
Applicant: Intel Corporation
Inventor: PRASHANT DEWAN , UTTAM SENGUPTA , SIDDHARTHA CHHABRA , DAVID DURHAM , XIAOZHU KANG , UDAY SAVAGAONKAR , ALPA NARENDRA TRIVEDI
CPC classification number: G06F21/53 , G06F9/45504 , G06F9/45558 , G06F9/5011 , G06F9/5072 , G06F21/554 , G06F21/84 , G06F2009/45587 , G06F2213/0038 , H04L9/3247
Abstract: Generally, this disclosure provides systems, devices, methods and computer readable media for virtualization-based intra-block workload isolation. The system may include a virtual machine manager (VMM) module to create a secure virtualization environment or sandbox. The system may also include a processor block to load data into a first region of the sandbox and to generate a workload package based on the data. The workload package is stored in a second region of the sandbox. The system may further include an operational block to fetch and execute instructions from the workload package.
-
公开(公告)号:US20170286320A1
公开(公告)日:2017-10-05
申请号:US15089280
申请日:2016-04-01
Applicant: Intel Corporation
Inventor: SIDDHARTHA CHHABRA , DAVID M. DURHAM , PRASHANT DEWAN
Abstract: This disclosure is directed to avoiding redundant memory encryption in a cryptographic protection system. Data stored in a device may be protected using different encryption systems. Data associated with at least one trusted execution environment (TEE) may be encrypted using a first encryption system. Main memory in the device may comprise data important to maintaining the integrity of an operating system (OS), etc. and may be encrypted using a second encryption system. Data may also be placed into a memory location via direct memory access (DMA) and may be protected utilizing a third encryption system. Redundant encryption may be avoided by encryption circuitry capable of determining when data is already protected by encryption provided by another system. For example, the encryption circuitry may comprise encryption control circuitry that monitors indicators set at different points during data handling, and may bypass certain data encryption or decryption operations based on the indicator settings.
-
公开(公告)号:US20150278512A1
公开(公告)日:2015-10-01
申请号:US14228994
申请日:2014-03-28
Applicant: Intel Corporation
Inventor: PRASHANT DEWAN , UTTAM K. SENGUPTA , SIDDHARTHA CHHABRA , DAVID M. DURHAM , XIAOZHU KANG , UDAY R. SAVAGAONKAR , ALPA T. NARENDRA TRIVEDI
CPC classification number: G06F21/53 , G06F9/45504 , G06F9/45558 , G06F9/5011 , G06F9/5072 , G06F21/554 , G06F21/84 , G06F2009/45587 , G06F2213/0038 , H04L9/3247
Abstract: Generally, this disclosure provides systems, devices, methods and computer readable media for virtualization-based intra-block workload isolation. The system may include a virtual machine manager (VMM) module to create a secure virtualization environment or sandbox. The system may also include a processor block to load data into a first region of the sandbox and to generate a workload package based on the data. The workload package is stored in a second region of the sandbox. The system may further include an operational block to fetch and execute instructions from the workload package.
Abstract translation: 通常,本公开提供了用于基于虚拟化的块内工作负载隔离的系统,设备,方法和计算机可读介质。 该系统可以包括用于创建安全虚拟化环境或沙箱的虚拟机管理器(VMM)模块。 该系统还可以包括处理器块,用于将数据加载到沙箱的第一区域中,并且基于该数据生成工作负载包。 工作负载包存储在沙箱的第二个区域。 系统还可以包括用于从工作负载包获取和执行指令的操作块。
-
公开(公告)号:US20220417005A1
公开(公告)日:2022-12-29
申请号:US17358952
申请日:2021-06-25
Applicant: Intel Corporation
Inventor: BAIJU PATEL , SIDDHARTHA CHHABRA , PRASHANT DEWAN , OFIR SHWARTZ
IPC: H04L9/08
Abstract: Systems, methods, and apparatuses for providing chiplet binding to a disaggregated architecture for a system on a chip are described. In one embodiment, system includes a plurality of physically separate dies, an interconnect to electrically couple the plurality of physically separate dies together, a first die-to-die communication circuit, of a first die of the plurality of physically separate dies, comprising a transmitter circuit and an encryption circuit having a link key to encrypt data to be sent from the transmitter circuit into encrypted data, and a second die-to-die communication circuit, of a second die of the plurality of physically separate dies, comprising a receiver circuit and a decryption circuit having the link key to decrypt the encrypted data sent from the transmitter circuit to the receiver circuit.
-
-
-
-
Search Results
5
records
(took 0.016 seconds)
