公开(公告)号：US10749683B2

公开(公告)日：2020-08-18

申请号：US16133952

申请日：2018-09-18

Applicant: Intel Corporation

Inventor： Ansuya Negi ,  Nitin V. Sarangdhar ,  Ulhas S. Warrier ,  Ramkumar Venkatachary ,  Ravi L. Sahita ,  Scott H. Robinson ,  Karanvir S. Grewal

IPC: H04L9/32 ,  H04L9/08

Abstract: Technologies for end-to-end biometric-based authentication and locality assertion include a computing device with one or more biometric devices. The computing device may securely exchange a key between a driver and a secure enclave. The driver may receive biometric data from the biometric sensor in a virtualization-protected memory buffer and encrypt the biometric data with the shared key. The secure enclave may decrypt the biometric data and perform a biometric authentication operation. The computing device may measure a virtual machine monitor (VMM) to generate attestation information for the VMM. A secure enclave may execute a virtualization report instruction to request the attestation information. The processor may copy the attestation information into the secure enclave memory. The secure enclave may verify the attestation information with a remote attestation server. If verified, the secure enclave may provide a shared secret to the VMM. Other embodiments are described and claimed.

公开(公告)号：US20190036699A1

公开(公告)日：2019-01-31

申请号：US16133952

申请日：2018-09-18

Applicant: Intel Corporation

Inventor： Ansuya Negi ,  Nitin V. Sarangdhar ,  Ulhas S. Warrier ,  Ramkumar Venkatachary ,  Ravi L. Sahita ,  Scott H. Robinson ,  Karanvir S. Grewal

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3231 ,  H04L9/0816 ,  H04L9/0825

Abstract: Technologies for end-to-end biometric-based authentication and locality assertion include a computing device with one or more biometric devices. The computing device may securely exchange a key between a driver and a secure enclave. The driver may receive biometric data from the biometric sensor in a virtualization-protected memory buffer and encrypt the biometric data with the shared key. The secure enclave may decrypt the biometric data and perform a biometric authentication operation. The computing device may measure a virtual machine monitor (VMM) to generate attestation information for the VMM. A secure enclave may execute a virtualization report instruction to request the attestation information. The processor may copy the attestation information into the secure enclave memory. The secure enclave may verify the attestation information with a remote attestation server. If verified, the secure enclave may provide a shared secret to the VMM. Other embodiments are described and claimed.

公开(公告)号：US20170104597A1

公开(公告)日：2017-04-13

申请号：US14974893

申请日：2015-12-18

Applicant: Intel Corporation

Inventor： Ansuya Negi ,  Nitin V. Sarangdhar ,  Ulhas S. Warrier ,  Ramkumar Venkatachary ,  Ravi L. Sahita ,  Scott H. Robinson ,  Karanvir S. Grewal

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3231 ,  H04L9/0816 ,  H04L9/0825

Abstract: Technologies for end-to-end biometric-based authentication and locality assertion include a computing device with one or more biometric devices. The computing device may securely exchange a key between a driver and a secure enclave. The driver may receive biometric data from the biometric sensor in a virtualization-protected memory buffer and encrypt the biometric data with the shared key. The secure enclave may decrypt the biometric data and perform a biometric authentication operation. The computing device may measure a virtual machine monitor (VMM) to generate attestation information for the VMM. A secure enclave may execute a virtualization report instruction to request the attestation information. The processor may copy the attestation information into the secure enclave memory. The secure enclave may verify the attestation information with a remote attestation server. If verified, the secure enclave may provide a shared secret to the VMM. Other embodiments are described and claimed.

公开(公告)号：US10079684B2

公开(公告)日：2018-09-18

申请号：US14974893

申请日：2015-12-18

Applicant: Intel Corporation

Inventor： Ansuya Negi ,  Nitin V. Sarangdhar ,  Ulhas S. Warrier ,  Ramkumar Venkatachary ,  Ravi L. Sahita ,  Scott H. Robinson ,  Karanvir S. Grewal

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3231 ,  H04L9/0816 ,  H04L9/0825

Abstract: Technologies for end-to-end biometric-based authentication and locality assertion include a computing device with one or more biometric devices. The computing device may securely exchange a key between a driver and a secure enclave. The driver may receive biometric data from the biometric sensor in a virtualization-protected memory buffer and encrypt the biometric data with the shared key. The secure enclave may decrypt the biometric data and perform a biometric authentication operation. The computing device may measure a virtual machine monitor (VMM) to generate attestation information for the VMM. A secure enclave may execute a virtualization report instruction to request the attestation information. The processor may copy the attestation information into the secure enclave memory. The secure enclave may verify the attestation information with a remote attestation server. If verified, the secure enclave may provide a shared secret to the VMM. Other embodiments are described and claimed.