-
公开(公告)号:US11741234B2
公开(公告)日:2023-08-29
申请号:US17321764
申请日:2021-05-17
Applicant: Intel Corporation
Inventor: Ned Smith , Samuel Ortiz , Manohar Castelino , Mikko Ylinen
CPC classification number: G06F21/575 , G06F9/45558 , G06F21/602 , G06F21/74 , G06F2009/45562 , G06F2009/45587
Abstract: Technologies for fast launch of trusted containers include a computing device having a trusted platform module (TPM). The computing device measures a container runtime with the TPM and executes the container runtime in response to the measurement. The computing device establishes a trust relationship between the TPM and a virtual platform credential, provisions the virtual platform credential to a virtual TPM, and executes a guest environment in response to provisioning the virtual platform credential. The computing device measures a containerized application with the virtual TPM and executes the containerized application in response to the measurement. The computing device may perform a trusted computing operation in the guest environment with the virtual TPM. The virtual TPM and the containerized application may be protected with multi-key total memory encryption (MKTME) support of the computing device. State of the virtual TPM may be encrypted and persisted. Other embodiments are described and claimed.
-
公开(公告)号:US12026106B2
公开(公告)日:2024-07-02
申请号:US17802117
申请日:2020-03-30
Applicant: INTEL CORPORATION
Inventor: Keqiang Wu , Zhidong Yu , Cheng Xu , Samuel Ortiz , Weiting Chen
CPC classification number: G06F13/1678 , G06F13/1621 , G06F13/4004
Abstract: The present disclosure provides an interconnect for a non-uniform memory architecture platform to provide remote access where data can dynamically and adaptively be compressed and decompressed at the interconnect link. A requesting interconnect link can add a delay to before transmitting requested data onto an interconnect bus, compress the data before transmission, or packetize and compress data before transmission. Likewise, a remote interconnect link can decompress request data.
-
Patent Agency Ranking
公开(公告)号:US20210390186A1
公开(公告)日:2021-12-16
申请号:US17321764
申请日:2021-05-17
Applicant: Intel Corporation
Inventor: Ned Smith , Samuel Ortiz , Manohar Castelino , Mikko Ylinen
Abstract: Technologies for fast launch of trusted containers include a computing device having a trusted platform module (TPM). The computing device measures a container runtime with the TPM and executes the container runtime in response to the measurement. The computing device establishes a trust relationship between the TPM and a virtual platform credential, provisions the virtual platform credential to a virtual TPM, and executes a guest environment in response to provisioning the virtual platform credential. The computing device measures a containerized application with the virtual TPM and executes the containerized application in response to the measurement. The computing device may perform a trusted computing operation in the guest environment with the virtual TPM. The virtual TPM and the containerized application may be protected with multi-key total memory encryption (MKTME) support of the computing device. State of the virtual TPM may be encrypted and persisted. Other embodiments are described and claimed.
-
公开(公告)号:US11017092B2
公开(公告)日:2021-05-25
申请号:US16144325
申请日:2018-09-27
Applicant: Intel Corporation
Inventor: Ned Smith , Samuel Ortiz , Manohar Castelino , Mikko Ylinen
Abstract: Technologies for fast launch of trusted containers include a computing device having a trusted platform module (TPM). The computing device measures a container runtime with the TPM and executes the container runtime in response to the measurement. The computing device establishes a trust relationship between the TPM and a virtual platform credential, provisions the virtual platform credential to a virtual TPM, and executes a guest environment in response to provisioning the virtual platform credential. The computing device measures a containerized application with the virtual TPM and executes the containerized application in response to the measurement. The computing device may perform a trusted computing operation in the guest environment with the virtual TPM. The virtual TPM and the containerized application may be protected with multi-key total memory encryption (MKTME) support of the computing device. State of the virtual TPM may be encrypted and persisted. Other embodiments are described and claimed.
-
公开(公告)号:US10445009B2
公开(公告)日:2019-10-15
申请号:US15639471
申请日:2017-06-30
Applicant: Intel Corporation
Inventor: Graham Whaley , Adriaan van de Ven , Manohar R. Castelino , Jose C. Venegas Munoz , Samuel Ortiz
Abstract: Systems and methods that manage memory usage by a virtual machine are provided. These systems and methods compact the virtual machine's memory footprint, thereby promoting efficient use of memory and gaining performance benefits of increased data locality. In some embodiments, a guest operating system running within the virtual machine is enhanced to allocate its VM memory in a compact manner. The guest operating system includes a memory manager that is configured to reference an artificial access cost when identifying memory areas to allocate for use by applications. These access costs are described as being artificial because they are not representative of actual, hardware based access costs, but instead are fictitious costs that increase as the addresses of the memory areas increase. Because of these increasing artificial access costs, the memory manager identifies memory areas with lower addresses for allocation and use prior to memory areas with higher addresses.
-
公开(公告)号:US12113902B2
公开(公告)日:2024-10-08
申请号:US17131684
申请日:2020-12-22
Applicant: Intel Corporation
Inventor: Anjo Lucas Vahldiek-Oberwagner , Ravi L. Sahita , Mona Vij , Dayeol Lee , Haidong Xia , Rameshkumar Illikkal , Samuel Ortiz , Kshitij Arun Doshi , Mourad Cherfaoui , Andrzej Kuriata , Teck Joo Goh
CPC classification number: H04L9/321 , H04L9/3242
Abstract: In function-as-a-service (FaaS) environments, a client makes use of a function executing within a trusted execution environment (TEE) on a FaaS server. Multiple tenants of the FaaS platform may provide functions to be executed by the FaaS platform via a gateway. Each tenant may provide code and data for any number of functions to be executed within any number of TEEs on the FaaS platform and accessed via the gateway. Additionally, each tenant may provide code and data for a single surrogate attester TEE. The client devices of the tenant use the surrogate attester TEE to attest each of the other TEEs of the tenant and establish trust with the functions in those TEEs. Once the functions have been attested, the client devices have confidence that the other TEEs of the tenant are running on the same platform as the gateway.
-
公开(公告)号:US20190042759A1
公开(公告)日:2019-02-07
申请号:US16144325
申请日:2018-09-27
Applicant: Intel Corporation
Inventor: Ned Smith , Samuel Ortiz , Manohar Castelino , Mikko Ylinen
Abstract: Technologies for fast launch of trusted containers include a computing device having a trusted platform module (TPM). The computing device measures a container runtime with the TPM and executes the container runtime in response to the measurement. The computing device establishes a trust relationship between the TPM and a virtual platform credential, provisions the virtual platform credential to a virtual TPM, and executes a guest environment in response to provisioning the virtual platform credential. The computing device measures a containerized application with the virtual TPM and executes the containerized application in response to the measurement. The computing device may perform a trusted computing operation in the guest environment with the virtual TPM. The virtual TPM and the containerized application may be protected with multi-key total memory encryption (MKTME) support of the computing device. State of the virtual TPM may be encrypted and persisted. Other embodiments are described and claimed.
-
-
-
-
-
-
Search Results
7
records
(took 0.01 seconds)
