公开(公告)号：US09769129B2

公开(公告)日：2017-09-19

申请号：US14922931

申请日：2015-10-26

Applicant: Intel Corporation

Inventor： Vinay Phegade ,  Anand Rajan ,  Simon Johnson ,  Vincent Scarlata ,  Carlos Rozas ,  Nikhil Deshpande

IPC: G06F21/60 ,  G06F21/57 ,  G06F21/64 ,  H04L29/06

CPC classification number: H04L63/0428 ,  G06F21/57 ,  G06F21/60 ,  G06F21/64 ,  G06F2221/2105 ,  H04L63/126 ,  H04L63/302

Abstract: An apparatus for sharing information between entities includes a processor and a trusted execution module executing on the processor. The trusted execution module is configured to receive first confidential information from a first client device associated with a first entity, seal the first confidential information within a trusted execution environment, receive second confidential information from a second client device associated with a second entity, seal the second confidential information within the trusted execution environment, and execute code within the trusted execution environment. The code is configured to compute a confidential result based upon the first confidential information and the second confidential information.

公开(公告)号：US09904793B2

公开(公告)日：2018-02-27

申请号：US14665064

申请日：2015-03-23

Applicant: Intel Corporation

Inventor： Richard Chow ,  Edward Wang ,  Vinay Phegade

IPC: H04L29/06 ,  G06F21/62 ,  G06F17/30 ,  G06F21/57

CPC classification number: G06F21/6218 ,  G06F17/30312 ,  G06F17/30584 ,  G06F17/30961 ,  G06F21/57 ,  G06F21/6227 ,  G06F21/6263 ,  G06F2221/2123 ,  H04L63/0428 ,  H04L63/102

Abstract: Systems, methods, and apparatus to provide private information retrieval. A disclosed example system includes a first trusted processing unit to store a first portion of data such that entities other than the first trusted processing unit are unable to access the first portion of the data in the first trusted processing unit; a second trusted processing unit to store a second portion of the data such that entities other than the second trusted processing unit are unable to access the second portion of the data in the second trusted processing unit; and a third trusted processing unit to: determine that a data element specified in a request is stored in the first trusted processing unit; request the data element from the first trusted processing unit; send a dummy request to the second trusted processing unit; and send the data element to a requester.

公开(公告)号：US20160359921A1

公开(公告)日：2016-12-08

申请号：US15241658

申请日：2016-08-19

Applicant: Intel Corporation

Inventor： Hong C. Li ,  Mark D. Boucher ,  Conor P. Cahill ,  Manohar R. Castelino ,  Steve Orrin ,  Vinay Phegade ,  John E. Simpson, JR.

IPC: H04L29/06 ,  G06F21/60

CPC classification number: H04L63/20 ,  G06F21/602 ,  G06F21/62 ,  G06F2221/2111 ,  H04L63/107

Abstract: Apparatus, systems and methods may provide a browser interface to detect an attempt by web content to manipulate data in a local data store. In addition, the data may be classified into a category if the data is remotely accessible. Additionally, a security policy may be applied to the data based on the category. In one example, a separator may separate the data from other data based on the category, the data may be encrypted/decrypted based on the category, and/or context information and user input may be determined to apply the security policy further based on the context information and the user input.

Abstract translation: 装置，系统和方法可以提供浏览器界面来检测网页内容来操纵本地数据存储中的数据的尝试。 此外，如果数据可远程访问，则数据可以分类为类别。 此外，安全策略可以基于该类别应用于数据。 在一个示例中，分离器可以基于类别将数据与其他数据分离，可以基于类别来加密/解密数据，和/或上下文信息，并且可以确定用户输入，以进一步基于 上下文信息和用户输入。

公开(公告)号：US10453114B2

公开(公告)日：2019-10-22

申请号：US14780535

申请日：2014-06-23

Applicant: Intel Corporation

Inventor： Rita H Wouhaybi ,  Timothy G Coppernoll ,  Jose K Sia, Jr. ,  Richard T Beckwith ,  Maria Bezaitis ,  Scott H Robinson ,  Vinay Phegade ,  Michael Lemay

IPC: G06Q30/00 ,  G06Q30/06 ,  G06F16/28 ,  G06F16/9535 ,  G07C13/00 ,  G06Q30/02

Abstract: Selective/controlled disclosure of user information to private workspaces of other users/invitees based on context/contextual relations, and a shared workspace or market to collaborate amongst the other users (e.g., to crowd-source gifts of interest to the recipient). Contextual disclosure may be based on common context or commonality under a set of conditions, such as a topic, which may include known topics of relationships amongst the users and/or undiscovered contexts. As an example, items of interest to each user are identified and clustered, keywords are assigned to the clusters indicative of topics/subjects of interests to the respective users, recipient keywords are compared to keywords of an invitee to identify common keywords as shared interests, and items of interest to the recipient that relate to the common keywords are disclosed to the invitee as a personalized wish-list. Keyword weighting and/or keyword/item level privacy designations may be provided to further control disclosure.

公开(公告)号：US20160173490A1

公开(公告)日：2016-06-16

申请号：US15052134

申请日：2016-02-24

Applicant: Intel Corporation

Inventor： Vinay Phegade ,  Conor Cahill ,  Sanjay Bakshi

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  G06F3/0481 ,  G06F21/33 ,  G06F21/42 ,  G06F21/84 ,  G06Q20/382 ,  G06Q20/401 ,  H04L63/08 ,  H04L63/083 ,  H04L63/126 ,  H04L67/14

Abstract: In one embodiment a controller comprises logic configured to define, for display on a region of a display device coupled to the controller, a dialog box, lock the dialog box such that input/output operations conducted in the dialog box are visible to the secure controller and are not visible to an untrusted execution complex communicatively coupled to the secure controller, receive one or more authentication credentials based on a user input to the dialog box, and use the one or more authentication credentials to establish a secure communication session with a remote service. Other embodiments may be described.

Abstract translation: 在一个实施例中，控制器包括被配置为定义用于在耦合到控制器的显示设备的区域上显示对话框的逻辑，锁定对话框，使得在对话框中执行的输入/输出操作对于安全控制器是可见的 并且对通信地耦合到安全控制器的不受信任的执行复合体是不可见的，基于对对话框的用户输入来接收一个或多个认证证书，并且使用一个或多个认证凭证与远程服务建立安全通信会话 。 可以描述其他实施例。

公开(公告)号：US10402579B2

公开(公告)日：2019-09-03

申请号：US15897990

申请日：2018-02-15

Applicant: Intel Corporation

Inventor： Richard Chow ,  Edward Wang ,  Vinay Phegade

IPC: G06F21/62 ,  H04L29/06 ,  G06F16/22 ,  G06F21/57 ,  G06F16/901 ,  G06F16/27

Abstract: Systems, methods, and apparatus to provide private information retrieval are disclosed. An example apparatus includes a protected data enclave to store a first portion of data such that entities other than the first trusted hardware processing unit are unable to access the first portion of the data. The example apparatus includes a request processor to determine that a data element specified in a first request from an entity is stored in a second trusted hardware processing unit. The request processor is to send an encrypted request for the data element to the second trusted hardware processing unit, and send an encrypted dummy request to a third trusted hardware processing unit. The request processor is to determine whether an encrypted dummy response has been received from the third trusted hardware processing unit, and whether an encrypted response including the data element has been received from the second trusted hardware processing unit.

公开(公告)号：US09923886B2

公开(公告)日：2018-03-20

申请号：US15052134

申请日：2016-02-24

Applicant: Intel Corporation

Inventor： Vinay Phegade ,  Conor Cahill ,  Sanjay Bakshi

IPC: H04L29/06 ,  G06Q20/38 ,  G06Q20/40 ,  G06F21/42 ,  G06F3/0481 ,  G06F21/84 ,  G06F21/33 ,  H04L29/08

CPC classification number: H04L63/0823 ,  G06F3/0481 ,  G06F21/33 ,  G06F21/42 ,  G06F21/84 ,  G06Q20/382 ,  G06Q20/401 ,  H04L63/08 ,  H04L63/083 ,  H04L63/126 ,  H04L67/14

Abstract: In one embodiment a controller comprises logic configured to define, for display on a region of a display device coupled to the controller, a dialog box, lock the dialog box such that input/output operations conducted in the dialog box are visible to the secure controller and are not visible to an untrusted execution complex communicatively coupled to the secure controller, receive one or more authentication credentials based on a user input to the dialog box, and use the one or more authentication credentials to establish a secure communication session with a remote service. Other embodiments may be described.

公开(公告)号：US09171163B2

公开(公告)日：2015-10-27

申请号：US13844101

申请日：2013-03-15

Applicant: Intel Corporation

Inventor： Vinay Phegade ,  Anand Rajan ,  Simon Johnson ,  Vincent Scarlata ,  Carlos Rozas ,  Nikhil Deshpande

IPC: G06F21/60 ,  G06F21/57 ,  G06F21/64

CPC classification number: H04L63/0428 ,  G06F21/57 ,  G06F21/60 ,  G06F21/64 ,  G06F2221/2105 ,  H04L63/126 ,  H04L63/302

Abstract: An apparatus for sharing information between entities includes a processor and a trusted execution module executing on the processor. The trusted execution module is configured to receive first confidential information from a first client device associated with a first entity, seal the first confidential information within a trusted execution environment, receive second confidential information from a second client device associated with a second entity, seal the second confidential information within the trusted execution environment, and execute code within the trusted execution environment. The code is configured to compute a confidential result based upon the first confidential information and the second confidential information.

Abstract translation: 用于在实体之间共享信息的装置包括处理器和在处理器上执行的可信执行模块。 可信执行模块被配置为从与第一实体相关联的第一客户端设备接收第一机密信息，将可信执行环境中的第一机密信息密封，从与第二实体相关联的第二客户端设备接收第二机密信息， 可信执行环境中的第二机密信息，并在可信执行环境内执行代码。 代码被配置为基于第一机密信息和第二机密信息来计算机密结果。

公开(公告)号：US10701039B2

公开(公告)日：2020-06-30

申请号：US14866264

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： Vinay Phegade ,  Huaiyu Liu ,  Jesse Walker

IPC: H04L29/06

Abstract: Various embodiments are generally directed to the providing for mutual authentication and secure distributed processing of multi-party data. In particular, an experiment may be submitted to include the distributed processing of private data owned by multiple distrustful entities. Private data providers may authorize the experiment and securely transfer the private data for processing by trusted computing nodes in a pool of trusted computing nodes.

公开(公告)号：US09436838B2

公开(公告)日：2016-09-06

申请号：US13721912

申请日：2012-12-20

Applicant: Intel Corporation

Inventor： Hong C. Li ,  Mark D. Boucher ,  Conor P. Cahill ,  Manohar R. Castelino ,  Steve Orrin ,  Vinay Phegade ,  John E. Simpson, Jr.

IPC: H04L29/06 ,  G06F21/62

CPC classification number: H04L63/20 ,  G06F21/602 ,  G06F21/62 ,  G06F2221/2111 ,  H04L63/107

Abstract: Apparatus, systems and methods may provide a browser interface to detect an attempt by web content to manipulate data in a local data store. In addition, the data may be classified into a category if the data is remotely accessible. Additionally, a security policy may be applied to the data based on the category. In one example, a separator may separate the data from other data based on the category, the data may be encrypted/decrypted based on the category, and/or context information and user input may be determined to apply the security policy further based on the context information and the user input.

Abstract translation: 装置，系统和方法可以提供浏览器界面来检测网页内容来操纵本地数据存储中的数据的尝试。 此外，如果数据可远程访问，则数据可以分类为类别。 此外，安全策略可以基于该类别应用于数据。 在一个示例中，分离器可以基于类别将数据与其他数据分离，可以基于类别来加密/解密数据，和/或上下文信息，并且可以确定用户输入，以进一步基于 上下文信息和用户输入。