公开(公告)号：WO2017052745A1

公开(公告)日：2017-03-30

申请号：PCT/US2016/043829

申请日：2016-07-25

Applicant: MCAFEE, INC.

Inventor： HUNT, Simon ,  SAMBANDAM, Venkata Ramanan

IPC: H04N21/2389 ,  H04N21/266 ,  H04N21/435

CPC classification number: H04L9/14 ,  G06F21/10 ,  G06F21/16 ,  G06F21/53 ,  G06F2221/0755 ,  G06Q20/3829 ,  G06Q2220/00 ,  G09C5/00 ,  H04L9/3242 ,  H04L9/3247 ,  H04L2209/60 ,  H04L2209/76

Abstract: This disclosure describes systems and methods related to utilizing hardware assisted protection for media content. In some embodiments, a provided method comprises: receiving, from a content server and by a computing device processor of a secure enclave of a device, first encrypted media content; decrypting, by the computing device processor, the first encrypted media content using a first decryption key; generating, by the computing device processor, a second decryption key; encrypting, by the computing device processor, the first decrypted media content using the second key, thereby resulting in second encrypted media content; and sending, by the computing device processor and to one or more graphical processing units (GPUs) comprised in a graphics component of the device, the second encrypted media content and the second decryption key.

Abstract translation: 本公开描述了与利用媒体内容的硬件辅助保护有关的系统和方法。 在一些实施例中，所提供的方法包括：从内容服务器和设备的安全飞地的计算设备处理器接收第一加密的媒体内容; 由计算设备处理器使用第一解密密钥解密第一加密媒体内容; 由所述计算设备处理器生成第二解密密钥; 由计算设备处理器使用第二密钥对第一解密的媒体内容进行加密，从而产生第二加密的媒体内容; 以及由所述计算设备处理器和包括在所述设备的图形组件中的一个或多个图形处理单元（GPU）发送所述第二加密的媒体内容和所述第二解密密钥。

公开(公告)号：WO2017078813A2

公开(公告)日：2017-05-11

申请号：PCT/US2016/046026

申请日：2016-08-08

Applicant: MCAFEE, INC.

Inventor： HUNT, Simon ,  SAMBANDAM, Venkata Ramanan ,  SHAH, Samir

CPC classification number: B64C39/024 ,  B64C2201/027 ,  B64C2201/127 ,  B64C2201/141 ,  B64C2201/145 ,  G01S19/215 ,  G01S19/42 ,  G06F21/00 ,  G06F21/606 ,  G08G5/0013 ,  G08G5/0021 ,  G08G5/0034 ,  G08G5/0052 ,  G08G5/006 ,  G08G5/0069 ,  G08G5/0082 ,  H04L9/302 ,  H04L9/3247 ,  H04L9/3249 ,  H04W4/021 ,  H04W4/046

Abstract: Certain embodiments herein relate to location verification for autonomous unmanned aerial vehicles (also referred to as "drones"). In some embodiments, an unmanned aerial vehicle engaged in autonomous flight may determine its location using a satellite-based navigation system. The location may be evaluated against location data obtained from one or more secondary factors, such as public broadcast beacons, cellular towers, wireless network identifiers, visual markers, or any combination thereof. If the location is determined to be invalid, the unmanned aerial vehicle may be instructed to take a mitigation action. Additionally, certain embodiments also include the verification of a flight plan for the unmanned aerial vehicle using secure no-fly logic to verify a flight plan does not violate no-fly zones. If the flight plan is verified, the flight plan may be signed using a cryptographic signature and provided to a navigation module that verifies the signature and executes the flight plan.

Abstract translation: 这里的某些实施例涉及用于自主无人驾驶飞行器（也称为“无人驾驶飞机”）的位置验证。 在一些实施例中，参与自主飞行的无人驾驶飞行器可以使用基于卫星的导航系统来确定其位置。 可以针对从一个或多个次要因素（例如公共广播信标，蜂窝塔，无线网络标识符，可视标记或其任何组合）获得的位置数据来评估位置。 如果该位置被确定为无效，则可以指示无人驾驶飞行器采取缓解措施。 另外，某些实施例还包括使用安全的禁止飞行逻辑来验证无人驾驶飞行器的飞行计划以验证飞行计划不违反禁飞区。 如果验证了飞行计划，则可以使用加密签名对飞行计划进行签名，并将其提供给导航模块，以验证签名并执行飞行计划。

公开(公告)号：WO2017112169A1

公开(公告)日：2017-06-29

申请号：PCT/US2016/062638

申请日：2016-11-18

Applicant: MCAFEE, INC.

Inventor： HERBERT, Howard C. ,  MANKIN, Jennifer Eligius ,  HUNT, Simon ,  SAMBANDAM, Venkata Ramanan ,  SCOTT-NASH, Mark E. ,  BARTFAI-WALCOTT, Katalin Klara ,  ILLIKKAL, Rameshkumar

IPC: G06F21/50 ,  G06F1/32

CPC classification number: G06F9/5083 ,  G06F9/505 ,  G06F9/5072 ,  G06F11/3006 ,  H04L47/822

Abstract: In an example, there is disclosed a computing apparatus, having a computing resource; a bespoke sensor for measuring at least one parameter of usage of the computing resource; and one or more logic elements providing a trusted compute meter (TCM) agent to: receive an external workload; provision a workload enclave; execute the external workload within the TCM enclave; and measure resource usage of the external workload via the bespoke sensor. There is also disclosed a computer-readable medium having stored thereon executable instructions for providing a TCM agent, and a method of providing a TCM agent.

Abstract translation: 在一个示例中，公开了一种具有计算资源的计算装置; 用于测量计算资源的至少一个使用参数的定制传感器; 以及提供可信计算仪表（TCM）代理的一个或多个逻辑元件：接收外部工作负载; 提供工作量飞地; 执行TCM飞地内的外部工作量; 并通过定制传感器测量外部工作负载的资源使用情况。 还公开了一种计算机可读介质，其上存储有用于提供TCM代理的可执行指令以及提供TCM代理的方法。

公开(公告)号：WO2017052946A1

公开(公告)日：2017-03-30

申请号：PCT/US2016/048512

申请日：2016-08-25

Applicant: MCAFEE, INC.

Inventor： WOODWARD, Carl D. ,  SAMBANDAM, Venkata Ramanan ,  RUBAKHA, Dmitri

IPC: G06F9/54 ,  G06F12/14 ,  G06F12/08

CPC classification number: G06F3/0659 ,  G06F3/0623 ,  G06F3/0631 ,  G06F3/064 ,  G06F3/0647 ,  G06F3/0656 ,  G06F3/0673 ,  G06F12/023 ,  G06F12/08 ,  G06F12/1408 ,  G06F12/1491 ,  G06F21/53 ,  G06F21/57 ,  G06F21/74 ,  G06F2212/1016 ,  G06F2212/1052 ,  G06F2212/152 ,  H04L9/3234

Abstract: In an example, there is disclosed a computing apparatus, including a processor, including a trusted execution instruction set; a memory having an enclave portion, wherein the enclave is accessible only via the trusted execution instruction set; a swap file; and a memory management engine operable to: allocate a buffer within the enclave; receive a scope directive to indicate that the buffer is in scope; and protect the buffer from swapping to the swap file while the buffer is in scope. There is further disclosed an method of providing a memory management engine, and one or more computer-readable storage mediums having stored thereon executable instructions for providing the memory management engine.

Abstract translation: 在一个示例中，公开了一种包括处理器的计算装置，包括可信执行指令集; 具有飞地部分的存储器，其中所述飞地仅能通过所述可信执行指令集来访问; 一个交换文件 以及可操作用于：在所述飞地内分配缓冲器的存储器管理引擎; 接收范围指令以指示缓冲区在范围内; 并在缓冲区范围内保护缓冲区免受交换到交换文件。 还公开了一种提供存储器管理引擎和一个或多个计算机可读存储介质的方法，其中存储有用于提供存储器管理引擎的可执行指令。

公开(公告)号：WO2017052945A1

公开(公告)日：2017-03-30

申请号：PCT/US2016/048511

申请日：2016-08-25

Applicant: MCAFEE, INC.

Inventor： HUNT, Simon ,  SAMBANDAM, Venkata Ramanan ,  VENKATESWARAN, Prasanna

IPC: B60W40/09 ,  B60K28/02 ,  G06F21/31 ,  B60W40/08

CPC classification number: B60W40/09 ,  B60W30/08 ,  B60W2040/0809 ,  B60W2540/28 ,  B60W2550/12 ,  B60W2550/141 ,  B60W2550/20

Abstract: In an example, there is disclosed a computing apparatus, including: a driver identity detector to detect the identity of a driver; and one or more logic elements providing a driver competency engine, operable to: detect the identity of the driver; evaluate the driver's operation of a vehicle; and build a driver competency profile based at least in part on the evaluating. The driver competency engine may further be operable to detect a context of the operation, such as environmental factors. There is also described a method of providing a driver competency engine, and one or more computer readable mediums having stored thereon executable instructions for providing a driver competency engine.

Abstract translation: 在一个示例中，公开了一种计算装置，包括：驾驶员身份检测器，用于检测驾驶员的身份; 以及提供驾驶员能力引擎的一个或多个逻辑元件，其可操作以：检测驾驶员的身份; 评估司机对车辆的操作; 并至少部分基于评估建立驾驶员能力概况。 驾驶员能力引擎还可以用于检测操作的上下文，例如环境因素。 还描述了一种提供驾驶员能力引擎的方法，以及一种或多种在其上存储有用于提供驾驶员能力引擎的可执行指令的计算机可读介质。

公开(公告)号：WO2017023497A1

公开(公告)日：2017-02-09

申请号：PCT/US2016/041739

申请日：2016-07-11

Applicant: MCAFEE, INC.

Inventor： HUNT, Simon ,  SAMBANDAM, Venkata Ramanan

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/1416 ,  G06F21/645 ,  G06F2221/2119 ,  H04L63/1433

Abstract: This disclosure describes systems, methods, and computer-readable media related to phishing and brand protection via copycat detection. In some embodiments, a temporary page profile associated with a webpage may be generated. The temporary page profile may include an image component, a geometry component, a style component, and a link component. One or more baseline page profiles may be retrieved. The temporary page profile and the one or more baseline page profiles may be compared. It may be determined that the temporary page profile does not match the one or more baseline page profiles. An alert may be generated to display to a user indicating that fraud has been detected for the webpage.

Abstract translation: 本公开描述了通过模仿检测与网络钓鱼和品牌保护相关的系统，方法和计算机可读介质。 在一些实施例中，可以生成与网页相关联的临时页面简档。 临时页面简档可以包括图像组件，几何组件，样式组件和链接组件。 可以检索一个或多个基线页面简档。 可以比较临时页面简档和一个或多个基准页面简档。 可能确定临时页面配置文件与一个或多个基准页面配置文件不匹配。 可以生成警报以向用户显示指示已经为网页检测到欺诈。

公开(公告)号：WO2016200526A1

公开(公告)日：2016-12-15

申请号：PCT/US2016/031565

申请日：2016-05-10

Applicant: MCAFEE, INC.

Inventor： SMITH, Ned M. ,  HUNT, Simon ,  SAMBANDAM, Venkata Ramanan

IPC: H04L29/06 ,  H04L29/08 ,  H04L9/08

CPC classification number: H04L63/061 ,  H04L9/0844 ,  H04L9/3234 ,  H04L9/3263 ,  H04L63/02 ,  H04L63/0428 ,  H04L63/10 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/20

Abstract: In an example, there is disclosed a computing apparatus, comprising : a trusted execution environment (TEE); and a security engine operable to: identify a key negotiation for an encrypted connection between a first device and a second device; request a service appliance key for the key negotiation; receive the service appliance key; and perform a service appliance function on traffic between the first device and the second device. There is also disclosed a method of providing the security engine, and a computer-readable medium having stored thereon executable instructions for providing the security engine.

Abstract translation: 在一个示例中，公开了一种计算设备，包括：可信执行环境（TEE）; 以及安全引擎，其可操作以：识别用于第一设备和第二设备之间的加密连接的密钥协商; 请求服务设备密钥进行密钥协商; 接收服务设备密钥; 并对第一设备和第二设备之间的流量执行服务设备功能。 还公开了提供安全引擎的方法，以及其上存储有用于提供安全引擎的可执行指令的计算机可读介质。