专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2013180736A1 IDENTIFICATION AND EXECUTION OF SUBSETS OF A PLURALITY OF INSTRUCTIONS IN A MORE SECURE EXECUTION ENVIRONMENT 审中-公开
标题翻译：在更安全的执行环境中确定和执行大量指令的附件
公开(公告)号：WO2013180736A1
公开(公告)日：2013-12-05
申请号：PCT/US2012/040597
申请日：2012-06-01
申请人： INTEL CORPORATION , GOFFMAN, Sergei , BERENZON, Alex , LENZ, Oron , DEVOR, Tevi , ZHANG, Bo , ZAHAVI, Yoram , MAOR, Moshe
发明人： GOFFMAN, Sergei , BERENZON, Alex , LENZ, Oron , DEVOR, Tevi , ZHANG, Bo , ZAHAVI, Yoram , MAOR, Moshe
IPC分类号： G06F21/22 , G06F9/44
CPC分类号： G06F21/602 , G06F21/125 , G06F21/53 , G06F21/54
摘要： Embodiments of apparatus, computer-implemented methods, systems, devices, and computer-readable media are described herein for identifying and encrypting a subset of a plurality of instructions, for execution in a more secure execution environment, In various embodiments, the subset may include a single entry point and a single exit point. In various embodiments, one or more instructions of the plurality of instructions that precede or follow the subset may be executed in a first execution environment with a first security level. In various embodiments, the subset may be executed in a second execution environment with a second security level that is more secure than the first security level.
摘要翻译：本文描述了装置，计算机实现的方法，系统，设备和计算机可读介质的实施例，用于识别和加密多个指令的子集，以在更安全的执行环境中执行。在各种实施例中，子集可以包括单个入口点和单个出口点。在各种实施例中，可以在具有第一安全级别的第一执行环境中执行在子集之前或之后的多个指令中的一个或多个指令。在各种实施例中，子集可以在具有比第一安全级别更安全的第二安全级别的第二执行环境中执行。

2. 发明申请

WO2014105159A1 PAGING IN SECURE ENCLAVES 审中-公开
标题翻译：寻找安全的包装
公开(公告)号：WO2014105159A1
公开(公告)日：2014-07-03
申请号：PCT/US2013/047322
申请日：2013-06-24
申请人： INTEL CORPORATION , MCKEEN, Francis X. , GOLDSMITH, Michael A. , HUNTLEY, Barry E. , JOHNSON, Simon P. , LESLIE-HURD, Rebekah , ROZAS, Carlos V. , SAVAGAONKAR, Uday R. , SCARLATA, Vincent R. , SHANBHOGUE, Vedvyas , SMITH, Wesley H. , ANATI, Ittai , ALEXANDROVICH, Ilya , BERENZON, Alex , NEIGER, Gilbert
发明人： MCKEEN, Francis X. , GOLDSMITH, Michael A. , HUNTLEY, Barry E. , JOHNSON, Simon P. , LESLIE-HURD, Rebekah , ROZAS, Carlos V. , SAVAGAONKAR, Uday R. , SCARLATA, Vincent R. , SHANBHOGUE, Vedvyas , SMITH, Wesley H. , ANATI, Ittai , ALEXANDROVICH, Ilya , BERENZON, Alex , NEIGER, Gilbert
IPC分类号： G06F12/14
CPC分类号： G06F12/0804 , G06F9/30047 , G06F12/0875 , G06F12/1408 , G06F2212/1052 , G06F2212/402
摘要： Embodiments of an invention for paging in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive a first instruction. The execution unit is to execute the first instruction, wherein execution of the first instruction includes evicting a first page from an enclave page cache.
摘要翻译：公开了用于在安全飞行器中寻呼的发明的实施例。在一个实施例中，处理器包括指令单元和执行单元。指令单元接收第一条指令。执行单元执行第一指令，其中第一指令的执行包括从飞地页面缓存中逐出第一页。

3. 发明申请

WO2014105161A1 MEMORY MANAGEMENT IN SECURE ENCLAVES 审中-公开
标题翻译：内存管理在安全的包装
公开(公告)号：WO2014105161A1
公开(公告)日：2014-07-03
申请号：PCT/US2013/047339
申请日：2013-06-24
申请人： INTEL CORPORATION , LESLIE-HURD, Rebekah , ROZAS, Carlos V. , SCARLATA, Vincent R. , JOHNSON, Simon P. , SAVAGAONKAR, Uday R. , HUNTLEY, Barry E. , SHANBHOGUE, Vedvyas , ANATI, Ittai , MCKEEN, Francis X. , GOLDSMITH, Michael A. , ALEXANDROVICH, Ilya , BERENZON, Alex , SMITH, Wesley H. , NEIGER, Gilbert
发明人： LESLIE-HURD, Rebekah , ROZAS, Carlos V. , SCARLATA, Vincent R. , JOHNSON, Simon P. , SAVAGAONKAR, Uday R. , HUNTLEY, Barry E. , SHANBHOGUE, Vedvyas , ANATI, Ittai , MCKEEN, Francis X. , GOLDSMITH, Michael A. , ALEXANDROVICH, Ilya , BERENZON, Alex , SMITH, Wesley H. , NEIGER, Gilbert
IPC分类号： G06F12/14 , G06F12/08
CPC分类号： G06F9/3004 , G06F9/30047 , G06F9/30076 , G06F9/44 , G06F12/084 , G06F12/0875 , G06F12/1483 , G06F2212/452
摘要： Embodiments of an invention for memory management in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive a first instruction and a second instruction. The execution unit is to execute the first instruction, wherein execution of the first instruction includes allocating a page in an enclave page cache to a secure enclave. The execution unit is also to execute the second instruction, wherein execution of the second instruction includes confirming the allocation of the page.
摘要翻译：公开了用于安全飞行器中的存储器管理的发明的实施例。在一个实施例中，处理器包括指令单元和执行单元。指令单元接收第一指令和第二指令。执行单元执行第一指令，其中第一指令的执行包括将飞地页面缓存中的页面分配到安全飞地。执行单元还执行第二指令，其中第二指令的执行包括确认页的分配。

4. 发明申请

WO2016122751A2 USING TRUSTED EXECUTION ENVIRONMENTS FOR SECURITY OF CODE AND DATA 审中-公开
标题翻译：使用值得信赖的执行环境来保护代码和数据
公开(公告)号：WO2016122751A2
公开(公告)日：2016-08-04
申请号：PCT/US2015/060879
申请日：2015-11-16
申请人： INTEL CORPORATION
发明人： NESHER, Nadav , BERENZON, Alex , CHAIKIN, Baruch
IPC分类号： H04L9/00 , H04L12/12
CPC分类号： G06F21/53 , G06F21/57 , G06F21/71 , H04L2209/127
摘要： An embodiment includes a processor coupled to memory to perform operations comprising: creating a first trusted execution environment (TXE), in protected non-privileged user address space of the memory, which makes a first measurement for at least one of first data and first executable code and which encrypts the first measurement with a persistent first hardware based encryption key while the first measurement is within the first TXE; creating a second TXE, in the non-privileged user address space, which makes a second measurement for at least one of second data and second executable code; creating a third TXE in the non- privileged user address space; creating a first secure communication channel between the first and third TXEs and a second secure communication channel between the second and third TXEs; and communicating the first measurement between the first and third TXEs via the first secure communication channel.
摘要翻译：一个实施例包括耦合到存储器以执行操作的处理器，所述操作包括：在所述存储器的受保护的非特权用户地址空间中创建第一可信执行环境（TXE），所述第一可信执行环境（TXE）第一数据和第一可执行代码中的至少一个，并且当第一测量在第一TXE内时，利用持久的第一基于硬件的加密密钥加密第一测量; 在非特权用户地址空间中创建第二TXE，其对第二数据和第二可执行代码中的至少一个进行第二测量; 在非特权用户地址空间中创建第三个TXE; 创建所述第一和第三TXE与所述第二和第三TXE之间的第二安全通信信道之间的第一安全通信信道; 以及经由第一安全通信信道在第一和第三TXE之间传送第一测量。

5. 发明申请

WO2014105122A1 ACCESS TYPE PROTECTION OF MEMORY RESERVED FOR USE BY PROCESSOR LOGIC 审中-公开
标题翻译：存储器访问类型保护由处理器逻辑使用
公开(公告)号：WO2014105122A1
公开(公告)日：2014-07-03
申请号：PCT/US2013/045691
申请日：2013-06-13
申请人： INTEL CORPORATION
发明人： HILDESHEIM, Gur , RAIKIN, Shlomo , ANATI, Ittai , GERZON, Gideon , SHAFI, Hisham , BERENZON, Alex , STRONGIN, Geoffrey, S. , SORANI, Iris
IPC分类号： G06F13/16 , G06F12/00
CPC分类号： G06F12/1027 , G06F12/1441 , G06F12/145 , G06F2212/1052
摘要： A processor of an aspect includes operation mode check logic to determine whether to allow an attempted access to an operation mode and access type protected memory based on an operation mode that is to indicate whether the attempted access is by an on-die processor logic. Access type check logic is to determine whether to allow the attempted access to the operation mode and access type protected memory based on an access type of the attempted access to the operation mode and access type protected memory. Protection logic is coupled with the operation mode check logic and is coupled with the access type check logic. The protection logic is to deny the attempted access to the operation mode and access type protected memory if at least one of the operation mode check logic and the access type check logic determines not to allow the attempted access.
摘要翻译：一方面的处理器包括操作模式检查逻辑，用于基于用于指示尝试的访问是否由片上处理器逻辑来确定是否允许尝试访问操作模式和访问类型受保护存储器的操作模式。访问类型检查逻辑是基于尝试访问操作模式和访问类型受保护的存储器的访问类型来确定是否允许尝试访问操作模式和访问类型受保护的存储器。保护逻辑与操作模式检查逻辑耦合，并与访问类型检查逻辑耦合。如果操作模式检查逻辑和访问类型检查逻辑中的至少一个确定不允许尝试访问，则保护逻辑是拒绝尝试访问操作模式和访问类型保护的存储器。

6. 发明授权

EP3235161B1 USING TRUSTED EXECUTION ENVIRONMENTS FOR SECURITY OF CODE AND DATA 有权
公开(公告)号：EP3235161B1
公开(公告)日：2020-04-01
申请号：EP15880627.3
申请日：2015-11-16
申请人： Intel Corporation
发明人： NESHER, Nadav , BERENZON, Alex , CHAIKIN, Baruch
IPC分类号： G06F21/53

7. 发明公开

EP3235161A2 USING TRUSTED EXECUTION ENVIRONMENTS FOR SECURITY OF CODE AND DATA 审中-公开
标题翻译：使用值得信赖的执行环境来保护代码和数据
公开(公告)号：EP3235161A2
公开(公告)日：2017-10-25
申请号：EP15880627.3
申请日：2015-11-16
申请人： Intel Corporation
发明人： NESHER, Nadav , BERENZON, Alex , CHAIKIN, Baruch
IPC分类号： H04L9/00 , H04L12/12
CPC分类号： G06F21/53 , G06F21/57 , G06F21/71 , H04L2209/127
摘要： An embodiment includes a processor coupled to memory to perform operations comprising: creating a first trusted execution environment (TXE), in protected non-privileged user address space of the memory, which makes a first measurement for at least one of first data and first executable code and which encrypts the first measurement with a persistent first hardware based encryption key while the first measurement is within the first TXE; creating a second TXE, in the non-privileged user address space, which makes a second measurement for at least one of second data and second executable code; creating a third TXE in the non-privileged user address space; creating a first secure communication channel between the first and third TXEs and a second secure communication channel between the second and third TXEs; and communicating the first measurement between the first and third TXEs via the first secure communication channel. Other embodiments are described herein.
摘要翻译：一个实施例包括耦合到存储器以执行操作的处理器，该处理器包括：在存储器的受保护的非特权用户地址空间中创建第一可信执行环境（TXE），其对第一数据和第一可执行文件中的至少一个执行第一测量并且当第一测量在第一TXE内时，利用持久的第一基于硬件的加密密钥加密第一测量; 在非特权用户地址空间中创建第二TXE，其对第二数据和第二可执行代码中的至少一个进行第二测量; 在非特权用户地址空间中创建第三个TXE; 创建所述第一和第三TXE与所述第二和第三TXE之间的第二安全通信信道之间的第一安全通信信道; 以及经由第一安全通信信道在第一和第三TXE之间传送第一测量。

8. 发明授权

EP2856377B1 IDENTIFICATION AND EXECUTION OF SUBSETS OF A PLURALITY OF INSTRUCTIONS IN A MORE SECURE EXECUTION ENVIRONMENT 有权
标题翻译：在更安全的执行环境中识别和执行多项指令的子集
公开(公告)号：EP2856377B1
公开(公告)日：2017-09-27
申请号：EP12877666.3
申请日：2012-06-01
申请人： Intel Corporation
发明人： GOFFMAN, Sergei , BERENZON, Alex , LENZ, Oron , DEVOR, Tevi , ZHANG, Bo , ZAHAVI, Yoram , MAOR, Moshe
IPC分类号： G06F21/10 , G06F9/44 , G06F21/53 , G06F21/54
CPC分类号： G06F21/602 , G06F21/125 , G06F21/53 , G06F21/54

9. 发明公开

EP2856377A1 IDENTIFICATION AND EXECUTION OF SUBSETS OF A PLURALITY OF INSTRUCTIONS IN A MORE SECURE EXECUTION ENVIRONMENT 有权
标题翻译：识别与在命令中几组执行。在更高的安全设计环境
公开(公告)号：EP2856377A1
公开(公告)日：2015-04-08
申请号：EP12877666.3
申请日：2012-06-01
申请人： Intel Corporation
发明人： GOFFMAN, Sergei , BERENZON, Alex , LENZ, Oron , DEVOR, Tevi , ZHANG, Bo , ZAHAVI, Yoram , MAOR, Moshe
IPC分类号： G06F21/10 , G06F9/44
CPC分类号： G06F21/602 , G06F21/125 , G06F21/53 , G06F21/54
摘要： Embodiments of apparatus, computer-implemented methods, systems, devices, and computer-readable media are described herein for identifying and encrypting a subset of a plurality of instructions, for execution in a more secure execution environment, In various embodiments, the subset may include a single entry point and a single exit point. In various embodiments, one or more instructions of the plurality of instructions that precede or follow the subset may be executed in a first execution environment with a first security level. In various embodiments, the subset may be executed in a second execution environment with a second security level that is more secure than the first security level.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式