专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

51. 发明申请

US20180191494A1 Graphics Processor With Encrypted Kernels 审中-公开
公开(公告)号：US20180191494A1
公开(公告)日：2018-07-05
申请号：US15394324
申请日：2016-12-29
申请人： Balaji Vembu , Vidhya Krishnan , Sandeep S. Sodhi , Scott Janus , Daniel Nemiroff
发明人： Balaji Vembu , Vidhya Krishnan , Sandeep S. Sodhi , Scott Janus , Daniel Nemiroff
IPC分类号： H04L9/08 , G06F21/57
CPC分类号： H04L9/14 , G06F21/74 , G06F21/75
摘要： An embodiment of a graphics apparatus may include a graphics processor including a kernel executor, and a security engine communicatively coupled to the graphics processor. The security engine may be configured to create a kernel security key, encrypt an executable kernel for the kernel executor in accordance with the kernel security key, and share the kernel security key with the graphics processor.

52. 发明授权

US09589159B2 Creating secure communication channels between processing elements 有权
标题翻译：在处理元素之间创建安全的通信通道
公开(公告)号：US09589159B2
公开(公告)日：2017-03-07
申请号：US12492513
申请日：2009-06-26
申请人： Balaji Vembu , Aditya Navale , Sathyamurthi Sadhasivan
发明人： Balaji Vembu , Aditya Navale , Sathyamurthi Sadhasivan
IPC分类号： G06F12/14 , G06F21/84 , G06F21/72 , H04L9/08
CPC分类号： G06F21/84 , G06F21/72 , H04L9/0841 , H04L2209/60
摘要： Two processing elements in a single platform may communicate securely to allow the platform to take advantage of the certain cryptographic functionality in one processing element. A first processing element, such as a bridge, may use its cryptographic functionality to request a key exchange with a second processing element, such as a graphics engine. Each processing element may include a global key which is common to the two processing elements and a unique key which is unique to each processing element. A key exchange may be established during the boot process the first time the system boots and, failing any hardware change, the same key may be used throughout the lifetime of the two processing elements. Once a secure channel is set up, any application wishing to authenticate a processing element without public-private cryptographic function may perform the authentication with the other processing element which shares a secure channel with the first processing element.
摘要翻译：单个平台中的两个处理元件可以安全通信，以允许平台在一个处理元件中利用某些加密功能。诸如桥接器的第一处理元件可以使用其加密功能来请求与诸如图形引擎的第二处理元件的密钥交换。每个处理元件可以包括两个处理元件共有的全局密钥和每个处理元件唯一的唯一密钥。在系统引导的第一次引导过程中可以建立密钥交换，并且在任何硬件改变失败的情况下，在两个处理元件的整个寿命期间可以使用相同的密钥。一旦建立了安全通道，希望在没有公共 - 私人密码功能的情况下认证处理元件的任何应用程序可以与与第一处理元件共享安全通道的其他处理元件执行认证。

53. 发明授权

US08521006B2 Boundary detection in media streams 有权
标题翻译：媒体流中的边界检测
公开(公告)号：US08521006B2
公开(公告)日：2013-08-27
申请号：US12775003
申请日：2010-05-06
申请人： Daniel Nemiroff , Balaji Vembu , Raul Gutierrez , Suryaprasad Kareenahalli
发明人： Daniel Nemiroff , Balaji Vembu , Raul Gutierrez , Suryaprasad Kareenahalli
IPC分类号： H04N5/94
CPC分类号： G11B27/3027 , G11B27/28
摘要： Encoded data decoding techniques. A data decoding agent determines a data segment size for a packet that includes a header and a data segment. The data decoding agent determines a segment end location based, at least in part, on the data segment size. The data decoding agent processes subblocks of data from the data segment. The data decoding agent compares a current location to the segment end location to determine if a current subblock of data from the data segments contains the segment end location. The data decoding agent triggers an exception handler if the current subblock contains the segment end location.
摘要翻译：编码数据解码技术。数据解码代理确定包括报头和数据段的分组的数据段大小。数据解码代理至少部分地基于数据段大小来确定段结束位置。数据解码代理处理来自数据段的数据的子块。数据解码代理将当前位置与段结束位置进行比较，以确定来自数据段的当前数据子块是否包含段结束位置。如果当前子块包含段结束位置，则数据解码代理触发异常处理程序。

54. 发明申请

US20120139927A1 MEMORY ADDRESS RE-MAPPING OF GRAPHICS DATA 有权
标题翻译：存储器地址重新映射图形数据
公开(公告)号：US20120139927A1
公开(公告)日：2012-06-07
申请号：US13369720
申请日：2012-02-09
申请人： Balaji Vembu , Aditya Navale , Wishwesh A. Gandhi
发明人： Balaji Vembu , Aditya Navale , Wishwesh A. Gandhi
IPC分类号： G09G5/39 , G06T1/00 , G06F12/00
CPC分类号： G06F12/1009 , G06F9/4401 , G06F9/4403 , G06F9/4411 , G06F9/45533 , G06F9/45558 , G06F12/109 , G06F13/28 , G06F2009/45579 , G06F2009/45583 , G06F2212/152 , G06T1/60
摘要： A method and apparatus for creating, updating, and using guest physical address (GPA) to host physical address (HPA) shadow translation tables for translating GPAs of graphics data direct memory access (DMA) requests of a computing environment implementing a virtual machine monitor to support virtual machines. The requests may be sent through a render or display path of the computing environment from one or more virtual machines, transparently with respect to the virtual machine monitor. The creating, updating, and using may be performed by a memory controller detecting entries sent to existing global and page directory tables, forking off shadow table entries from the detected entries, and translating GPAs to HPAs for the shadow table entries.
摘要翻译：一种用于创建，更新和使用访客物理地址（GPA）以主机物理地址（HPA）影子转换表的方法和装置，用于将实现虚拟机监视器的计算环境的图形数据直接存储器访问（DMA）请求的GPA转换为支持虚拟机。可以通过虚拟机监视器透明地从一个或多个虚拟机通过计算环境的呈现或显示路径发送请求。创建，更新和使用可以由存储器控制器执行，该存储器控制器检测发送到现有全局和页目录表的条目，从检测到的条目中分离影子表条目，以及将影子表条目的GPA转换为HPA。

55. 发明授权

US08154555B2 Memory address re-mapping of graphics data 有权
标题翻译：图形数据的内存地址重映射
公开(公告)号：US08154555B2
公开(公告)日：2012-04-10
申请号：US12912630
申请日：2010-10-26
申请人： Balaji Vembu , Aditya Navale , Wishwesh Gandhi
发明人： Balaji Vembu , Aditya Navale , Wishwesh Gandhi
IPC分类号： G09G5/39 , G06F13/00 , G06F12/10
CPC分类号： G06F12/1009 , G06F9/4401 , G06F9/4403 , G06F9/4411 , G06F9/45533 , G06F9/45558 , G06F12/109 , G06F13/28 , G06F2009/45579 , G06F2009/45583 , G06F2212/152 , G06T1/60
摘要： A method and apparatus for creating, updating, and using guest physical address (GPA) to host physical address (HPA) shadow translation tables for translating GPAs of graphics data direct memory access (DMA) requests of a computing environment implementing a virtual machine monitor to support virtual machines. The requests may be sent through a render or display path of the computing environment from one or more virtual machines, transparently with respect to the virtual machine monitor. The creating, updating, and using may be performed by a memory controller detecting entries sent to existing global and page directory tables, forking off shadow table entries from the detected entries, and translating GPAs to HPAs for the shadow table entries.
摘要翻译：一种用于创建，更新和使用访客物理地址（GPA）以主机物理地址（HPA）影子转换表的方法和装置，用于将实现虚拟机监视器的计算环境的图形数据直接存储器访问（DMA）请求的GPA转换为支持虚拟机。可以通过虚拟机监视器透明地从一个或多个虚拟机通过计算环境的呈现或显示路径发送请求。创建，更新和使用可以由存储器控制器执行，该存储器控制器检测发送到现有全局和页目录表的条目，从检测到的条目中分离影子表条目，以及将影子表条目的GPA转换为HPA。

56. 发明授权

US08014530B2 Method and apparatus for authenticated, recoverable key distribution with no database secrets 有权
标题翻译：具有无数据库秘密的认证，可恢复密钥分发的方法和装置
公开(公告)号：US08014530B2
公开(公告)日：2011-09-06
申请号：US11387203
申请日：2006-03-22
申请人： Ernest Brickell , Gary Graunke , William A. Stevens , Balaji Vembu
发明人： Ernest Brickell , Gary Graunke , William A. Stevens , Balaji Vembu
IPC分类号： H04L9/08
CPC分类号： H04L9/0841 , G09C1/00 , H04L2209/56
摘要： A method and apparatus for authenticated recoverable key distribution are described. In one embodiment, an application key is provided to an integrated chip platform. In one embodiment, the integrated chip platform encrypts the application key with a Key Encryption Key, which is stored within the persistent memory on the platform, and outputs a ChipID and the encrypted application key to enable recovery. In one embodiment, the platform can provide the ChipID to a recovery database to replace a lost encrypted application key. In one embodiment, the ChipID is the public key of a public/private key pair, and the application key is provided to the integrated chip platform by encrypting it using this public key. In one embodiment, the ChipID and the Key Encryption Key are derived from a secret random number programmed into the integrated chip. Other embodiments are described and claimed.
摘要翻译：描述了用于认证的可恢复密钥分发的方法和装置。在一个实施例中，将应用密钥提供给集成芯片平台。在一个实施例中，集成芯片平台用存储在平台上的持久存储器内的密钥加密密钥加密应用密钥，并输出ChipID和加密的应用密钥以使能恢复。在一个实施例中，平台可以将ChipID提供给恢复数据库以替换丢失的加密应用密钥。在一个实施例中，ChipID是公共/私人密钥对的公共密钥，并且通过使用该公开密钥将应用密钥提供给集成芯片平台。在一个实施例中，ChipID和密钥加密密钥从编入集成芯片的秘密随机数导出。描述和要求保护其他实施例。

57. 发明授权

US07868897B2 Apparatus and method for memory address re-mapping of graphics data 有权
标题翻译：用于图形数据的存储器地址重映射的装置和方法
公开(公告)号：US07868897B2
公开(公告)日：2011-01-11
申请号：US11480663
申请日：2006-06-30
申请人： Balaji Vembu , Aditya Navale , Wishwesh A. Gandhi
发明人： Balaji Vembu , Aditya Navale , Wishwesh A. Gandhi
IPC分类号： G09G5/39 , G06F13/00 , G06F12/10
CPC分类号： G06F12/1009 , G06F9/4401 , G06F9/4403 , G06F9/4411 , G06F9/45533 , G06F9/45558 , G06F12/109 , G06F13/28 , G06F2009/45579 , G06F2009/45583 , G06F2212/152 , G06T1/60
摘要： A method and apparatus for creating, updating, and using guest physical address (GPA) to host physical address (HPA) shadow translation tables for translating GPAs of graphics data direct memory access (DMA) requests of a computing environment implementing a virtual machine monitor to support virtual machines. The requests may be sent through a render or display path of the computing environment from one or more virtual machines, transparently with respect to the virtual machine monitor. The creating, updating, and using may be performed by a memory controller detecting entries sent to existing global and page directory tables, forking off shadow table entries from the detected entries, and translating GPAs to HPAs for the shadow table entries.
摘要翻译：一种用于创建，更新和使用访客物理地址（GPA）以主机物理地址（HPA）影子转换表的方法和装置，用于将实现虚拟机监视器的计算环境的图形数据直接存储器访问（DMA）请求的GPA转换为支持虚拟机。可以通过虚拟机监视器透明地从一个或多个虚拟机通过计算环境的呈现或显示路径发送请求。创建，更新和使用可以由存储器控制器执行，该存储器控制器检测发送到现有全局和页目录表的条目，从检测到的条目中分离影子表条目，以及将影子表条目的GPA转换为HPA。

58. 发明申请

US20100332852A1 Creating Secure Communication Channels Between Processing Elements 有权
标题翻译：在处理元素之间创建安全通信通道
公开(公告)号：US20100332852A1
公开(公告)日：2010-12-30
申请号：US12492513
申请日：2009-06-26
申请人： Balaji Vembu , Aditya Navale , Sathyamurthi Sadhasivan
发明人： Balaji Vembu , Aditya Navale , Sathyamurthi Sadhasivan
IPC分类号： G06F12/14 , G06F21/00 , H04L9/08
CPC分类号： G06F21/84 , G06F21/72 , H04L9/0841 , H04L2209/60
摘要： Two processing elements in a single platform may communicate securely to allow the platform to take advantage of the certain cryptographic functionality in one processing element. A first processing element, such as a bridge, may use its cryptographic functionality to request a key exchange with a second processing element, such as a graphics engine. Each processing element may include a global key which is common to the two processing elements and a unique key which is unique to each processing element. A key exchange may be established during the boot process the first time the system boots and, failing any hardware change, the same key may be used throughout the lifetime of the two processing elements. Once a secure channel is set up, any application wishing to authenticate a processing element without public-private cryptographic function may perform the authentication with the other processing element which shares a secure channel with the first processing element.
摘要翻译：单个平台中的两个处理元件可以安全通信，以允许平台在一个处理元件中利用某些加密功能。诸如桥接器的第一处理元件可以使用其加密功能来请求与诸如图形引擎的第二处理元件的密钥交换。每个处理元件可以包括两个处理元件共有的全局密钥和每个处理元件唯一的唯一密钥。在系统引导的第一次引导过程中可以建立密钥交换，并且在任何硬件改变失败的情况下，在两个处理元件的整个寿命期间可以使用相同的密钥。一旦建立了安全通道，希望在没有公共 - 私人密码功能的情况下认证处理元件的任何应用程序可以与与第一处理元件共享安全通道的其他处理元件执行认证。

59. 发明申请

US20090006702A1 SHARING UNIVERSAL SERIAL BUS ISOCHRONOUS BANDWIDTH BETWEEN MULTIPLE VIRTUAL MACHINES 审中-公开
标题翻译：在多台虚拟机之间共享通用串行总线
公开(公告)号：US20090006702A1
公开(公告)日：2009-01-01
申请号：US11768696
申请日：2007-06-26
申请人： Nitin Sarangdhar , Balaji Vembu
发明人： Nitin Sarangdhar , Balaji Vembu
IPC分类号： G06F13/14
CPC分类号： G06F13/14
摘要： A method and computer readable medium are disclosed. In one embodiment, the method includes enumerating multiple Universal Serial Bus (USB) devices on a computer platform running a multiple virtual machines (VMs). The method also includes assigning each of the USB devices to a VM, wherein each USB device may be assigned to a different VM. The method also includes making each USB device visible only to the VM it is assigned to. The method also includes limiting the bandwidth each of the VMs can schedule its assigned devices within a USB data transfer frame. This will allow all of the VMs to have access to the bandwidth of the frame by avoiding the problem of over-subscription when the schedule is merged.
摘要翻译：公开了一种方法和计算机可读介质。在一个实施例中，该方法包括在运行多个虚拟机（VM）的计算机平台上列举多个通用串行总线（USB）设备。该方法还包括将每个USB设备分配给VM，其中每个USB设备可被分配给不同的VM。该方法还包括使每个USB设备仅对其被分配给的VM可见。该方法还包括限制每个VM的带宽可以在USB数据传输帧内调度其分配的设备。这将允许所有VM通过避免在合并计划时超额订购的问题来访问帧的带宽。

60. 发明申请

US20070223704A1 Method and apparatus for authenticated, recoverable key distribution with no database secrets 有权
标题翻译：具有无数据库秘密的认证，可恢复密钥分发的方法和装置
公开(公告)号：US20070223704A1
公开(公告)日：2007-09-27
申请号：US11387203
申请日：2006-03-22
申请人： Ernest Brickell , Gary Graunke , William Stevens , Balaji Vembu
发明人： Ernest Brickell , Gary Graunke , William Stevens , Balaji Vembu
IPC分类号： H04L9/00
CPC分类号： H04L9/0841 , G09C1/00 , H04L2209/56
摘要： A method and apparatus for authenticated recoverable key distribution are described. In one embodiment, an application key is provided to an integrated chip platform. In one embodiment, the integrated chip platform encrypts the application key with a Key Encryption Key, which is stored within the persistent memory on the platform, and outputs a ChipID and the encrypted application key to enable recovery. In one embodiment, the platform can provide the ChipID to a recovery database to replace a lost encrypted application key. In one embodiment, the ChipID is the public key of a public/private key pair, and the application key is provided to the integrated chip platform by encrypting it using this public key. In one embodiment, the ChipID and the Key Encryption Key are derived from a secret random number programmed into the integrated chip. Other embodiments are described and claimed.
摘要翻译：描述了用于认证的可恢复密钥分发的方法和装置。在一个实施例中，将应用密钥提供给集成芯片平台。在一个实施例中，集成芯片平台用存储在平台上的持久存储器内的密钥加密密钥加密应用密钥，并输出ChipID和加密的应用密钥以使能恢复。在一个实施例中，平台可以将ChipID提供给恢复数据库以替换丢失的加密应用密钥。在一个实施例中，ChipID是公共/私人密钥对的公共密钥，并且通过使用该公开密钥将应用密钥提供给集成芯片平台。在一个实施例中，ChipID和密钥加密密钥从编入集成芯片的秘密随机数导出。描述和要求保护其他实施例。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式