会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • TECHNOLOGIES FOR PROTECTING AUDIO DATA WITH TRUSTED I/O
    • 用可靠的I / O保护音频数据的技术
    • WO2017105768A1
    • 2017-06-22
    • PCT/US2016/062781
    • 2016-11-18
    • INTEL CORPORATION
    • LAL, ReshmaPAPPACHAN, Pradeep M.WONG, KarMCGOWAN, Steven B.ASLAM, Adeel AKRISHNAKUMAR, Sudha
    • G06F21/60G06F21/50
    • G06F3/165G06F3/162G06F15/167H04L9/32H04L63/126H04L65/1069H04L65/4069H04L65/605
    • Technologies for cryptographic protection of I/O audio data include a computing device with a cryptographic engine and an audio controller. A trusted software component may request an untrusted audio driver to establish an audio session with the audio controller that is associated with an audio codec. The trusted software component may verify that a stream identifier associated with the audio session received from the audio driver matches a stream identifier received from the codec. The trusted software may program the cryptographic engine with a DMA channel identifier associated with the codec, and the audio controller may assert the channel identifier in each DMA transaction associated with the audio session. The cryptographic engine cryptographically protects audio data associated with the audio session. The audio controller may lock the controller topology after establishing the audio session, to prevent re-routing of audio during a trusted audio session. Other embodiments are described and claimed.
    • 用于I / O音频数据的密码保护的技术包括具有密码引擎和音频控制器的计算设备。 可信软件组件可以请求不可信音频驱动程序建立与音频编解码器关联的音频控制器的音频会话。 可信软件组件可以验证与从音频驱动器接收到的音频会话相关联的流标识符与从编解码器接收到的流标识符相匹配。 可信软件可以使用与编解码器相关联的DMA通道标识符对密码引擎进行编程,并且音频控制器可以在与音频会话相关联的每个DMA事务中断言通道标识符。 密码引擎以密码方式保护与音频会话相关联的音频数据。 音频控制器可以在建立音频会话之后锁定控制器拓扑,以防止在可信音频会话期间重新路由音频。 描述并要求保护其他实施例。
    • 5. 发明申请
    • SYSTEM AND METHOD FOR PROVIDING GLOBAL PLATFORM COMPLIANT TRUSTED EXECUTION ENVIRONMENT
    • 提供全球平台综合执行环境的系统和方法
    • WO2016105651A1
    • 2016-06-30
    • PCT/US2015/056654
    • 2015-10-21
    • INTEL CORPORATION
    • VARADARAJAN, SrikanthLAL, ReshmaZMUDZINSKI, Krystof C.
    • H04L9/32
    • H04L9/3234G06F9/4406G06F9/45533G06F9/45558G06F9/4843G06F9/54G06F21/74G06F2009/45587G09C1/00H04L2209/127
    • Method of providing a Global Platform (GP) compliant Trusted Execution Environment (TEE) starts with main processor executing an application stored in memory device. Application includes client application (CA) and trusted application (TA). Executing the application includes running CA in client process and TA in TEE host process. Client process and TEE host process are separate. Using TEE host process, a request including identifier of the TA is received from client process to open session. Using GP Trusted Services enclave included in TEE host process, TA enclave associated with the identifier is determined and loaded in the TEE host process using the GP Trusted Services enclave to establish the session. Using TEE host process, commands to be invoked in TA enclave and set of parameters needed for commands are received from client process. Using GP Internal APIs, commands in TA enclave associated with identifier are executed. Other embodiments are also described.
    • 提供全球平台(GP)兼容的可执行环境(TEE)的方法从执行存储在存储设备中的应用程序的主处理器开始。 应用程序包括客户端应用程序(CA)和可信应用程序(TA)。 执行应用程序包括在客户端进程中运行CA,在TEE主机进程中运行TA。 客户端进程和TEE主机进程是分开的。 使用TEE主机进程,从客户端进程接收到包括TA标识符的请求以打开会话。 使用包含在TEE主机进程中的GP可信服务飞地,使用GP可信服务飞地来确定和加载与TID主机进程相关联的TA标识符以建立会话。 使用TEE主机进程,可以从客户端进程接收在TA包中调用的命令和命令所需的参数集。 使用GP Internal API,执行与标识符相关联的TA包层中的命令。 还描述了其它实施例。
    • 6. 发明申请
    • END-TO-END SECURE COMMUNICATION SYSTEM
    • 端到端安全通信系统
    • WO2014196963A1
    • 2014-12-11
    • PCT/US2013/044112
    • 2013-06-04
    • INTEL CORPORATIONLAL, ReshmaZMUDZINSKI, Krystof, C.PAPPACHAN, Pradeep, M.SHELLER, Micah, J.
    • LAL, ReshmaZMUDZINSKI, Krystof, C.PAPPACHAN, Pradeep, M.SHELLER, Micah, J.
    • H04L9/00
    • H04L63/0428H04L9/14H04L9/3223H04L63/062H04L63/08H04L2209/60
    • The present disclosure is directed to an end-to-end secure communication system wherein, in addition to encrypting transmissions between clients, communication-related operations occurring within each client may also be secured. Each client may comprise a secure processing environment to process encrypted communication information received from other clients and locally-captured media information for transmission to other clients. The secure processing environment may include resources to decrypt received encrypted communication information and to process the communication information into media information for presentation by the client. The secure processing environment may also operate in reverse to provide locally recorded audio, image, video, etc. to other clients. Encryption protocols may be employed at various stages of information processing in the client to help ensure that information being transferred between the processing resources cannot be read, copied, altered, etc. In one example implementation, a server may manage interaction between clients, provision encryption keys, etc.
    • 本公开涉及一种端到端安全通信系统,其中除了加密客户端之间的传输之外,还可以确保在每个客户端内发生的与通信相关的操作。 每个客户端可以包括用于处理从其他客户端接收的加密通信信息和本地捕获的媒体信息以便传输到其他客户端的安全处理环境。 安全处理环境可以包括用于解密所接收的加密通信信息并将通信信息处理成媒体信息以供客户呈现的资源。 安全处理环境也可以相反地操作,以向其他客户端提供本地记录的音频,图像,视频等。 可以在客户端的信息处理的各个阶段采用加密协议,以帮助确保在处理资源之间传递的信息不能被读取,复制,改变等。在一个示例实现中,服务器可以管理客户端之间的交互,提供加密 钥匙等
    • 9. 发明申请
    • TECHNIQUES FOR SECURING USE OF ONE-TIME PASSWORDS
    • 安全使用一次性密码的技术
    • WO2014163912A1
    • 2014-10-09
    • PCT/US2014/018842
    • 2014-02-27
    • INTEL CORPORATIONLAL, ReshmaHOEKSTRA, Matthew E.
    • LAL, ReshmaHOEKSTRA, Matthew E.
    • G06F21/45H04L9/32
    • G06F21/72G06F21/31G06F21/57
    • Various embodiments are generally directed to the provision and use of a secure enclave defined within a storage of a computing device by a processor element thereof to store executable instructions of an OTP component implementing logic to generate and use one-time passwords (OTPs) to enable access to services provided by another computing device. An apparatus includes a storage; a first processor element; and first logic to receive a one-time password (OTP) routine, store the OTP routine within a first secure enclave defined by the first processor element within the storage, obtain a measure of the contents of the first secure enclave with the OTP routine stored therein, transmit the first measure to a computing device, and receive an OTP seed. Other embodiments are described and claimed.
    • 各种实施例通常涉及提供和使用通过其处理器元件在计算设备的存储器内定义的安全空间,以存储实现逻辑的OTP组件的可执行指令,以生成和使用一次性密码(OTP)来实现 访问由另一计算设备提供的服务。 一种装置包括存储装置; 第一处理器元件; 以及接收一次密码(OTP)例程的第一逻辑,将OTP例程存储在由存储器内的第一处理器元件定义的第一安全空间内,获得存储有OTP例程的第一安全飞地的内容的度量 在其中将第一测量发送到计算设备,并且接收OTP种子。 描述和要求保护其他实施例。