专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2020000335A1 SYSTEMS AND METHODS OF RESTRICTING ACCESS TO KERNEL MEMORY 审中-公开
公开(公告)号：WO2020000335A1
公开(公告)日：2020-01-02
申请号：PCT/CN2018/093526
申请日：2018-06-29
申请人： INTEL CORPORATION , SUKHOMLINOV, Vadim , DOSHI, Kshitij A. , NAYSHTUT, Alex , XI, Honghai
发明人： SUKHOMLINOV, Vadim , DOSHI, Kshitij A. , NAYSHTUT, Alex , XI, Honghai
IPC分类号： G06F12/14
摘要： Systems and methods that include kernel address detection circuitry to identify a current privilege level (CPL) of a speculatively executed instruction as either a kernel-level instruction or a user-level instruction are provided. For instructions identified as kernel-level, the kernel address detection circuitry permits access to all or a portion of both kernel memory space and user memory space within the system memory. For instructions identified as user-level, the kernel address detection circuitry permits access to all or a portion of the user memory space within the system memory. If a user-level instruction attempts to access a physical memory address within the defined kernel memory space, the kernel address detection circuitry generates an exception and does not provide the user-level instruction access to the physical address in the kernel memory space. Thus, the systems and methods prevent memory accesses used in side channel attacks such as Meltdown.

2. 发明申请

WO2013133840A1 MULTI-FACTOR CERTIFICATE AUTHORITY 审中-公开
标题翻译：多因素认证机构
公开(公告)号：WO2013133840A1
公开(公告)日：2013-09-12
申请号：PCT/US2012/028321
申请日：2012-03-08
申请人： INTEL CORPORATION , BEN-SHALOM, Omer , NAYSHTUT, Alex
发明人： BEN-SHALOM, Omer , NAYSHTUT, Alex
IPC分类号： H04L9/32 , H04L9/30
CPC分类号： H04L63/0823 , H04L9/3268 , H04L63/0876 , H04L63/205
摘要： Disclosed herein is a certificate authority server configured to provide multi-factor digital certificates. A processor readable medium may include a plurality of instructions configured to enable a certificate authority server of a certificate authority, in response to execution of the instructions by a processor, to receive a request to provide a multi-factor digital security certificate by digitally signing a certificate request having a plurality of factors and a cryptographic key, wherein a first of the plurality of factors is an identifier of a device and a second of the plurality of factors is an identifier of a user of the device. The instructions are also configured to enable the certificate authority server to associate the cryptographic key with the plurality of factors and issue the digital security certificate based on the certificate request. Also disclosed is a method of using a multi-factor digital certificate as part of the authorization process to implicitly bind the plurality of factors. Other embodiments may be described and claimed.
摘要翻译：这里公开了配置为提供多因素数字证书的证书颁发机构服务器。处理器可读介质可以包括多个指令，其被配置为使得证书颁发机构的证书颁发机构服务器响应于处理器的指令的执行而接收通过数字签名来提供多因素数字安全证书的请求具有多个因素的证书请求和密码密钥，其中所述多个因素中的第一个因素是设备的标识符，并且所述多个因素中的第二个因素是设备的用户的标识符。指令还被配置为使得证书颁发机构服务器能够将加密密钥与多个因素相关联，并且基于证书请求发布数字安全证书。还公开了一种使用多因素数字证书作为授权过程的一部分来隐式地绑定多个因素的方法。可以描述和要求保护其他实施例。

3. 发明申请

WO2015084305A1 METHODS, SYSTEMS, AND APPARATUS TO PROTECT CONTENT BASED ON PERSONA 审中-公开
标题翻译：方法，系统和设备保护基于人的内容
公开(公告)号：WO2015084305A1
公开(公告)日：2015-06-11
申请号：PCT/US2013/072625
申请日：2013-12-02
申请人： INTEL CORPORATION , BEN-SHALOM, Omer , GOLDBERG, Avishai , NAYSHTUT, Alex
发明人： BEN-SHALOM, Omer , GOLDBERG, Avishai , NAYSHTUT, Alex
IPC分类号： G06F21/10
CPC分类号： G06F21/6245 , G06F21/6218 , G06F21/6227 , G06F2221/2105 , G06F2221/2149
摘要： Example methods, systems, apparatus and articles of manufacture to protect content based on persona are disclosed. An example system includes a content encryption manager to encrypt a first content with an unencrypted first content key in response to identifying a first persona mode of a computing device, a persona encryption manager to encrypt the unencrypted first content key with a first public key to generate an encrypted first content key, and a metadata integrator to embed the encrypted first content key into the encrypted first content.
摘要翻译：公开了用于保护基于人物的内容的示例性方法，系统，装置和制品。一个示例系统包括内容加密管理器，用于响应于识别计算设备的第一人称模式来加密具有未加密的第一内容密钥的第一内容，角色层加密管理器，用第一公钥加密未加密的第一内容密钥以产生加密的第一内容密钥和元数据集成器，以将加密的第一内容密钥嵌入加密的第一内容。

4. 发明申请

WO2015053766A1 TECHNOLOGY FOR MANAGING CLOUD STORAGE 审中-公开
标题翻译：管理云存储技术
公开(公告)号：WO2015053766A1
公开(公告)日：2015-04-16
申请号：PCT/US2013/064047
申请日：2013-10-09
申请人： INTEL CORPORATION , BHARDWAJ, Rahul M. , HASSAN, Vishwa , MANT, Thomas A. , BLACK, Christian D. , SEDAYAO, Jeffrey C. , YOSHII, Terry H. , NAYSHTUT, Alex , BRETON, Michael S. , DEVETTER, Douglas P.
发明人： BHARDWAJ, Rahul M. , HASSAN, Vishwa , MANT, Thomas A. , BLACK, Christian D. , SEDAYAO, Jeffrey C. , YOSHII, Terry H. , NAYSHTUT, Alex , BRETON, Michael S. , DEVETTER, Douglas P.
IPC分类号： G06F17/30 , G06F15/16
CPC分类号： G06F17/30082 , G06F9/5022 , G06F17/30864
摘要： Described herein is technology for managing cloud storage. In particular, systems, devices and methods for managing cloud storage are described. In some embodiments, management of cloud storage may result in the designation of storage allocated to a first storage pool as obsolete, and the reallocation and/or reclamation of such storage to a second storage pool and/or a general cloud storage pool. Management may occur in accordance with one or more policies.
摘要翻译：这里描述的是用于管理云存储的技术。具体来说，描述了用于管理云存储的系统，设备和方法。在一些实施例中，云存储的管理可以导致分配给第一存储池的存储被指定为过时的，并且将这种存储器重新分配和/或回收到第二存储池和/或通用云存储池。管理可能会根据一个或多个策略进行。

5. 发明申请

WO2016019565A1 QR IMAGE BASED DEVICE MANAGEMENT 审中-公开
标题翻译：基于QR图像的设备管理
公开(公告)号：WO2016019565A1
公开(公告)日：2016-02-11
申请号：PCT/CN2014/083964
申请日：2014-08-08
申请人： INTEL CORPORATION , POGORELIK, Oleg , NAYSHTUT, Alex , LI, Hong , LIPMAN, Justin
发明人： POGORELIK, Oleg , NAYSHTUT, Alex , LI, Hong , LIPMAN, Justin
IPC分类号： G06K7/10
CPC分类号： G06K7/1417 , G06K7/10722 , G06K7/1443 , H04L9/32
摘要： In embodiments, apparatuses, methods, and storage media may be described for identifying a quick response (QR) image. A QR control code (QRCC) may be identified in the QR image based on a QR tag in the image. Based on the QRCC, a control command of an apparatus may be identified. Other embodiments may be described and/or claimed.
摘要翻译：在实施例中，可以描述用于识别快速响应（QR）图像的装置，方法和存储介质。可以基于图像中的QR标签在QR图像中识别QR控制码（QRCC）。基于QRCC，可以识别装置的控制命令。可以描述和/或要求保护其他实施例。

6. 发明申请

WO2014158604A1 COMMUNITY-BASED DE-DUPLICATION FOR ENCRYPTED DATA 审中-公开
标题翻译：用于加密数据的基于社区的去重复
公开(公告)号：WO2014158604A1
公开(公告)日：2014-10-02
申请号：PCT/US2014/018669
申请日：2014-02-26
申请人： INTEL CORPORATION , NAYSHTUT, Alex , BEN-SHALOM, Omer , YOSHII, Terry H.
发明人： NAYSHTUT, Alex , BEN-SHALOM, Omer , YOSHII, Terry H.
IPC分类号： G06F21/60 , G06F15/16
CPC分类号： G06F21/60 , G06F11/1453 , G06F21/6227 , H04L9/083 , H04L9/0894 , H04L9/14 , H04L9/3242 , H04L63/0435 , H04L63/061 , H04L63/062 , H04L63/0876 , H04L2209/60
摘要： Technologies for de-duplicating encrypted content include fragmenting a file into blocks on a computing device, encrypting each block, and storing each encrypted block on a content data server with associated keyed hashes and member identifications. The computing device additionally transmits each encrypted block with an associated member encryption key and member identification to a key server. As part of the de-duplication process, the content data server stores only one copy of the encrypted data for a particular associated keyed hash, and the key server similarly associates a single member encryption key with the keyed hash. To retrieve the file, the computing device receives the encrypted blocks with their associated keyed hashes and member identifications from the content data server and receives the corresponding member decryption key from the key server. The computing device decrypts each block using the member decryption keys and combines to blocks to generate the file.
摘要翻译：用于解密加密内容的技术包括将文件分解成计算设备上的块，加密每个块，以及将每个加密的块存储在具有相关联的密钥哈希和成员标识的内容数据服务器上。计算设备另外向密钥服务器发送具有相关联的成员加密密钥和成员标识的每个加密块。作为重复数据删除过程的一部分，内容数据服务器仅存储用于特定关联密钥哈希的加密数据的一个副本，并且密钥服务器类似地将单个成员加密密钥与密钥哈希相关联。为了检索文件，计算设备从内容数据服务器接收具有相关联的密钥哈希和成员标识的加密块，并从密钥服务器接收相应的成员解密密钥。计算设备使用成员解密密钥对每个块进行解密，并组合到块以生成该文件。

7. 发明申请

WO2015094189A1 DETECTION OF UNAUTHORIZED MEMORY MODIFICATION AND ACCESS USING TRANSACTIONAL MEMORY 审中-公开
标题翻译：检测未经授权的存储器修改和使用事务存储器访问
公开(公告)号：WO2015094189A1
公开(公告)日：2015-06-25
申请号：PCT/US2013/075805
申请日：2013-12-17
申请人： INTEL CORPORATION , MUTTIK, Igor , DEMENTIEV, Roman , NAYSHTUT, Alex
发明人： MUTTIK, Igor , DEMENTIEV, Roman , NAYSHTUT, Alex
IPC分类号： G06F12/14 , G06F21/00
CPC分类号： G06F12/14 , G06F12/1441 , G06F21/53 , G06F21/54 , G06F21/566 , G06F21/60
摘要： Technologies for detecting unauthorized memory accesses include a computing device having transactional memory support. The computing device executes a code segment identified as suspicious and detects a transactional abort during execution of the code segment. The computing device may execute a security support thread concurrently with the code segment that reads one or more monitored memory locations. A transactional abort may be caused by a read of the security support thread conflicting with a write from the code segment. The computing device may set a breakpoint within the code segment, and a transactional abort may be caused by execution of the code segment reaching the breakpoint. An abort handler determines whether a security event has occurred and reports the security event. The abort handler may determine whether the security event has occurred based on the cause of the transactional abort. Other embodiments are described and claimed.
摘要翻译：用于检测未经授权的存储器访问的技术包括具有事务存储器支持的计算设备。计算设备执行标识为可疑的代码段，并且在执行代码段期间检测事务中止。计算设备可以与读取一个或多个监视的存储器位置的代码段同时执行安全支持线程。事务中止可能是由安全支持线程读取与代码段的写入冲突引起的。计算设备可以在代码段内设置断点，并且可能由执行到达断点的代码段引起事务中止。中止处理程序确定是否发生安全事件并报告安全事件。中止处理程序可以基于事务中止的原因来确定安全事件是否已经发生。描述和要求保护其他实施例。

8. 发明申请

WO2015088533A2 NEAR FIELD COMMUNICATION AUTHENTICATION MECHANISM 审中-公开
标题翻译：近场通信认证机制
公开(公告)号：WO2015088533A2
公开(公告)日：2015-06-18
申请号：PCT/US2013/074623
申请日：2013-12-12
申请人： INTEL CORPORATION , SMITH, Ned M. , MOORE, Victoria C. , KANON, Avi , RESHEF, Ehud , NAYSHTUT, Alex , POGORELIK, Oleg , BHARGAV-SPANTZEL, Abhilasha , OWEN, Craig T. , KHOSRAVI, Hormuzd M.
发明人： SMITH, Ned M. , MOORE, Victoria C. , KANON, Avi , RESHEF, Ehud , NAYSHTUT, Alex , POGORELIK, Oleg , BHARGAV-SPANTZEL, Abhilasha , OWEN, Craig T. , KHOSRAVI, Hormuzd M.
CPC分类号： G06F21/34 , G06F21/32 , G06F21/606 , G06F2221/2103 , G06F2221/2111 , G06F2221/2143 , G06Q20/3278 , H04L9/006 , H04L9/0822 , H04L9/0825 , H04L9/0866 , H04L9/3234 , H04L9/3271 , H04L63/0492 , H04L63/0853 , H04L63/102 , H04L2209/805 , H04L2463/082 , H04W4/80 , H04W12/06
摘要： A computing device is described. The computing device includes input/output (I/O) circuitry to receive sensory data and a trusted execution environment to monitor the I/O circuitry to detect one or more context characteristics of the computing device and to authenticate user identity based on context characteristics.
摘要翻译：描述了计算设备。计算设备包括用于接收感觉数据的输入/输出（I / O）电路和可信赖的执行环境，以监视I / O电路以检测计算设备的一个或多个上下文特征，并且基于上下文特征来认证用户身份。

9. 发明申请

WO2015133990A1 METHODS AND APPARATUS FOR MIGRATING KEYS 审中-公开
标题翻译：用于移动的方法和装置
公开(公告)号：WO2015133990A1
公开(公告)日：2015-09-11
申请号：PCT/US2014/019966
申请日：2014-03-03
申请人： INTEL CORPORATION , SMITH, Ned M. , NAYSHTUT, Alex
发明人： SMITH, Ned M. , NAYSHTUT, Alex
IPC分类号： H04L9/32 , H04L9/06
CPC分类号： H04L9/0822 , G06F21/53 , G06F2221/034 , H04L9/0863 , H04L9/0877 , H04L9/3231 , H04L63/0428 , H04L63/06 , H04L63/0861 , H04L63/20 , H04W12/04 , H04W12/06
摘要： A destination data processing system (DPS) receives a key migration block from a source DPS. The key migration block includes an encrypted version of a primary key. The destination DPS receives user input that identifies (a) an authentication policy and (b) a context policy. The destination DPS collects authentication data from the user, based on the identified authentication policy. The destination DPS collects context data, based on the identified context policy. The destination DPS uses the authentication data and the context data to decrypt the key migration block. The authentication data may comprise multiple types of authentication data, possibly including biometric data. The user may also input an index, and the destination DPS may use the index to retrieve a number from a random number server. The destination DPS may use that number to decrypt the key migration block. Other embodiments are described and claimed.
摘要翻译：目的地数据处理系统（DPS）从源DPS接收密钥迁移块。密钥迁移块包括主密钥的加密版本。目标DPS接收标识（a）认证策略和（b）上下文策略的用户输入。目的地DPS基于所识别的认证策略从用户收集认证数据。目的地DPS基于所识别的上下文策略来收集上下文数据。目的地DPS使用认证数据和上下文数据来解密密钥迁移块。认证数据可以包括多种类型的认证数据，可能包括生物测定数据。用户还可以输入索引，并且目的地DPS可以使用索引从随机数服务器检索号码。目的地DPS可以使用该号码来解密密钥迁移块。描述和要求保护其他实施例。

10. 发明申请

WO2015094223A1 TECHNIQUES FOR INTEGRATED ENDPOINT AND NETWORK DETECTION AND ERADICATION OF ATTACKS 审中-公开
标题翻译：综合端点和网络检测和攻击的消除技术
公开(公告)号：WO2015094223A1
公开(公告)日：2015-06-25
申请号：PCT/US2013/076107
申请日：2013-12-18
申请人： INTEL CORPORATION , BEN-SHALOM, Omer , MUTTIK, Igor , NAYSHTUT, Alex , AVIDAN, Yaniv
发明人： BEN-SHALOM, Omer , MUTTIK, Igor , NAYSHTUT, Alex , AVIDAN, Yaniv
IPC分类号： G06F21/56
CPC分类号： H04L63/145 , G06F21/55 , G06F21/56 , G06F21/567 , H04L63/107 , H04L63/1416 , H04L63/1441
摘要： Various embodiments are generally directed to techniques to detect and eradicate malware attacks by employing information indicative of malware activity received from both endpoint devices and network devices proving network services to endpoint devices. An apparatus to detect malware includes a processor component, an analysis component for execution by the processor component to employ a trust level assigned to a device in a network as a factor in an analysis of an indication received from the device of a malware attack, and an eradication component for execution by the processor component to determine an action to take through the network to eradicate the malware attack based on the analysis. Other embodiments are described and claimed.
摘要翻译：各种实施例通常涉及通过采用指示从端点设备和网络设备接收的恶意软件活动的信息来检测和消除恶意软件攻击的技术，以证明网络服务到端点设备。用于检测恶意软件的装置包括处理器组件，用于由处理器组件执行的分析组件，以采用分配给网络中的设备的信任级别作为对从恶意软件攻击的设备接收的指示的分析的因素;以及用于由处理器组件执行以根据分析来确定通过网络以消除恶意软件攻击的动作的根除组件。描述和要求保护其他实施例。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式