会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 2. 发明申请
    • A METHOD, APPARATUS, SYSTEM FOR QUALIFYING CPU TRANSACTIONS WITH SECURITY ATTRIBUTES
    • 一种用于对具有安全属性的CPU交易进行质量评估的方法,装置
    • WO2014158744A1
    • 2014-10-02
    • PCT/US2014/019791
    • 2014-03-03
    • INTEL CORPORATIONSASTRY, Manoj R.SCHOINAS, Ioannis T.CERMAK, Daniel M.
    • SASTRY, Manoj R.SCHOINAS, Ioannis T.CERMAK, Daniel M.
    • G06F9/06G06F13/14G06F21/00
    • G06F21/74G06F21/57G06F21/78
    • Method, apparatus, and system for qualifying CPU transactions with security attributes. Immutable security attributes are generated for transactions initiator by a CPU or processor core that identifying the execution mode of the CPU/core being trusted or untrusted. The transactions may be targeted to an Input/Output (I/O) device or system memory via which a protected asset may be accessed. Policy enforcement logic blocks are implemented at various points in the apparatus or system that allow or deny transactions access to protected assets based on the immutable security attributes generated for the transactions. In one aspect, a multiple-level security scheme is implemented under which a mode register is updated via a first transaction to indicate the CPU/core is operating in a trusted execution mode, and security attributes are generated for a second transaction using execution mode indicia in the mode register to verify the transaction is from a trusted initiator.
    • 用于对具有安全属性的CPU事务进行限定的方法,设备和系统。 由CPU或处理器核心为事务发起者生成不可变的安全属性,用于识别CPU /核心被信任或不可信任的执行模式。 这些事务可以被定向到可被访问受保护资产的输入/输出(I / O)设备或系统存储器。 策略执行逻辑块在设备或系统中的不同点实现,其允许或拒绝事务基于为事务生成的不可变安全属性而访问被保护资产。 在一个方面,实现多级安全方案,在该级别下,通过第一事务来更新模式寄存器以指示CPU /核心以可信执行模式运行,并且使用执行模式标记为第二事务生成安全属性 在模式寄存器中验证事务来自可信发起者。
    • 5. 发明申请
    • SECURITY SYSTEM FOR ELECTRONIC EQUIPMENT
    • 电子设备安全系统
    • WO2018063643A1
    • 2018-04-05
    • PCT/US2017/048927
    • 2017-08-28
    • INTEL CORPORATION
    • CHO, Kyong-TakZHAO, LiSASTRY, Manoj R.
    • B60R16/023G06F21/55
    • One embodiment provides an electronic control unit (ECU) for a vehicle. The ECU includes transceiver circuitry, voltage measurement circuitry and feature set circuitry. The transceiver circuitry is to at least one of send and/or receive a message. The voltage measurement circuitry is to determine at least one of a high bus line voltage (VCANH) value and/or a low bus line voltage (VCANL) value, for each zero bit of at least one zero bit of a received message. The received the message includes a plurality of bits. The feature set circuitry is to determine a value of at least one feature of a feature set based, at least in part, on at least one of a high acknowledge (ACK) threshold voltage (VthH) and/or a low ACK threshold voltage (VthL). The feature set includes at least one of an operating most frequently measured VCANH value (VfreqH2) of a number of VCANH values and/or an operating most frequently measured VCANL value (VfreqL2) of a number of VCANL values.
    • 一个实施例提供了用于车辆的电子控制单元(ECU)。 ECU包括收发器电路,电压测量电路和特征集电路。 收发器电路用于发送和/或接收消息中的至少一个。 电压测量电路用于为接收消息的至少一个零比特的每个零比特确定高总线线电压(VCANH)值和/或低总线线电压(VCANL)值中的至少一个。 接收到的消息包括多个比特。 特征集合电路用于至少部分地基于高确认(ACK)阈值电压(VthH)和/或低ACK阈值电压(VthH)中的至少一个来确定特征集合的至少一个特征的值 VTHL)。 该特征集包括多个VCANH值的操作最频繁测量的VCANH值(VfreqH2)和/或多个VCANL值的操作最频繁测量的VCANL值(VfreqL2)中的至少一个。
    • 7. 发明申请
    • LIGHTWEIGHT TRUSTED EXECUTION FOR INTERNET-OF-THINGS DEVICES
    • 用于互联网设备的轻量信任执行
    • WO2017222714A1
    • 2017-12-28
    • PCT/US2017/033846
    • 2017-05-22
    • INTEL CORPORATION
    • ZHAO, LiSASTRY, Manoj R.RAHA, Arnab
    • G06F21/62G06F9/38
    • Lightweight trusted execution technologies for internet-of-things devices are described. In response to a memory request at a page unit from an application executing in a current domain, the page unit is to map a current virtual address (VA) to a current physical address (PA). The policy enforcement logic (PEL) reads, from a secure domain cache (SDC), a domain value (DID) and a VA value that correspond to the current PA. The PEL grants access when the current domain and the DID correspond to the unprotected region or the current domain and the DID correspond to the secure domain region, the current domain is equal to the DID, and the current VA is equal to the VA value. The PEL grants data access and denies code access when the current domain corresponds to the secure domain region and the DID corresponds to the unprotected region.
    • 描述了用于物联网设备的轻量级可信执行技术。 响应于来自在当前域中执行的应用的页面单元的存储器请求,页面单元将当前虚拟地址(VA)映射到当前物理地址(PA)。 策略执行逻辑(PEL)从安全域高速缓存(SDC)中读取与当前PA对应的域值(DID)和VA值。 当当前域和DID对应于未保护区域或当前域并且DID对应于安全域区域,当前域等于DID并且当前VA等于VA值时,PEL授予访问权限。 当当前域对应于安全域区域并且DID对应于未保护区域时,PEL授予数据访问并拒绝代码访问。
    • 9. 发明申请
    • SYSTEM, APPARATUS AND METHOD FOR MULTI-OWNER TRANSFER OF OWNERSHIP OF A DEVICE
    • 用于设备所有权的多业务转移的系统,装置和方法
    • WO2016200597A1
    • 2016-12-15
    • PCT/US2016/033829
    • 2016-05-23
    • INTEL CORPORATION
    • WALKER, JesseSMITH, Ned M.HERBERT, Howard C.SASTRY, Manoj R.
    • H04L29/06H04L29/08
    • G06Q30/0635H04L9/0891H04L9/3247H04L63/061H04L63/0823H04L63/0876H04W4/70H04W12/04
    • In one embodiment, a method includes: receiving, in a device, a first message to request transfer of ownership of the device from a current owner to a new owner, the device having a storage to store a first title including a device identifier for the device and an owner identifier for the current owner, the storage to further store a first root authorization key associated with the current owner; sending a second message from the device to the new owner, the second message including a hash value of the first title; and receiving a third message, in the device, the third message including a second title for the device, the second title generated by the new owner and including a new owner identifier, the second title comprising a concatenation of the first title, to enable ownership of the device to be transferred to the new owner.
    • 在一个实施例中,一种方法包括:在设备中接收第一消息以请求将设备的所有权从当前拥有者转移到新所有者,所述设备具有存储第一标题的存储器,所述第一标题包括用于 设备和当前所有者的所有者标识符,所述存储器进一步存储与当前所有者相关联的第一根授权密钥; 从所述设备向所述新所有者发送第二消息,所述第二消息包括所述第一标题的哈希值; 以及在所述设备中接收第三消息,所述第三消息包括所述设备的第二标题,由所述新所有者生成并包括新所有者标识符的所述第二标题,所述第二标题包括所述第一标题的级联以使所有权 的设备被转移到新的所有者。