专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2004064309A2 AN APPARATUS AND METHOD FOR CONFIGURING DATA PLANE BEHAVIOR ON NETWORK FORWARDING ELEMENTS 审中-公开
标题翻译：网络前向元素配置数据平面行为的装置和方法
公开(公告)号：WO2004064309A2
公开(公告)日：2004-07-29
申请号：PCT/US2004/000094
申请日：2004-01-02
申请人： INTEL CORPORATION
发明人： HEDGE, Shriharsha , FENGER, Russell , KULKARNI, Amol , LIU, Hsin-Yuo , KHOSRAVI, Hormuzd , DEVAL, Manasi
IPC分类号： H04L
CPC分类号： H04L69/16 , H04L45/50 , H04L69/161
摘要： A method and apparatus for configuring data plane behavior on network forwarding elements are described. In one embodiment, the method includes receiving, within a network element control plane, protocol configuration information extracted from a protocol application utilizing a network protocol application programming interface (API). Once the protocol configuration information is received, the protocol configuration information is processed using a control interface corresponding to the network protocol implemented by the protocol application. Once the protocol configuration information is processed, the control interface programs one or more data plane forwarding elements of the network element according to protocol configuration information. Accordingly, by providing similar control interfaces for multiple, network protocols, inter-operability between components from multiple vendors is enabled.
摘要翻译：描述了一种用于在网络转发元件上配置数据平面行为的方法和装置。在一个实施例中，该方法包括在网络元件控制平面内接收使用网络协议应用编程接口（API）从协议应用中提取的协议配置信息。一旦接收到协议配置信息，使用与由协议应用实现的网络协议相对应的控制接口处理协议配置信息。一旦处理了协议配置信息，控制接口根据协议配置信息对网元的一个或多个数据平面转发元素进行编程。因此，通过为多个网络协议提供类似的控制接口，可以实现来自多个供应商的组件之间的互操作性。

2. 发明申请

WO2006099200A1 SECURITY PROTOCOLS ON INCOMPATIBLE TRANSPORTS 审中-公开
标题翻译： “不合理运输安全议定书”
公开(公告)号：WO2006099200A1
公开(公告)日：2006-09-21
申请号：PCT/US2006/008710
申请日：2006-03-08
申请人： INTEL CORPORATION , KHOSRAVI, Hormuzd
发明人： KHOSRAVI, Hormuzd
IPC分类号： H04L29/06
CPC分类号： H04L63/16 , H04L69/16 , H04L69/161 , H04L69/164 , H04L69/169 , H04L69/32
摘要： "Honest" is a nice word. Sadly, some people in this world are not honest. In an increasingly wired world, dishonest people have found myriad opportunities to illicitly acquire one's confidential data, to monitor or interfere with one's networking activities, e.g., to monitor what you are doing, downloading, accessing, etc., to eavesdrop on or hijack telephony control and voice data or other protocols on your network, etc. To address such risks, typically a secured communication protocol, e.g., TLS or SSL, is utilized to protect communication. Unfortunately, TLS, SSL, and many other security environments require the underlying communication protocol to be TCP/IP, while some protocols needing communication protection, such as VoIP, RTP, SNMP, etc. only operate on UDP and not TCP/IP. Thus, a network shim or other embodiments disclosed herein may be used to allow such UDP based application programs and protocols to use security environments requiring a TCP/IP type transport.
摘要翻译： “诚实”是一个很好的词。可悲的是，这个世界上有些人不诚实。在越来越有线的世界中，不诚实的人发现了无数机会非法获取机密数据，监控或干扰网络活动，例如监控您正在做什么，下载，访问等，以窃取或劫持电话控制和语音数据或网络上的其他协议等。为了解决这些风险，通常使用安全的通信协议（例如TLS或SSL）来保护通信。不幸的是，TLS，SSL和许多其他安全环境要求底层通信协议为TCP / IP，而需要通信保护的一些协议（如VoIP，RTP，SNMP等）只能在UDP而不是TCP / IP上运行。因此，本文公开的网络垫片或其他实施例可以用于允许这样的基于UDP的应用程序和协议使用需要TCP / IP类型传输的安全环境。

3. 发明申请

WO2013089728A1 METHOD, DEVICE, AND SYSTEM FOR SECURELY SHARING MEDIA CONTENT FROM A SOURCE DEVICE 审中-公开
标题翻译：用于从源设备安全地共享媒体内容的方法，设备和系统
公开(公告)号：WO2013089728A1
公开(公告)日：2013-06-20
申请号：PCT/US2011/065094
申请日：2011-12-15
申请人： INTEL CORPORATION , KHOSRAVI, Hormuzd , AGRAWAL, Sachin , VENKATARAMANAN, Anirudh
发明人： KHOSRAVI, Hormuzd , AGRAWAL, Sachin , VENKATARAMANAN, Anirudh
IPC分类号： G06F21/24
CPC分类号： H04L63/0428 , G06F21/10 , G06F21/72 , H04L9/0822 , H04L9/0841 , H04L9/0869 , H04L63/0435 , H04L63/061 , H04L2209/60 , H04L2463/101
摘要： A method, device, and system for sharing media content with a sink device includes performing a cryptographic key exchange with the sink device and generating an authorization key in a security engine of a system-on-a-chip (SOC) of a source device. The method may also include generating an exchange key as a function of the authorization key and a packet key as a function of the exchange key. Such key generation occurs in the security engine of the SOC, and the keys are stored in a secure memory of the security engine.
摘要翻译：用于与宿设备共享媒体内容的方法，设备和系统包括执行与宿设备的加密密钥交换，并在源设备的系统级（SOC）的安全引擎中生成授权密钥。该方法还可以包括根据授权密钥生成交换密钥和作为交换密钥的函数的分组密钥。这种密钥生成发生在SOC的安全引擎中，并且密钥存储在安全引擎的安全存储器中。

4. 发明申请

WO2017052982A1 SECURE SENSOR DATA TRANSPORT AND PROCESSING 审中-公开
标题翻译：安全传感器数据传输和处理
公开(公告)号：WO2017052982A1
公开(公告)日：2017-03-30
申请号：PCT/US2016/048760
申请日：2016-08-25
申请人： INTEL CORPORATION
发明人： KHOSRAVI, Hormuzd , COURY, Bassam , ZIMMER, Vincent
IPC分类号： H04L9/08 , H04L29/06 , G06F21/32
CPC分类号： H04L63/0876 , G06F21/32 , G06F21/57 , G06F21/606 , H04L63/0861 , H04L63/102
摘要： The present disclosure is directed to secure sensor data transport and processing. End-to-end security may prevent attackers from altering data during the sensor-based security procedure. For example, following sensor data capture execution in a device may be temporarily suspended. During the suspension of execution, sensor interface circuitry in the device may copy the sensor data from a memory location associated with the sensor to a trusted execution environment (TEE) within the device. The TEE may provide a secure location in which the sensor data may be processed and a determination may be made as to whether to grant access to the secure resources. The TEE may comprise, for example, match circuitry to compare the sensor data to previously captured sensor data for users that are allowed to access the secured resources and output circuitry to grant access to the secured resources or to perform activities associated with a security exception.
摘要翻译：本发明涉及安全的传感器数据传输和处理。在基于传感器的安全过程中，端到端安全性可能会阻止攻击者更改数据。例如，以下传感器数据捕获在设备中的执行可能会被暂停。在执行暂停期间，设备中的传感器接口电路可将来自与传感器相关联的存储器位置的传感器数据复制到设备内的可信执行环境（TEE）。 TEE可以提供可以处理传感器数据的安全位置，并且可以确定是否允许对安全资源的访问。 TEE可以包括例如匹配电路，以将传感器数据与先前捕获的传感器数据进行比较，用户被允许访问安全资源和输出电路以授予对安全资源的访问或执行与安全异常相关联的活动。

5. 发明申请

WO2008005697A1 DETECTION OF NETWORK ENVIRONMENT 审中-公开
标题翻译：检测网络环境
公开(公告)号：WO2008005697A1
公开(公告)日：2008-01-10
申请号：PCT/US2007/071835
申请日：2007-06-20
申请人： INTEL CORPORATION , KHOSRAVI, Hormuzd , GREWAL, Karanvir, S. , KROISER, Ahuva , ELDAR, Avigdor
发明人： KHOSRAVI, Hormuzd , GREWAL, Karanvir, S. , KROISER, Ahuva , ELDAR, Avigdor
IPC分类号： H04L12/56 , H04L12/46
CPC分类号： H04L63/102 , H04L61/2015 , H04L63/0227 , H04L63/101 , H04L63/12
摘要： A method and apparatus for detection of network environment to aid policy selection for network access control. An embodiment of a method includes receiving a request to connect a device to a network and, if a security policy is received for the connection of the device, applying the policy for the device. If a security policy for the connection of the device is not received, the domain of the device is determined by determining whether the device is in an enterprise domain and determining whether the device is in a network access control domain, which allows selection of an appropriate domain / environment specific policy.
摘要翻译：一种用于检测网络环境以帮助网络访问控制的策略选择的方法和装置。一种方法的实施例包括接收将设备连接到网络的请求，并且如果接收到用于设备的连接的安全策略，则应用所述设备的策略。如果没有接收到用于连接设备的安全策略，则通过确定设备是否在企业域中并确定设备是否在网络访问控制域中来确定设备的域，这允许选择适当的域/环境特定策略。

6. 发明申请

WO2007117939A1 HIERARCHICAL TRUST BASED POSTURE REPORTING AND POLICY ENFORCEMENT 审中-公开
标题翻译：基于信息的信托基础报告和政策执行
公开(公告)号：WO2007117939A1
公开(公告)日：2007-10-18
申请号：PCT/US2007/064699
申请日：2007-03-22
申请人： INTEL CORPORATION , KHOSRAVI, Hormuzd , DURHAM, David , GREWAL, Karanvir
发明人： KHOSRAVI, Hormuzd , DURHAM, David , GREWAL, Karanvir
IPC分类号： H04L12/22
CPC分类号： H04L63/0227
摘要： A method that includes initiating a network access request from an access requester on a platform that couples to a network, the network access request made to a policy decision point for the network. The method also includes establishing a secure communication channel over a communication link between the policy decision point and a policy enforcement point on the platform. Another secure communication channel is established over another communication link. The other communication link is between at least the policy enforcement point and a manageability engine resident on the platform. The manageability engine forwards posture information associated with the access requester via the other secure communication channel. The posture information is then forwarded to the policy decision point via the secure communication channel between the policy enforcement point and the policy decision point. The policy decision point indicates what access the access requester can obtain to the network based on a comparison of the posture information to one or more network administrative policies.
摘要翻译：一种方法，其包括从耦合到网络的平台上的访问请求者发起网络访问请求，所述网络访问请求对所述网络的策略决策点进行。该方法还包括在策略决策点和平台上的策略执行点之间的通信链路上建立安全通信信道。通过另一个通信链路建立另一个安全通信信道。另一个通信链路至少在平台上驻留的策略执行点和可管理引擎之间。可管理性引擎经由另一个安全通信信道转发与访问请求者相关联的姿势信息。然后，姿态信息经由策略执行点和策略决策点之间的安全通信信道被转发到策略决策点。策略决策点基于姿势信息与一个或多个网络管理策略的比较来指示访问请求者可以获得哪些访问到网络。

7. 发明申请

WO2005050932A1 DISTRIBUTED CONTROL PLANE ARCHITECTURE FOR NETWORK ELEMENTS 审中-公开
标题翻译：网络元素的分布式控制平面架构
公开(公告)号：WO2005050932A1
公开(公告)日：2005-06-02
申请号：PCT/US2004/036833
申请日：2004-11-05
申请人： INTEL CORPORATION , BAKSHI, Sanjay , AHMED, Suhail , DEVAL, Manasi , KHOSRAVI, Hormuzd , MURALIDHAR, Rajeev
发明人： BAKSHI, Sanjay , AHMED, Suhail , DEVAL, Manasi , KHOSRAVI, Hormuzd , MURALIDHAR, Rajeev
IPC分类号： H04L12/56
CPC分类号： H04L45/563 , H04L45/00 , H04L45/52 , H04L45/60
摘要： A method of distributing processing in a network device includes defining controller and worker control plane protocol modules. The method also includes developing corresponding entries in a communications library and implementing an infrastructure module, the communication library and the controller module on a control plane. The infrastructure module, the communication library and the worker modules are implemented on a forwarding plane.
摘要翻译：一种在网络设备中分配处理的方法包括定义控制器和工作人员控制平面协议模块。该方法还包括在通信库中开发相应的条目，并在控制平面上实现基础设施模块，通信库和控制器模块。基础架构模块，通信库和工作模块在转发平面上实现。

8. 发明公开

EP4020882A1 ISA SUPPORT FOR PROGRAMMING HARDWARE OVER UNTRUSTED LINKS 审中-公开
公开(公告)号：EP4020882A1
公开(公告)日：2022-06-29
申请号：EP21198888.6
申请日：2021-09-24
申请人： INTEL Corporation
发明人： CHHABRA, Siddhartha , PEDDIREDDY, Manjula , KHOSRAVI, Hormuzd
IPC分类号： H04L9/40 , G06F21/79 , G06F21/78 , G06F21/64
摘要： In embodiments detailed herein describe an encryption architecture with fast zero support (e.g., FZ-MKTME) to allow memory encryption and integrity architecture to work efficiently with 3DXP or other far memory memories. In particular, an encryption engine for the purpose of fast zeroing in the far memory controller is detailed along with mechanisms for consistent key programming of this engine. For example, an instruction is detailed which allows software to send keys protected even when the controller is located outside of a system on a chip (SoC), etc.

9. 发明公开

EP1856887A1 SECURITY PROTOCOLS ON INCOMPATIBLE TRANSPORTS 审中-公开
标题翻译：安全方案的非兼容的传输
公开(公告)号：EP1856887A1
公开(公告)日：2007-11-21
申请号：EP06737846.3
申请日：2006-03-08
申请人： Intel Corporation
发明人： KHOSRAVI, Hormuzd
IPC分类号： H04L29/06
CPC分类号： H04L63/16 , H04L69/16 , H04L69/161 , H04L69/164 , H04L69/169 , H04L69/32
摘要： 'Honest' is a nice word. Sadly, some people in this world are not honest. In an increasingly wired world, dishonest people have found myriad opportunities to illicitly acquire one's confidential data, to monitor or interfere with one's networking activities, e.g., to monitor what you are doing, downloading, accessing, etc., to eavesdrop on or hijack telephony control and voice data or other protocols on your network, etc. To address such risks, typically a secured communication protocol, e.g., TLS or SSL, is utilized to protect communication. Unfortunately, TLS, SSL, and many other security environments require the underlying communication protocol to be TCP/IP, while some protocols needing communication protection, such as VoIP, RTP, SNMP, etc. only operate on UDP and not TCP/IP. Thus, a network shim or other embodiments disclosed herein may be used to allow such UDP based application programs and protocols to use security environments requiring a TCP/IP type transport.

10. 发明公开

EP1690383A1 DISTRIBUTED CONTROL PLANE ARCHITECTURE FOR NETWORK ELEMENTS 有权
标题翻译：分布式控制平面架构网络元素
公开(公告)号：EP1690383A1
公开(公告)日：2006-08-16
申请号：EP04810352.7
申请日：2004-11-05
申请人： INTEL CORPORATION
发明人： BAKSHI, Sanjay , AHMED, Suhail , DEVAL, Manasi , KHOSRAVI, Hormuzd , MURALIDHAR, Rajeev
IPC分类号： H04L12/56 , H04L12/24
CPC分类号： H04L45/563 , H04L45/00 , H04L45/52 , H04L45/60
摘要： A method of distributing processing in a network device includes defining controller and worker control plane protocol modules. The method also includes developing corresponding entries in a communications library and implementing an infrastructure module, the communication library and the controller module on a control plane. The infrastructure module, the communication library and the worker modules are implemented on a forwarding plane.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式