专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明公开

EP2786300A1 SECURING INPUTS FROM MALWARE 审中-公开
标题翻译：保护投入对人体有害
公开(公告)号：EP2786300A1
公开(公告)日：2014-10-08
申请号：EP11876509.8
申请日：2011-11-30
申请人： Intel Corporation
发明人： GROBMAN, Steven L. , SCHOINAS, Ioannis T.
IPC分类号： G06F21/60 , G06F21/00
CPC分类号： G06F21/602 , G06F21/83
摘要： A series of touch panel key entries may be secured by shuffling touch entry coordinates. In one embodiment, the entries may be secured by applying a shuffling algorithm that replaces the true coordinates with other incorrect coordinates. Then the correct data may be reassembled in a secure environment.

3. 发明公开

EP2972785A1 A METHOD, APPARATUS, SYSTEM FOR QUALIFYING CPU TRANSACTIONS WITH SECURITY ATTRIBUTES 有权转让
标题翻译：用安全属性对CPU交易进行鉴定的方法，装置和系统
公开(公告)号：EP2972785A1
公开(公告)日：2016-01-20
申请号：EP14774872.7
申请日：2014-03-03
申请人： Intel Corporation
发明人： SASTRY, Manoj R. , SCHOINAS, Ioannis T. , CERMAK, Daniel M.
IPC分类号： G06F9/06 , G06F13/14 , G06F21/00
摘要： Method, apparatus, and system for qualifying CPU transactions with security attributes. Immutable security attributes are generated for transactions initiator by a CPU or processor core that identifying the execution mode of the CPU/core being trusted or untrusted. The transactions may be targeted to an Input/Output (I/O) device or system memory via which a protected asset may be accessed. Policy enforcement logic blocks are implemented at various points in the apparatus or system that allow or deny transactions access to protected assets based on the immutable security attributes generated for the transactions. In one aspect, a multiple-level security scheme is implemented under which a mode register is updated via a first transaction to indicate the CPU/core is operating in a trusted execution mode, and security attributes are generated for a second transaction using execution mode indicia in the mode register to verify the transaction is from a trusted initiator.
摘要翻译：用安全属性来限定CPU事务的方法，装置和系统。由CPU或处理器内核为事务启动器生成不可变安全属性，用于识别CPU /内核的可信或不可信的执行模式。这些交易可以针对输入/输出（I / O）设备或系统存储器，通过它可以访问受保护的资产。策略执行逻辑块在设备或系统中的各个点上实现，允许或拒绝交易根据为事务生成的不可变安全属性访问受保护资产。在一个方面，实现了多级安全方案，在该多级安全方案下，经由第一事务更新模式寄存器以指示CPU /内核正在可信执行模式下操作，并且使用执行模式标记为第二事务生成安全属性在模式寄存器中验证事务是否来自受信任的启动器。

4. 发明公开

EP2946301A1 ARBITRATING MEMORY ACCESSES VIA A SHARED MEMORY FABRIC 审中-公开
标题翻译：仲裁存储器访问上常用的存储矩阵
公开(公告)号：EP2946301A1
公开(公告)日：2015-11-25
申请号：EP14740818.1
申请日：2014-01-06
申请人： Intel Corporation
发明人： CUTTER, Daniel F. , FANNING, Blaise , NAGARAJAN, Ramadass , NIELL, Jose S. , BERNSTEIN, Debra , LIMAYE, Deepak , SCHOINAS, Ioannis T. , IYER, Ravishankar
IPC分类号： G06F13/14 , G06F12/00
CPC分类号： G06F13/1663 , G06F13/1605 , G06F13/161 , G06F2212/1024 , G06F2213/0064 , Y02D10/14
摘要： In an embodiment, a shared memory fabric is configured to receive memory requests from multiple agents, where at least some of the requests have an associated deadline value to indicate a maximum latency prior to completion of the memory request. Responsive to the requests, the fabric is to arbitrate between the requests based at least in part on the deadline values. Other embodiments are described and claimed.

5. 发明公开

EP3688649A1 CRYPTOGRAPHIC MEMORY OWNERSHIP 审中-公开
公开(公告)号：EP3688649A1
公开(公告)日：2020-08-05
申请号：EP17927819.7
申请日：2017-09-29
申请人： INTEL Corporation
发明人： DURHAM, David M. , SAHITA, Ravi , SHANBHOGUE, Vedvyas , HUNTLEY, Barry E. , PATEL, Baiju V. , GERZON, Gideon , SCHOINAS, Ioannis T. , KHOSRAVI, Hormuzd M. , CHHABRA, Siddhartha , ROZAS, Carlos V.
IPC分类号： G06F21/60 , G06F21/62 , H04L9/08 , H04L9/06

6. 发明公开

EP3885958A1 PROVIDING ISOLATION IN VIRTUALIZED SYSTEMS USING TRUST DOMAINS 审中-公开
公开(公告)号：EP3885958A1
公开(公告)日：2021-09-29
申请号：EP21175141.7
申请日：2018-08-15
申请人： INTEL Corporation
发明人： SAHITA, Ravi L. , PATEL, Baiju V. , HUNTLEY, Barry E. , NEIGER, Gilbert , KHOSRAVI, Hormuzd M. , OUZIEL, Ido , DURHAM, David M. , SCHOINAS, Ioannis T. , CHHABRA, Siddhartha , ROZAS, Carlos V. , GERZON, Gideon
IPC分类号： G06F21/71 , G06F21/79
摘要： Implementations describe providing isolation in virtualized systems using trust domains. In one implementation, an apparatus comprises: a memory to store a data structure including a key identifier corresponding to an encryption key assigned to a first tenant workload, a guest physical address corresponding to a host physical memory page assigned to the first tenant workload, and metadata attributes for the host physical memory page; and a processor. The processor includes: an instruction decoder to decode a plurality of instructions, the plurality of instructions including a first instruction to create a tenant workload control structure and a second instruction to create a tenant workload thread control structure; and one or more execution units to execute one or more of the plurality of instructions to create a first tenant workload control structure for managing metadata of the first tenant workload, create a first tenant workload thread control structure for maintaining execution state of the first tenant workload. The data structure is access-controlled against software access. The first tenant workload thread control structure is access-controlled against software access. The host physical memory page is encrypted with the encryption key. The one or more execution units, when executing the first tenant workload using the guest physical address, are to reference the data structure to obtain the key identifier to allow the apparatus to access and decrypt the host physical memory page.

7. 发明公开

EP3657378A1 PROVIDING ISOLATION IN VIRTUALIZED SYSTEMS USING TRUST DOMAINS 有权
公开(公告)号：EP3657378A1
公开(公告)日：2020-05-27
申请号：EP20152004.6
申请日：2018-08-15
申请人： INTEL Corporation
发明人： SAHITA, Ravi L. , PATEL, Baiju V. , HUNTLEY, Barry E. , NEIGER, Gilbert , KHOSRAVI, Hormuzd M. , OUZIEL, Ido , DURHAM, David M. , SCHOINAS, Ioannis T. , CHHABRA, Siddhartha , ROZAS, Carlos V. , GERZON, Gideon
IPC分类号： G06F21/71 , G06F21/79
摘要： Implementations describe providing isolation in virtualized systems using trust domains. In one implementation, the processing device includes a processing core to execute a tenant workload and a resource management capability to manage the tenant workload, the resource management capability including a hypervisor and the tenant workload including a virtual machine running on top of the hypervisor, and reference a micro-architectural structure a micro-architectural structure that is access-controlled against software access to obtain at least one key identifier, ID, corresponding to an encryption key assigned to the tenant workload, the key ID to allow the processing device to decrypt memory pages assigned to the tenant workload responsive to the processing device executing in the context of the tenant workload, the memory pages assigned to the tenant workload encrypted with the encryption key. The micro-architectural structure is to hold meta-data attributes for each physical memory page and the meta-data attributes are direct indexed by the physical page address of the physical memory page.

8. 发明授权

EP2972785B1 A METHOD, APPARATUS, SYSTEM FOR QUALIFYING CPU TRANSACTIONS WITH SECURITY ATTRIBUTES 有权转让
公开(公告)号：EP2972785B1
公开(公告)日：2019-10-16
申请号：EP14774872.7
申请日：2014-03-03
申请人： Intel Corporation
发明人： SASTRY, Manoj R. , SCHOINAS, Ioannis T. , CERMAK, Daniel M.
IPC分类号： G06F9/06 , G06F13/14 , G06F21/00 , G06F21/78

9. 发明公开

EP3457311A1 PROVIDING ISOLATION IN VIRTUALIZED SYSTEMS USING TRUST DOMAINS 有权
公开(公告)号：EP3457311A1
公开(公告)日：2019-03-20
申请号：EP18189207.6
申请日：2018-08-15
申请人： INTEL Corporation
发明人： SAHITA, Ravi L. , PATEL, Baiju V. , HUNTLEY, Barry E. , NEIGER, Gilbert , KHOSRAVI, Hormuzd M. , OUZIEL, Ido , DURHAM, David M. , SCHOINAS, Ioannis T. , CHHABRA, Siddhartha , ROZAS, Carlos V. , GERZON, Gideon
IPC分类号： G06F21/71 , G06F21/79
摘要： Implementations describe providing isolation in virtualized systems using trust domains. In one implementation, a processing device includes a memory ownership table (MOT) that is access-controlled against software access. The processing device further includes a processing core to execute a trust domain resource manager (TDRM) to manage a trust domain (TD), maintain a trust domain control structure (TDCS) for managing global metadata for each TD, maintain an execution state of the TD in at least one trust domain thread control structure (TD-TCS) that is access-controlled against software accesses, and reference the MOT to obtain at least one key identifier (key ID) corresponding to an encryption key assigned to the TD, the key ID to allow the processing device to decrypt memory pages assigned to the TD responsive to the processing device executing in the context of the TD, the memory pages assigned to the TD encrypted with the encryption key.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式