专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明申请

WO2016200659A1 A SELF-CONFIGURING KEY MANAGEMENT SYSTEM FOR AN INTERNET OF THINGS NETWORK 审中-公开
标题翻译：一种用于网络互联网的自配置密钥管理系统
公开(公告)号：WO2016200659A1
公开(公告)日：2016-12-15
申请号：PCT/US2016/035282
申请日：2016-06-01
申请人： INTEL CORPORATION
发明人： SMITH, Ned M.
IPC分类号： H04L9/08 , H04L29/08 , H04L29/06
CPC分类号： H04L63/045 , H04L9/0822 , H04L9/0825 , H04L9/0841 , H04L9/088 , H04L9/14 , H04L9/3213 , H04L63/062 , H04L63/20 , H04L67/12
摘要： In one embodiment, a method includes receiving, in a first device, at least one of a first symmetric key and a first asymmetric key in a common key management structure, the common key management structure to accommodate asymmetric keys and symmetric keys, and further including security policy information to enable communication between the first device of a first domain of an Internet of Things (IoT) network and a second device of a second domain of the IoT network according to an inter-domain security policy; and sending a first message directly from the first device to the second device according to the security policy information of the common key management structure. Other embodiments are described and claimed.
摘要翻译：在一个实施例中，一种方法包括在第一设备中接收公共密钥管理结构中的第一对称密钥和第一非对称密钥中的至少一个，用于容纳非对称密钥和对称密钥的公共密钥管理结构，并且还包括安全策略信息，以根据域间安全策略来实现物联网（IoT）网络的第一域的第一设备与物联网的第二域的第二设备之间的通信; 以及根据公共密钥管理结构的安全策略信息，将第一消息直接从第一设备发送到第二设备。描述和要求保护其他实施例。

42. 发明申请

WO2016200599A1 SYSTEM, APPARATUS AND METHOD FOR AUTO-OPTIMIZATION OF ACCESS CONTROL POLICY AND KEY MANAGEMENT IN A NETWORK AUTHORING TOOL 审中-公开
标题翻译：网络作业工具中访问控制政策和关键管理的自动优化的系统，装置和方法
公开(公告)号：WO2016200599A1
公开(公告)日：2016-12-15
申请号：PCT/US2016/033832
申请日：2016-05-23
申请人： INTEL CORPORATION
发明人： SMITH, Ned M. , YANG, Shao-Wen , HELDT-SHELLER, Nathan , WILLIS, Thomas G.
IPC分类号： H04L29/06 , H04L29/08 , H04L12/64
CPC分类号： H04L63/101 , H04L63/062 , H04L63/08 , H04L63/104 , H04L67/12 , H04W4/70 , H04W12/04 , H04W12/08
摘要： In one embodiment, a method includes: presenting, in a user interface of an authoring tool, a plurality of levels of abstraction for a network having a plurality of devices; receiving information from a user regarding a subset of the plurality of devices to be provisioned with one or more security keys and an access control policy; automatically provisioning a key schedule for the subset of the plurality of devices in the network based on the user input and a topological context of the network; and automatically provisioning the access control policy for the subset of the plurality of devices in the network based on the user input and the topological context of the network.
摘要翻译：在一个实施例中，一种方法包括：在创作工具的用户界面中呈现具有多个设备的网络的多个抽象级别; 从用户接收关于要被提供的多个设备的子集的信息，其具有一个或多个安全密钥和访问控制策略; 基于所述用户输入和所述网络的拓扑上下文，自动地为所述网络中的所述多个设备的子集提供密钥调度; 以及基于所述用户输入和所述网络的拓扑上下文，自动地为所述网络中的所述多个设备的子集提供所述访问控制策略。

43. 发明申请

WO2016200598A1 SYSTEM, APPARATUS AND METHOD FOR ACCESS CONTROL LIST PROCESSING IN A CONSTRAINED ENVIRONMENT 审中-公开
标题翻译：系统，装置和方法，用于在受约束的环境中访问控制列表处理
公开(公告)号：WO2016200598A1
公开(公告)日：2016-12-15
申请号：PCT/US2016/033831
申请日：2016-05-23
申请人： INTEL CORPORATION
发明人： SMITH, Ned M. , AGERSTAM, Mats G. , HELDT-SHELLER, Nathan
IPC分类号： H04L29/06
CPC分类号： H04L63/205 , H04L63/101 , H04L67/12 , H04W4/70 , H04W12/08
摘要： A method includes receiving a first request from a first device to access a first resource of the system and determining whether to grant access to the first resource based on a first access control list stored in the system, the first device having a first relevance value, and based on the determination, granting the access to the first resource; and receiving a second request from a second device to access a second resource of the system and forwarding the second request to an access manager service to determine whether to grant access to the second resource based on a second access control list stored in the access manager service associated with the second device, the second device having a second relevance value, receive an access grant from the access manager service and based thereon, granting the access to the second resource.
摘要翻译：一种方法包括从第一设备接收访问系统的第一资源的第一请求，并且基于存储在系统中的第一访问控制列表来确定是否授予对第一资源的访问，第一设备具有第一相关值，并基于确定，授予对第一资源的访问; 以及从第二设备接收第二请求以访问所述系统的第二资源，并且将所述第二请求转发给访问管理器服务以基于存储在所述访问管理器服务中的第二访问控制列表来确定是否授予对所述第二资源的访问与所述第二设备相关联，所述第二设备具有第二相关性值，从所述访问管理器服务接收访问许可，并且基于此，授予对所述第二资源的访问权限。

44. 发明申请

WO2016200594A2 SYSTEM, APPARATUS AND METHOD FOR SECURE COORDINATION OF A RENDEZVOUS POINT FOR DISTRIBUTED DEVICES USING ENTROPY MULTIPLEXING 审中-公开
标题翻译：用于使用熵多路复用的分布式设备的固定点的协调的系统，装置和方法
公开(公告)号：WO2016200594A2
公开(公告)日：2016-12-15
申请号：PCT/US2016/033820
申请日：2016-05-23
申请人： INTEL CORPORATION
发明人： SMITH, Ned M. , AGERSTAM, Mats G. , GADIRAJU, Narasimham
IPC分类号： H04L9/08 , H04L9/32
CPC分类号： H04L63/0428 , H04L63/083 , H04L67/1002 , H04W12/06

45. 发明申请

WO2016105810A1 PROVISIONING LOCATION-BASED SECURITY POLICY 审中-公开
标题翻译：提供基于位置的安全政策
公开(公告)号：WO2016105810A1
公开(公告)日：2016-06-30
申请号：PCT/US2015/062370
申请日：2015-11-24
申请人： INTEL CORPORATION
发明人： GOSS, Nathaniel J. , HELDT-SHELLER, Nathan , WELLS, Kevin C. , SHELLER, Micah J. , PANDIAN, Sindhu , SMITH, Ned M. , KEANY, Bernard N.
IPC分类号： H04L29/06 , H04W12/00
CPC分类号： G06F21/57 , G06F21/31 , G06F21/6218 , G06F21/629 , G06F2221/034 , G06F2221/2105 , G06F2221/2111 , H04L63/107
摘要： In one embodiment, a system comprises: a processor including at least one core to execute instructions; a plurality of sensors, including a first sensor to determine location information regarding a location of the system; and a security engine to apply a security policy to the system. In this embodiment, the security engine includes a policy logic to determine one of a plurality of security policies to apply based at least in part on the location information, where the location information indicates a location different than locations associated with the plurality of security policies. Other embodiments are described and claimed.
摘要翻译：在一个实施例中，系统包括：处理器，其包括执行指令的至少一个核心; 多个传感器，包括用于确定关于系统位置的位置信息的第一传感器; 以及将安全策略应用于系统的安全引擎。在该实施例中，安全引擎包括策略逻辑，用于至少部分地基于位置信息来确定要应用的多个安全策略中的一个，其中位置信息指示与多个安全策略相关联的位置不同的位置。描述和要求保护其他实施例。

46. 发明申请

WO2016076978A1 TECHNOLOGIES FOR TRUSTED DEVICE ON-BOARDING 审中-公开
标题翻译：用于托管设备的技术
公开(公告)号：WO2016076978A1
公开(公告)日：2016-05-19
申请号：PCT/US2015/054153
申请日：2015-10-06
申请人： INTEL CORPORATION
发明人： SMITH, Ned M. , WALKER, Jesse , AGERSTAM, Mats , SUBRAMANIAM, Ravi S. , CABRE, Eduardo
IPC分类号： H04L9/08
CPC分类号： H04L9/0841 , H04L9/0833 , H04L9/0844 , H04L9/0866 , H04L9/14 , H04L9/30 , H04L9/3013 , H04L2209/127 , H04W12/04
摘要： Technologies for trusted device on-boarding include a first computing device to generate a first public Diffie-Hellman key based on a private Diffie-Hellman key and a first unique identifier of the first computing device. The first unique identifier is retrieved from secure memory of the first computing device. The first computing device transmits the first public Diffie-Hellman key to a second computing device and receives, from the second computing device, a second public Diffie-Hellman key of the second computing device. The second public Diffie-Hellman key incorporates a second unique identifier of the second computing device. Further, the first computing device removes a contribution of the second unique identifier from the second public Diffie-Hellman key to generate a modified public Diffie-Hellman key and generates a shared Diffie-Hellman key based on the modified public Diffie-Hellman key and the private Diffie-Hellman key of the first computing device.
摘要翻译：用于可信设备登机的技术包括第一计算设备，用于基于私有Diffie-Hellman密钥和第一计算设备的第一唯一标识符生成第一公共Diffie-Hellman密钥。从第一计算设备的安全存储器检索第一唯一标识符。第一计算设备将第一公共Diffie-Hellman密钥发送到第二计算设备，并从第二计算设备接收第二计算设备的第二公共Diffie-Hellman密钥。第二个公共Diffie-Hellman密钥包含第二计算设备的第二唯一标识符。此外，第一计算设备从第二公共Diffie-Hellman密钥去除第二唯一标识符的贡献，以生成修改的公共Diffie-Hellman密钥，并且基于修改的公共Diffie-Hellman密钥生成共享Diffie-Hellman密钥，并且第一个计算设备的私人Diffie-Hellman密钥。

47. 发明申请

WO2015047665A1 PUBLICATION AND REMOVAL OF ATTRIBUTES IN A MULTI-USER COMPUTING SYSTEM 审中-公开
标题翻译：多用户计算系统中属性的出版和删除
公开(公告)号：WO2015047665A1
公开(公告)日：2015-04-02
申请号：PCT/US2014/053589
申请日：2014-08-29
申请人： INTEL CORPORATION
发明人： SMITH, Ned M. , HELDT-SHELLER, Nathan , WILLIS, Thomas G.
IPC分类号： G06Q50/10 , G06Q30/02
CPC分类号： G06F21/6254 , G06Q30/00 , G06Q30/02 , G06Q30/0241
摘要： Embodiments of the present disclosure are directed toward publication and/or removal of attributes in a multi-user computing environment. In some embodiments, a consumer information manager (CIM) associated with a user of a multi-user computing system may receive a notification, from a dimension authority (DA), of a decrease in a population count of users of the computing system who have published an attribute within the computing system, and may determine whether the user has published the attribute. In response to receiving the notification of the decrease and determining that the user has published the attribute, the CIM may determine a likelihood that continued publication of the attribute will enable identification of the user, compare the likelihood to a threshold, and, when the likelihood exceeds the threshold, remove the attribute from publication. Other embodiments may be disclosed and/or claimed.
摘要翻译：本公开的实施例针对在多用户计算环境中的属性的发布和/或移除。在一些实施例中，与多用户计算系统的用户相关联的消费者信息管理器（CIM）可以从维度机构（DA）接收具有计算系统的用户的群体数量减少的通知在计算系统内发布了一个属性，并且可以确定用户是否已经发布了该属性。响应于接收到减少的通知并确定用户已经发布该属性，CIM可以确定继续发布该属性将使得能够识别用户，将可能性与阈值进行比较的可能性，以及当可能性超过阈值，从发布中删除属性。可以公开和/或要求保护其他实施例。

48. 发明申请

WO2022011009A1 ATTESTATION VERIFIER ROLE DELEGATION 审中-公开
公开(公告)号：WO2022011009A1
公开(公告)日：2022-01-13
申请号：PCT/US2021/040681
申请日：2021-07-07
申请人： INTEL CORPORATION
发明人： SMITH, Ned M. , WANG, Junyuan , GUO, Kaijie , FAN, Zijuan , LI, Weigang , ZHANG, Lihui
IPC分类号： H04L29/06 , H04L29/08 , H04L9/32
摘要： Various examples of device and system implementations and methods for performing attestation delegation operations are disclosed. In an example, attestation operations are performed by a verifier, including: obtaining endorsement information for attestation of an entity; obtaining an appraisal policy for evaluation of attestation evidence for the attestation of the entity; determining, based on the endorsement information and the appraisal policy, that delegation to a delegate verifier entity is permitted to perform the attestation of the entity; and providing, to the delegate verifier entity, a delegation command to perform the attestation of the entity, wherein the delegation command authorizes the delegate verifier entity to perform attestation operations (e.g., verifier operations) for a domain of entities including the entity.

49. 发明申请

WO2020005452A1 PROTECTION OF INFORMATION IN AN INFORMATION EXCHANGE 审中-公开
公开(公告)号：WO2020005452A1
公开(公告)日：2020-01-02
申请号：PCT/US2019/034513
申请日：2019-05-30
申请人： INTEL CORPORATION
发明人： SMITH, Ned M. , POORNACHANDRAN, Rajesh , NOLAN, Michael , PEFFERS, Simon N.
IPC分类号： G06Q20/40 , H04L9/06
摘要： In some examples, an apparatus uses a blockchain to agree on a time in an information exchange network. A first node includes a processor communicatively coupled to a storage device including instructions. When executed by the processor, the instructions cause the processor to verify a time estimate from each of one or more other node, to determine a time match of a time estimate of the first node with the time estimates from the one or more other node, and if the time match is determined, to commit to the blockchain a transaction that includes a time stamp.

50. 发明申请

WO2019172959A1 CREDENTIAL DEPENDENCY ENCODING IN RESTFUL SYSTEM BASED ON RESOURCES 审中-公开
公开(公告)号：WO2019172959A1
公开(公告)日：2019-09-12
申请号：PCT/US2018/053456
申请日：2018-09-28
申请人： INTEL CORPORATION
发明人： SMITH, Ned M.
IPC分类号： H04L29/08 , H04W4/70 , H04L29/06 , H04W12/06
摘要： Various systems and methods of establishing and providing credential dependency information in RESTful transactions are described. In an example, accessing credential resource dependencies may be performed by a credential management service (CMS) or other server, with operations including: receiving a request for a credential resource in a Representation State Transfer (RESTful) communication; identifying the credential resource which has a credential path that indicates a dependency associated with a credential; identifying dependency characteristics of the credential resource, based on the dependency; populating the credential resource to include a dependent credential, based on the dependency characteristics; and transmitting the populated credential resource in response to the request. In further examples, the credential resource and the credential path within the credential resource may be established, such as by defining paths to trust anchor entries, or dependencies to a trusted computing key of a trusted computing module that attests to trust properties.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式