公开(公告)号：EP2761438A4

公开(公告)日：2015-04-22

申请号：EP11873157

申请日：2011-09-30

Applicant: INTEL CORP

Inventor： SMITH NED M ,  SAHITA RAVI L

IPC: G06F9/44 ,  G06F9/06 ,  G06F9/455 ,  G06F21/00 ,  G06F21/44

CPC classification number: G06F21/44 ,  G06F9/45558 ,  G06F21/00 ,  G06F21/575 ,  G06F2009/45562 ,  G06F2009/45566 ,  G06F2009/45587

公开(公告)号：EP2715634A4

公开(公告)日：2014-11-26

申请号：EP11866111

申请日：2011-12-29

Applicant: INTEL CORP

Inventor： SMITH NED M ,  BAKSHI SANJAY ,  SUGUMAR SURESH

IPC: G06Q20/40 ,  G06F15/16 ,  H04L9/14

CPC classification number: H04L63/10 ,  G06F21/44 ,  G06F21/629 ,  H04L63/0823 ,  H04L63/0876

公开(公告)号：EP3235297A4

公开(公告)日：2018-05-16

申请号：EP15870610

申请日：2015-11-20

Applicant: INTEL CORP

Inventor： SMITH NED M ,  SHELLER MICAH J ,  HELDT-SHELLER NATHAN

IPC: H04W48/04 ,  H04W4/06 ,  H04W12/06 ,  H04W88/02

CPC classification number: H04W4/021 ,  H04W12/08

Abstract: Various embodiments are generally directed to the provision and use of geometric location based security systems that use multiple beacons for determining a location. A beacon transmitted from an ultrasound broadcast as well as one or more different wireless broadcasts can be used to geo-locate a device and provide access controls based on the geo-location.

公开(公告)号：EP3295357A1

公开(公告)日：2018-03-21

申请号：EP16793136

申请日：2016-04-20

Applicant: INTEL CORP

Inventor： SMITH NED M ,  CASTELINO MANOHAR R ,  VIPAT HARSHAWARDHAN

IPC: G06F21/50 ,  G06F9/455 ,  G06F21/62

CPC classification number: G06F21/6281 ,  G06F21/57 ,  G06F2221/2113

Abstract: Systems, apparatuses and methods may provide for conducting a signature verification of a mandatory access control policy and provisioning the mandatory access control policy into kernel memory if the signature verification is successful. Additionally, the kernel memory may be protected from unauthorized write operations by one or more processes having system level privileges. In one example, the mandatory access control policy is provisioned without a system reboot.

公开(公告)号：EP3123661A4

公开(公告)日：2017-11-08

申请号：EP15769806

申请日：2015-02-20

Applicant: INTEL CORP

Inventor： SMITH NED M ,  BHARGAV-SPANTZEL ABHILASHA ,  SHELLER MICAH JAMES

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L63/20 ,  H04L9/3247 ,  H04L63/08 ,  H04L2463/082

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to facilitate multi-factor authentication policy enforcement using one or more policy handlers. An example first policy handler to manage a global policy in a distributed environment includes a parser to identify a first sub-policy of the global policy that is capable of enforcement by the first policy handler, and an attester to sign the first sub-policy. The example first policy handler further includes a director to determine whether to forward the global policy to a second policy handler based on a signature status of the global policy, and to forward the global policy to the second policy handler when the signature status of the global policy is indicative of an unsigned second sub-policy.

公开(公告)号：EP3127274A4

公开(公告)日：2017-09-06

申请号：EP15773683

申请日：2015-03-05

Applicant: INTEL CORP

Inventor： SMITH NED M ,  BEN-SHALOM OMER ,  NAYSHTUT ALEX

IPC: H04L9/30 ,  G06F21/62 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0428 ,  G06F21/6218 ,  H04L9/30 ,  H04L63/083 ,  H04L63/10 ,  H04L67/10 ,  H04L67/12 ,  H04L69/22

Abstract: Methods and apparatus to securely share data are disclosed. An example includes generating, at a first device of a first user of cloud services, an archive file representative of a drive of the first device; encrypting, via a processor, the archive file to form an encrypted archive file; and conveying the encrypted archive file to a cloud service provider, the encrypted archive file to be decrypted by a second device of a second user of the cloud services, the decrypted archive file to be mounted to an operating system of the second device.

Abstract translation: 披露了安全共享数据的方法和装置。 一个示例包括在云服务的第一用户的第一设备处生成表示第一设备的驱动器的档案文件; 经由处理器加密所述档案文件以形成经加密的档案文件; 以及将加密的档案文件传送给云服务提供者，该加密的档案文件将由云服务的第二用户的第二设备解密，解密的档案文件将被安装到第二设备的操作系统。

公开(公告)号：EP3084676A4

公开(公告)日：2017-08-23

申请号：EP13899568

申请日：2013-12-19

Applicant: INTEL CORP

Inventor： SMITH NED M ,  WILLIS THOMAS G ,  HELDT-SHELLER NATHAN

IPC: G06F21/60 ,  G06F13/38

CPC classification number: G07C5/008 ,  G07C5/085 ,  H04W4/003 ,  H04W4/046 ,  H04W12/02

Abstract: The present disclosure is directed to secure vehicular data management with enhanced privacy. A vehicle may comprise at least a vehicular control architecture (VCA) for controlling operation of the vehicle and a device. The VCA may record operational data identifying at least one vehicle operator and vehicular operational data recorded during operation of the vehicle by the at least one vehicle operator. The device may include at least a communication module and a trusted execution environment (TEE) including a privacy enforcement module (PEM). The PEM may receive the operational data from the VCA via the communication module, may generate filtered data by filtering the operational data based on privacy settings and may cause the filtered data to be transmitted via the communication module. The filtered data may be transmitted to at least one data consumer. The privacy settings may be configured in the PEM by the at least one operator.

Abstract translation: 本公开涉及具有增强的隐私的安全车辆数据管理。 车辆可以包括用于控制车辆和设备的操作的至少一个车辆控制架构（VCA）。 VCA可以记录识别至少一个车辆操作员的操作数据和由至少一个车辆操作员在车辆操作期间记录的车辆操作数据。 该设备可以包括至少一个通信模块和包括隐私实施模块（PEM）的可信执行环境（TEE）。 PEM可以经由通信模块从VCA接收操作数据，可以通过基于隐私设置对操作数据进行过滤来生成过滤的数据，并且可以使得经过过滤的数据经由通信模块被发送。 过滤的数据可以被传送给至少一个数据消费者。 至少一个运营商可以在PEM中配置隐私设置。

公开(公告)号：EP3084668A4

公开(公告)日：2017-08-23

申请号：EP13899881

申请日：2013-12-19

Applicant: INTEL CORP

Inventor： SMITH NED M ,  HELDT-SHELLER NATHAN ,  LAL RESHMA ,  SHELLER MICAH J ,  HOEKSTRA MATTHEW E

IPC: G06F21/10

CPC classification number: H04L63/10 ,  G06F21/10 ,  G06F2221/0708 ,  H04L67/42

Abstract: Technologies for supporting and implementing multiple digital rights management protocols on a client device are described. In some embodiments, the technologies include a client device having an architectural enclave which may function to identify one of a plurality of digital rights management protocols for protecting digital information to be received from a content provider or a sensor. The architectural enclave select a preexisting secure information processing environment (SIPE) to process said digital information, if a preexisting SIPE supporting the DRM protocol is present on the client. If a preexisting SIPE supporting the DRM protocol is not present on the client, the architectural enclave may general a new SIPE that supports the DRM protocol on the client. Transmission of the digital information may then be directed to the selected preexisting SIPE or the new SIPE, as appropriate.

Abstract translation: 描述了在客户端设备上支持和实现多种数字版权管理协议的技术。 在一些实施例中，这些技术包括具有可用于识别用于保护要从内容提供商或传感器接收的数字信息的多个数字权利管理协议中的一个的体系结构飞地的客户端设备。 如果在客户端上存在支持DRM协议的先前存在的SIPE，则架构区域选择先前存在的安全信息处理环境（SIPE）来处理所述数字信息。 如果客户端上不存在支持DRM协议的先前存在的SIPE，则架构区域可以在客户端上通用新的支持DRM协议的SIPE。 数字信息的传输然后可以适当地被引导到选择的预先存在的SIPE或新的SIPE。

公开(公告)号：EP3049958A4

公开(公告)日：2017-03-08

申请号：EP13894473

申请日：2013-09-27

Applicant: INTEL CORP

Inventor： SMITH NED M ,  HELDT-SHELLER NATHAN

IPC: G06F21/62 ,  G06F17/30 ,  H04L29/02 ,  H04L29/06

CPC classification number: H04L63/20 ,  G06F21/60 ,  G06F21/6245 ,  G06Q10/00 ,  H04L9/00 ,  H04L63/0407 ,  H04L2209/42

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to identify privacy relevant correlations between data values. An example disclosed apparatus includes a principal monitor to identify a first privacy value associated with a first principal, a tuple manager to build a probability tuple matrix comprising a first tuple and a plurality of second tuples, the first tuple including the first principal and the associated first privacy value, and an Eigenvector engine to evaluate the probability tuple matrix to identify a dominant Eigenvector indicative of a correlation between the first privacy value and one of the plurality of second tuples.

公开(公告)号：EP2598994A4

公开(公告)日：2016-06-08

申请号：EP11813213

申请日：2011-07-28

Applicant: INTEL CORP

Inventor： SMITH NED M ,  WISEMAN WILLARD M ,  SHANBHOGUE VEDVYAS ,  GRAWROCK DAVID W ,  STRONGIN GEOFFREY S

IPC: G06F11/16 ,  G06F13/14 ,  G06F21/50 ,  G06F21/57 ,  G06F21/85

CPC classification number: G06F21/44 ,  G06F21/50 ,  G06F21/57 ,  G06F21/575 ,  G06F21/85 ,  H04L63/126 ,  H04L67/125

Abstract: In one embodiment, a processor can enforce a blacklist and validate, according to a multi-phase lockstep integrity protocol, a device coupled to the processor. Such enforcement may prevent the device from accessing one or more resources of a system prior to the validation. The blacklist may include a list of devices that have not been validated according to the multi-phase lockstep integrity protocol. Other embodiments are described and claimed.