公开(公告)号：US11416603B2

公开(公告)日：2022-08-16

申请号：US16246187

申请日：2019-01-11

Applicant: Intel Corporation

Inventor： Zheng Zhang ,  Jason Martin ,  Justin Gottschlich ,  Abhilasha Bhargav-Spantzel ,  Salmin Sultana ,  Li Chen ,  Wei Li ,  Priyam Biswas ,  Paul Carlson

IPC: G06F21/52 ,  G06N20/00 ,  G06F21/56 ,  G06F21/51 ,  G05B23/02

Abstract: Methods, systems, articles of manufacture and apparatus to detect process hijacking are disclosed herein. An example apparatus to detect control flow anomalies includes a parsing engine to compare a target instruction pointer (TIP) address to a dynamic link library (DLL) module list, and in response to detecting a match of the TIP address to a DLL in the DLL module list, set a first portion of a normalized TIP address to a value equal to an identifier of the DLL. The example apparatus disclosed herein also includes a DLL entry point analyzer to set a second portion of the normalized TIP address based on a comparison between the TIP address and an entry point of the DLL, and a model compliance engine to generate a flow validity decision based on a comparison between (a) the first and second portion of the normalized TIP address and (b) a control flow integrity model.

公开(公告)号：US10511600B2

公开(公告)日：2019-12-17

申请号：US15865063

申请日：2018-01-08

Applicant: INTEL CORPORATION

Inventor： Micah J. Sheller ,  Yonghong Huang ,  Narjala P. Bhasker ,  Jason Martin ,  Cory Cornelius

IPC: H04L29/06 ,  G06F21/20 ,  H04W12/00 ,  H04W12/06 ,  H04W12/08 ,  G06F1/16 ,  G06F3/01 ,  G06F21/30

Abstract: Various embodiments are generally directed to an apparatus, method, and other techniques to maintain user authentications with common trusted devices. If a user is in possession of a first computing device (e.g., a smartphone), an unlocked state of the first trusted device is maintained if the user is using a nearby trusted device (e.g., a computer) within a certain amount of time. If the first trusted device is in a pocket or other container, a longer span of time is granted to the user to register an on-body state.

公开(公告)号：US20190138007A1

公开(公告)日：2019-05-09

申请号：US16236291

申请日：2018-12-28

Applicant: Intel Corporation

Inventor： Sara Baghsorkhi ,  Justin Gottschlich ,  Alexander Heinecke ,  Mohammad Mejbah Ul Alam ,  Shengtian Zhou ,  Sridhar Sharma ,  Patrick Andrew Mead ,  Ignacio Alvarez ,  David Gonzalez Aguirre ,  Kathiravetpillai Sivanesan ,  Jeffrey Ota ,  Jason Martin ,  Liuyang Lily Yang

IPC: G05D1/00 ,  G05D1/02

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed that provide an apparatus to analyze vehicle perspectives, the apparatus comprising a profile generator to generate a first profile of an environment based on a profile template and first data generated by a first vehicle; a data analyzer to: determine a difference between the first profile and a second profile obtained from a first one of one or more nodes in the environment; and in response to a trigger event, update the first profile based on the difference; and a vehicle control system to: in response to the trigger event, update a first perspective of the environment based on one or more of second data from the first one of the one or more nodes or the updated first profile; update a path plan for the first vehicle based on the updated first perspective; and execute the updated path plan.

公开(公告)号：US20190042937A1

公开(公告)日：2019-02-07

申请号：US15892138

申请日：2018-02-08

Applicant: Intel Corporation

Inventor： Micah Sheller ,  Cory Cornelius ,  Jason Martin ,  Yonghong Huang ,  Shih-Han Wang

IPC: G06N3/08 ,  G06F21/55

Abstract: Methods, apparatus, systems and articles of manufacture for federated training of a neural network using trusted edge devices are disclosed. An example system includes an aggregator device to aggregate model updates provided by one or more edge devices. The one or more edge devices to implement respective neural networks, and provide the model updates to the aggregator device. At least one of the edge devices to implement the neural network within a trusted execution environment.

公开(公告)号：US10104122B2

公开(公告)日：2018-10-16

申请号：US14825645

申请日：2015-08-13

Applicant: Intel Corporation

Inventor： Scott H. Robinson ,  Jason Martin ,  Howard C. Herbert ,  Michael LeMay ,  Karanvir Ken S. Grewal ,  Keith L. Shippy ,  Geoffrey Strongin

IPC: H04L29/06 ,  H04L29/08 ,  G06K9/00

Abstract: Sensor data may be filtered in a secure environment. The filtering may limit distribution of the sensor data. Filtering may modify the sensor data, for example, to prevent identification of a person depicted in a captured image or to prevent acquiring a user's precise location. Filtering may also add or require other data use controls to access the data. Attestation that a filter policy is being applied and working properly or not may be provided as well.

公开(公告)号：US20150347768A1

公开(公告)日：2015-12-03

申请号：US14367405

申请日：2013-12-19

Applicant: INTEL CORPORATION

Inventor： Jason Martin ,  Matthew Hoekstra

IPC: G06F21/62 ,  G06F21/10 ,  G06F21/60 ,  H04L29/06 ,  G06F9/455

CPC classification number: G06F21/62 ,  G06F9/45558 ,  G06F21/10 ,  G06F21/56 ,  G06F21/602 ,  G06F21/74 ,  G06F2009/45579 ,  G06F2009/45587 ,  G06F2221/0724 ,  G06F2221/2105 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/145 ,  H04L63/20

Abstract: An embodiment includes a method executed by at least one processor comprising: initializing first and second secure enclaves each comprising a trusted software execution environment that prevents software executing outside the first and second secure enclaves from having access to software and data inside the first and second secure enclaves; the first secure enclave (a)(i) inspecting a policy, (a)(ii) authenticating the second secure enclave in response to inspecting the policy; and (a)(iii) communicating encrypted content to the second secure enclave in response to authenticating the second secure enclave; and the second secure enclave (b)(i) decrypting the encrypted content to produce decrypted content, and (b)(ii) inspecting the decrypted content. Other embodiments are described herein.

Abstract translation: 一个实施例包括由至少一个处理器执行的方法，包括：初始化第一和第二安全空间，每个包括可信软件执行环境，其防止在第一和第二安全区域之外执行的软件在第一和第二安全区域内访问软件和数据 飞地 第一个安全飞地（a）（i）检查政策，（a）（ii）对检查该政策的第二个安全飞地进行认证; 和（a）（iii）响应于认证所述第二安全飞地而将加密的内容传送到所述第二安全飞地; 和第二安全飞地（b）（i）解密加密的内容以产生解密的内容，以及（b）（ii）检查解密的内容。 本文描述了其它实施例。

公开(公告)号：US20150304195A1

公开(公告)日：2015-10-22

申请号：US14129512

申请日：2013-10-10

Applicant: INTEL CORPORATION

Inventor： Abhilasha Bhargav-Spantzel ,  Craig Owen ,  Sherry Chang ,  Hormuzd M. Khosravi ,  Jason Martin

IPC: H04L12/26

CPC classification number: H04L43/0876 ,  G06F11/3058 ,  G06F11/3089 ,  G06F11/3438 ,  G06F21/316 ,  G06F21/32 ,  G06F21/552 ,  G06F21/554 ,  G06F2221/2149 ,  G09B7/00 ,  H04L43/10

Abstract: Embodiments for implementing platform-enforced user accountability are generally described herein. A policy is accessed at a computing platform, the policy to define an expected behavior of a user of the system. Based on the policy, a sensor to use to enforce the policy is determined Data is obtained from the sensor, with the data indicative of an activity performed by the user, and using the data, a determination is made whether the user is in compliance with the expected behavior defined in the policy.

Abstract translation: 这里通常描述用于实现平台强制用户问责的实施例。 在计算平台上访问策略，定义系统用户的预期行为的策略。 基于该策略，确定用于强制执行策略的传感器数据是从传感器获得的，数据表示用户执行的活动，并且使用该数据，确定用户是否符合 策略中定义的预期行为。

公开(公告)号：US20150070134A1

公开(公告)日：2015-03-12

申请号：US14479604

申请日：2014-09-08

Applicant: INTEL CORPORATION

Inventor： Ramune Nagisetty ,  Melissa A. Cowan ,  Jason Martin ,  Richard A. Forand ,  Wen-Ling M. Huang ,  Conor P. Cahill

IPC: G07C9/00

CPC classification number: G07C9/00119 ,  G07C9/00111 ,  G07C2009/00095 ,  H04W12/06 ,  H04W12/08

Abstract: A wearable device (“WD”) stores a token after its wearer completes a successful strong authentication on a primary protected device (“primary PD”). Other protected devices (“secondary PDs”) recognize the stored token as representing a strong authentication and grant the user access while the user continues to wear the WD within a “digital leash-length” proximity. The WD constantly monitors whether the user continues to wear the device. Upon sensing that the user has removed the WD, the WD deletes, disables, or invalidates the token, The user must then repeat the strong authentication to gain further access to the protected devices.

Abstract translation: 穿戴式装置（“WD”）在穿戴者在主要受保护设备（“主要PD”）上完成成功的强认证之后存储令牌。 其他受保护设备（“辅助PD”）将所存储的令牌识别为表示强认证，并在用户继续佩戴“数字附带长度”接近度内的WD时授予用户访问权限。 WD不断监控用户是否继续佩戴设备。 一旦检测到用户已经取出WD，则WD将删除，禁用或使令牌无效。用户必须重复强认证才能进一步访问受保护的设备。

公开(公告)号：US20240211549A1

公开(公告)日：2024-06-27

申请号：US18591640

申请日：2024-02-29

Applicant: Intel Corporation

Inventor： Marius Arvinte ,  Brandon Edwards ,  Cory Cornelius ,  Jason Martin ,  Sebastian Szyller ,  Micah Sheller ,  Nageen Himayat

IPC: G06F21/10

CPC classification number: G06F21/101

Abstract: An example apparatus includes interface circuitry, machine-readable instructions, and at least one processor circuit to be programmed by the machine-readable instructions to access a first set of samples associated with a diffusion model, the first set of samples including a plurality of input data samples, generate a representation of the first set of samples, sample the representation of the first set of samples to generate a representation of a second set of samples, and generate the second set of samples from the representation of the second set of samples, the second set of samples including a plurality of output data samples, an output data sample corresponding to an input data sample and being different from the corresponding input data sample.

公开(公告)号：US20220012355A1

公开(公告)日：2022-01-13

申请号：US17483543

申请日：2021-09-23

Applicant: Intel Corporation

Inventor： Prakash Narayana Moorthy ,  Patrick Foley ,  Micah Sheller ,  Clair Bowman ,  G. Anthony Reina ,  Jason Martin ,  Shih-Han Wang

IPC: G06F21/62 ,  G06F21/60

Abstract: A method comprises receiving in a governor device, from a plurality of data owner devices, metadata for one or more datasets maintained by the plurality of data owner devices, registering the metadata for the one or more datasets with the governor device, in response to a request from an aggregator, providing at least a portion of the metadata for the one or more datasets to the aggregator, receiving, from the aggregator, a compute plan to be implemented by the plurality of data owner devices, distributing at least a portion of the compute plan to the plurality of data owner devices, in response to receiving, from the plurality of data owner devices, a verification report and a certification for an enclave, binding the enclave to a host device, and providing the compute plan to the plurality of data owner devices.