公开(公告)号：WO2012018508A3

公开(公告)日：2012-05-03

申请号：PCT/US2011044334

申请日：2011-07-18

Applicant: INTEL CORP ,  SWANSON ROBERT C ,  ZIMMER VINCENT J ,  BULUSU MALLIK ,  ROTHMAN MICHAEL A ,  SAKTHIKUMAR PALSAMY

Inventor： SWANSON ROBERT C ,  ZIMMER VINCENT J ,  BULUSU MALLIK ,  ROTHMAN MICHAEL A ,  SAKTHIKUMAR PALSAMY

IPC: G06F13/14 ,  G06F9/22 ,  G06F11/27 ,  G06K17/00

CPC classification number: H04L45/02 ,  H04W4/008 ,  H04W84/18

Abstract: Using radio frequency identification (RFID) tags embedded in processors within a computing system to assist in system initialization processing. The RFID tags provide a separate communication path to other components of the computing system during initialization processing, apart from the system interconnect. When the computing system is powered up, each processor in the system may cause its RFID tag to broadcast data regarding the processor's interconnect location and initialization status. The RFID tags may be sensed by a RFID receiver in the Platform Control Hub (PCH) of the computing system, and each processor's interconnect location and initialization status data may be stored in selected registers within the PCH. When the BIOS executes during system initialization processing, the BIOS may access these PCH registers to obtain the processor's data. The interconnect location and initialization status data may be used by the BIOS to select the optimal routing table and to configure the virtual network within the computing system based at least in part on the optimal routing table and the RFID tag data and without the need for interrogating each processor individually over the system interconnect.

Abstract translation: 使用嵌入在计算系统内的处理器中的射频识别（RFID）标签来协助系统初始化处理。 除了系统互连，RFID标签在初始化处理期间提供到计算系统的其他组件的单独的通信路径。 当计算系统通电时，系统中的每个处理器可能使其RFID标签广播关于处理器的互连位置和初始化状态的数据。 RFID标签可以由计算系统的平台控制中心（PCH）中的RFID接收器感测，并且每个处理器的互连位置和初始化状态数据可以存储在PCH内的选定的寄存器中。 当BIOS在系统初始化处理期间执行时，BIOS可以访问这些PCH寄存器以获得处理器的数据。 BIOS可以使用互连位置和初始化状态数据来选择最佳路由表并且至少部分地基于最佳路由表和RFID标签数据来配置计算系统内的虚拟网络，并且不需要询问 每个处理器分别通过系统互连。

公开(公告)号：AU2011305211B2

公开(公告)日：2014-07-03

申请号：AU2011305211

申请日：2011-09-23

Applicant: INTEL CORP

Inventor： SWANSON ROBERT ,  ROTHMAN MICHAEL A ,  BULUSU MALLIK ,  ZIMMER VINCENT J ,  SAKTHIKUMAR PALSAMY

IPC: G06F9/06 ,  G06F9/22 ,  G06F13/14

Abstract: A network interface card with read-only memory having at least a micro-kernel of a cluster computing operation system, a server formed with such network interface card, and a computing cluster formed with such servers are disclosed herein. In various embodiments, on transfer, after an initial initialization phase during an initialization of a server, the network interface card loads the cluster computing operation system into system memory of the server, to enable the server, in conjunction with other similarly provisioned servers to form a computing cluster. Other embodiments are also disclosed and claimed.

公开(公告)号：AU2011305211A1

公开(公告)日：2013-03-07

申请号：AU2011305211

申请日：2011-09-23

Applicant: INTEL CORP

Inventor： SWANSON ROBERT ,  ROTHMAN MICHAEL A ,  BULUSU MALLIK ,  ZIMMER VINCENT J ,  SAKTHIKUMAR PALSAMY

IPC: G06F9/06 ,  G06F9/22 ,  G06F13/14

Abstract: A network interface card with read-only memory having at least a micro-kernel of a cluster computing operation system, a server formed with such network interface card, and a computing cluster formed with such servers are disclosed herein. In various embodiments, on transfer, after an initial initialization phase during an initialization of a server, the network interface card loads the cluster computing operation system into system memory of the server, to enable the server, in conjunction with other similarly provisioned servers to form a computing cluster. Other embodiments are also disclosed and claimed.

公开(公告)号：EP2973139A4

公开(公告)日：2016-10-26

申请号：EP13877987

申请日：2013-03-15

Applicant: INTEL CORP

Inventor： DONG GUO ,  YAO JIEWEN ,  ZIMMER VINCENT J ,  ROTHMAN MICHAEL A

IPC: G06F21/71 ,  G06F9/44 ,  G06F21/57 ,  H04L9/32

CPC classification number: G06F21/575 ,  G06F9/4401 ,  G06F21/71 ,  G06F2221/034 ,  G09C1/00 ,  H04L2209/127

Abstract: Technologies for improving platform initialization on a computing device include beginning initialization of a platform of the computing device using a basic input/output system (BIOS) of the computing device. A security co-processor driver module adds a security co-processor command to a command list when a security processor command is received from the BIOS module. The computing device establishes a periodic interrupt of the initialization of the platform to query the security co-processor regarding the availability of a response to a previously submitted security co-processor command, forward any responses received by the security co-processor driver module to the BIOS module, and submit the next security co-processor command in the command list to the security co-processor.

Abstract translation: 用于在计算设备上改进平台初始化的技术包括使用计算设备的基本输入/输出系统（BIOS）开始初始化计算设备的平台。 当从BIOS模块接收到安全处理器命令时，安全协处理器驱动程序模块将一个安全协处理器命令添加到命令列表中。 计算设备建立平台的初始化的周期性中断以查询安全协处理器关于对先前提交的安全协处理器命令的响应的可用性，将由安全协处理器驱动器模块接收的任何响应转发到 BIOS模块，并将命令列表中的下一个安全协处理器命令提交给安全协处理器。

公开(公告)号：EP2912588A4

公开(公告)日：2016-06-29

申请号：EP12887009

申请日：2012-10-25

Applicant: INTEL CORP

Inventor： OUYANG QIAN ,  WANG JIAN J ,  ZIMMER VINCENT J ,  ROTHMAN MICHAEL A ,  ZHANG CHAO B

IPC: G06F21/57 ,  G06F21/32

CPC classification number: G06F21/602 ,  G06F9/4406 ,  G06F21/32 ,  G06F21/575

公开(公告)号：EP3087520A4

公开(公告)日：2017-08-16

申请号：EP13900208

申请日：2013-12-24

Applicant: INTEL CORP

Inventor： SMITH NED M ,  HELDT-SHELLER NATHAN ,  MICHELIS PABLO A ,  ZIMMER VINCENT J ,  WOOD MATTHEW D ,  BECKWITH RICHARD T ,  ROTHMAN MICHAEL A

IPC: G06F21/10 ,  G06F21/60 ,  H04L29/06

CPC classification number: H04L63/0428 ,  G06F21/10 ,  G06F21/60 ,  H04L63/0485 ,  H04L2463/101 ,  H04N21/4405 ,  H04N21/4627

Abstract: The present disclosure is directed to content protection for Data as a Service (DaaS). A device may receive encrypted data from a content provider via DaaS, the encrypted data comprising at least content for presentation on the device. For example, the content provider may utilize a secure multiplex transform (SMT) module in a trusted execution environment (TEE) module to generate encoded data from the content and digital rights management (DRM) data and to generate the encrypted data from the encoded data. The device may also comprise a TEE module including a secure demultiplex transform (SDT) module to decrypt the encoded data from the encrypted data and to decode the content and DRM data from the encoded data. The SMT and SDT modules may interact via a secure communication session to validate security, distribute decryption key(s), etc. In one embodiment, a trust broker may perform TEE module validation and key distribution.

Abstract translation: 本公开针对数据即服务（DaaS）的内容保护。 设备可以经由DaaS从内容提供商接收加密的数据，加密的数据至少包括用于在设备上呈现的内容。 例如，内容提供者可以利用可信执行环境（TEE）模块中的安全多路复用变换（SMT）模块来从内容和数字权限管理（DRM）数据生成编码数据并且从编码数据生成加密数据 。 该设备还可以包括TEE模块，该TEE模块包括安全解复用转换（SDT）模块以解密来自加密数据的编码数据并解码来自编码数据的内容和DRM数据。 SMT和SDT模块可以经由安全通信会话进行交互以验证安全性，分发解密密钥等。在一个实施例中，信任代理可以执行TEE模块验证和密钥分发。

公开(公告)号：EP2761468A4

公开(公告)日：2015-06-24

申请号：EP11873492

申请日：2011-09-30

Applicant: INTEL CORP

Inventor： ZIMMER VINCENT J ,  ROTHMAN MICHAEL A ,  DORAN MARK S

IPC: G06F12/00 ,  G06F9/44 ,  G06F12/02 ,  G06F12/06

CPC classification number: G06F12/0246 ,  G06F9/4401 ,  G06F12/0238 ,  G06F12/0638 ,  G06F12/0653 ,  G06F2212/1016 ,  G06F2212/1041 ,  G06F2212/2024 ,  G06F2212/214 ,  Y02D10/13

Abstract: A non-volatile random access memory (NVRAM) is used in a computer system to perform multiple roles in a platform storage hierarchy. The NVRAM is byte-addressable by the processor and can be configured into one or more partitions, with each partition implementing a different tier of the platform storage hierarchy. The NVRAM can be used as mass storage that can be accessed without a storage driver.

公开(公告)号：AU2013215466B2

公开(公告)日：2015-12-03

申请号：AU2013215466

申请日：2013-01-24

Applicant: INTEL CORP

Inventor： ROTHMAN MICHAEL A ,  ZIMMER VINCENT J ,  DORAN MARK S ,  KINNEY MICHAEL D

IPC: G06F9/24 ,  G06F9/30

Abstract: Methods, systems and computer program products are disclosed for enhanced system boot processing that is faster to launch an operating system, as certain devices such as user input hardware devices may not be initialized unless it is determined that a user-interruption to the boot process is likely. That is, although an interface for the devices is exposed, no initialization occurs unless a call to the interface occurs. Other embodiments are described and claimed.

公开(公告)号：AU2011271088B2

公开(公告)日：2013-11-07

申请号：AU2011271088

申请日：2011-06-21

Applicant: INTEL CORP

Inventor： ZIMMER VINCENT J ,  BULUSU MALLIK ,  ROTHMAN MICHAEL A ,  SWANSON ROBERT C ,  SAKTHIKUMAR PALSAMY

IPC: G06F21/10

Abstract: Enhancing locality in a security co-processor module of a computing system may be achieved by including one or more additional attributes such as geographic location, trusted time, a hardware vendor string, and one or more environmental factors into an access control space for machine mode measurement of a computing system.

公开(公告)号：SG188991A1

公开(公告)日：2013-05-31

申请号：SG2013018726

申请日：2011-09-30

Applicant: INTEL CORP

Inventor： SAKTHIKUMAR PALSAMY ,  SWANSON ROBERT C ,  ROTHMAN MICHAEL A ,  BULUSU MALLIK ,  ZIMMER VINCENT J

Abstract: A method, apparatus, system, and computer program product for secure server system management. A payload containing system software and/or firmware updates is distributed in an on-demand, secure I/O operation. The I/O operation is performed via a secured communication channel inaccessible by the server operating system to an emulated USB drive. The secure communication channel can be established for the I/O operation only after authenticating the recipient of the payload, and the payload can be protected from access by a potentially-infected server operating system. Furthermore, the payload can be delivered on demand rather than relying on a BIOS update schedule, and the payload can be delivered at speeds of a write operation to a USB drive.