公开(公告)号：GB2518796A

公开(公告)日：2015-04-01

申请号：GB201501444

申请日：2013-06-13

Applicant: INTEL CORP

Inventor： CHHABRA SIDDHARTHA ,  SAVAGAONKAR UDAY R ,  DURHAM DAVID M ,  COORAY NIRANJAN L ,  LONG MEN ,  ROZAS CARLOS V ,  TRIVEDI ALPA T NARENDRA

IPC: G06F12/14 ,  G06F21/71

Abstract: A processor includes a memory encryption engine that provides replay and confidentiality protections to a memory region. The memory encryption engine performs low-overhead parallelized tree walks along a counter tree structure. The memory encryption engine upon receiving an incoming read request for the protected memory region, performs a dependency check operation to identify dependency between the incoming read request and an in-process request and to remove the dependency when the in-process request is a read request that is not currently suspended.

公开(公告)号：GB2356763A

公开(公告)日：2001-05-30

申请号：GB0018985

申请日：2000-08-02

Applicant: HEWLETT PACKARD CO ,  INTEL CORP

Inventor： MAHON HUGH F ,  ROELING FREDRICK ,  DURHAM DAVID M ,  YAVATKAR RAJENDRA S ,  FENGER RUSSELL J

IPC: H04L12/24 ,  H04L29/06 ,  H04L29/12 ,  H04Q3/00

Abstract: Method and apparatus for assigning policies which are rules that govern the use of or access to network services. Each rule defines conditions that when evaluated true trigger actions to allow or deny the service. Techniques are disclosed which provide for explicit, flexible, and centralized assignment of policy to targets which are specified network services. These techniques include explicitly associating a policy with a network resource or process, grouping policy related processes, grouping related targets, associating groups of targets with groups of policies, mapping a user name contained in a policy to an associated network address such as an Internet Protocol (IP) address, and providing dynamically mapped policy identified user and host names with associated network addresses, such as IP addresses, to client processes.

公开(公告)号：GB2356316A

公开(公告)日：2001-05-16

申请号：GB0018983

申请日：2000-08-02

Applicant: HEWLETT PACKARD CO ,  INTEL CORP

Inventor： MAHON HUGH F ,  DURHAM DAVID M ,  FENGER RUSSELL J

IPC: H04L29/06 ,  H04Q3/00

Abstract: Method and apparatus for assigning policies [210] which are rules [210] that govern the use of or access to network [120] services. Each rule [210] defines conditions that when evaluated true trigger actions to allow or deny the service. Techniques are disclosed which provide for explicit, flexible, and centralized assignment of policy [210] to targets [110] which are specified network [120] services. These techniques include explicitly associating a policy [210] with a network [120] resource or process, grouping policy [210] related processes, grouping related targets [110] , associating groups of targets [300] not shown with groups of policies [400] not shown, mapping a user name [980] not shown contained in a policy [210] to an associated network address [690] such as an Internet Protocol (IP) address [690] , and providing dynamically mapped policy identified user and host names [980,680] not shown with associated network addresses [690] , such as IP addresses [690] , to client processes [660] .

公开(公告)号：EP2917869A4

公开(公告)日：2016-05-11

申请号：EP13853993

申请日：2013-10-23

Applicant: INTEL CORP

Inventor： DEWAN PRASHANT ,  LI HONG ,  DURHAM DAVID M

IPC: G06F21/53 ,  G06F11/30

CPC classification number: G06F21/53

Abstract: In some embodiments, a filter may filter web graphics library code executing on the graphics processing unit. As a result the web graphics library code may be prevented from accessing memory or other resources that are not allocated specifically for the web graphics library module. Likewise web graphics library code may not access any shared resources that have been explicitly assigned to the process specific web graphics library module.

公开(公告)号：EP2880590A4

公开(公告)日：2016-02-17

申请号：EP13825928

申请日：2013-07-09

Applicant: INTEL CORP

Inventor： DURHAM DAVID M ,  KANG XIAOZHU ,  DEWAN PRASHANT ,  LONG MEN ,  GREWAL KARANVIR S

IPC: G06F21/60 ,  G06F21/10 ,  G06F21/32 ,  H04L29/06

CPC classification number: G06F21/10 ,  G06F21/32 ,  H04L9/0866 ,  H04L63/045 ,  H04L63/0861

公开(公告)号：EP2791855A4

公开(公告)日：2015-08-12

申请号：EP11877297

申请日：2011-12-15

Applicant: INTEL CORP

Inventor： DURHAM DAVID M ,  LONG MEN ,  GREWAL KARANVIR S ,  DEWAN PRASHANT ,  KANG XIAOZHU

IPC: G06F21/60 ,  G06F15/16 ,  H04L29/06 ,  H04N21/2347

CPC classification number: H04L9/28 ,  G06F21/6263 ,  G06F2221/2107 ,  H04L9/065 ,  H04L63/0428 ,  H04N1/4486 ,  H04N21/2743 ,  H04N21/4405 ,  H04N21/4408 ,  H04N21/4788 ,  H04N21/8153

Abstract: An apparatus and method for preserving image privacy when manipulated by cloud services includes middleware for receiving an original image, splitting the original image into two sub-images, where the RGB pixel values of the sub-images have a bit value that is less than RGB pixel values of the original image. The sub-images are encrypted by adding a keystream to the RGB pixel values of the sub-images. The sub-image data is transmitted to a cloud service such as a social network or photo-sharing site, which manipulate the images by resizing, cropping, filtering, or the like. The sub-image data is received by the middleware and is successfully decrypted irrespective of the manipulations performed by the cloud services. In an alternative embodiment, the blocks of the original image are permutated when encrypted, and then reverse-permutated when decrypted.

公开(公告)号：EP2691851A4

公开(公告)日：2015-01-14

申请号：EP11862405

申请日：2011-12-29

Applicant: INTEL CORP

Inventor： SAHITA RAVI L ,  DURHAM DAVID M ,  DEWAN PRASHANT ,  CASTELINO MANOHAR R

IPC: G06F11/36 ,  G06F9/30 ,  G06F9/44 ,  G06F11/00 ,  G06F21/54

CPC classification number: G06F21/54 ,  G06F11/3644 ,  G06F21/566

公开(公告)号：EP3238070A4

公开(公告)日：2018-07-25

申请号：EP15873828

申请日：2015-12-26

Applicant: INTEL CORP

Inventor： BACHWANI REKHA N ,  SAHITA RAVI L ,  DURHAM DAVID M

IPC: G06F12/00

CPC classification number: G06F12/14 ,  G06F12/10 ,  G06F12/1408 ,  G06F12/1441 ,  G06F2212/1052 ,  G06F2212/657

Abstract: A system includes, in various implementations, a memory and a processor with one or more volatile registers. The processor regulates access to portions of the memory. The processor can load a secret value into the volatile register in response to executing a program stored in an execute-only portion of the memory. The processor is configured to lose, in response to an asynchronous event, information loaded in the volatile registers.

公开(公告)号：EP2798577A4

公开(公告)日：2016-09-28

申请号：EP11878347

申请日：2011-12-27

Applicant: INTEL CORP

Inventor： DEWAN PRASHANT ,  DURHAM DAVID M ,  HUANG LING ,  GREWAL KARANVIR S ,  KANG XIAOZHU

IPC: G06K9/00 ,  G06F21/32 ,  G06K9/46

CPC classification number: G06F21/32 ,  G06K9/00288 ,  G06K9/00899

Abstract: A password-less method for authenticating a user includes capturing one or more images of a face of the user and comparing the one or more images with a previously collected face template. Randomly selected colored light and randomized blinking patterns are used to capture the images of the user. Such captured images are compared to previously collected face templates, thereby thwarting spoof attacks. A secret image, known only to the user and the device, is moved from one area of the display to another randomly selected area, using the movements of the user's head or face, thereby providing a Turing based challenge. Protected audio video path (PAVP) enabled devices and components are used to protect the challenge from malware attacks.

Abstract translation: 用于认证用户的密码更少方法包括捕获用户面部的中的一个或多个图像和所述一个或多个图像与以前收集到的脸部模板进行比较。 随机选择的色光和随机化的闪烁模式用于捕捉用户的图像。 搜索捕捉到的图像对比于之前收集到的脸部模板，从而挫败欺骗攻击。 秘密图像，只知道用户和设备中，从显示器的一个区域移动到另一个随机选择的区域中，使用用户的头部或脸部的运动，从而提供一个基于图灵挑战。 受保护的音频视频路径（PAVP）的设备和部件被用于防止恶意软件攻击的挑战。

公开(公告)号：EP2801025A4

公开(公告)日：2015-08-26

申请号：EP12864336

申请日：2012-01-04

Applicant: INTEL CORP

Inventor： THOMAS RAMESH ,  TSENG KUO-LANG ,  SAHITA RAVI L ,  DURHAM DAVID M ,  TALLAM MADHUKAR

IPC: G06F9/30 ,  G06F9/46 ,  G06F12/08 ,  G06F12/14 ,  G06F15/80

CPC classification number: G06F12/145 ,  G06F9/468 ,  G06F12/1425 ,  G06F2009/45583 ,  G06F2009/45587

Abstract: Embodiments of techniques and systems for increasing efficiencies in computing systems using virtual memory are described. In embodiments, instructions which are located in two memory pages in a virtual memory system, such that one of the pages does not permit execution of the instructions located therein, are identified and then executed under temporary permissions that permit execution of the identified instructions. In various embodiments, the temporary permissions may come from modified virtual memory page tables, temporary virtual memory page tables which allow for execution, and/or emulators which have root access. In embodiments, per-core virtual memory page tables may be provided to allow two cores of a computer processor to operate in accordance with different memory access permissions. In embodiments, a physical page permission table may be utilized to provide for maintenance and tracking of per-physical-page memory access permissions. Other embodiments may be described and claimed.