公开(公告)号：US20220222274A1

公开(公告)日：2022-07-14

申请号：US17580436

申请日：2022-01-20

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Karthik Kumar ,  Suraj Prabhakaran ,  Ramanathan Sethuraman ,  Timothy Verrall ,  Ned Smith

IPC: G06F16/27 ,  G06F3/06

Abstract: Technologies for providing dynamic persistence of data in edge computing include a device including circuitry configured to determine multiple different logical domains of data storage resources for use in storing data from a client compute device at an edge of a network. Each logical domain has a different set of characteristics. The circuitry is also to configured to receive, from the client compute device, a request to persist data. The request includes a target persistence objective indicative of an objective to be satisfied in the storage of the data. Additionally, the circuitry is configured to select, as a function of the characteristics of the logical domains and the target persistence objective, a logical domain into which to persist the data and provide the data to the selected logical domain.

公开(公告)号：US20220108266A1

公开(公告)日：2022-04-07

申请号：US17348248

申请日：2021-06-15

Applicant: Intel Corporation

Inventor： Ned Smith ,  Mats Agerstam ,  Vijay Sarathi Kesavan ,  Shilpa Sodani

IPC: G06Q10/08 ,  G06K19/07 ,  H04L9/32 ,  H04L9/08 ,  H04L9/30

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to coordinate and manage secure shipment of a package. An example shipment coordination apparatus includes an address generator and a verification engine. The example apparatus includes a shipping group coordinator to generate a group including a sender and a receiver based on a) a first digital address associated with the sender, b) a second digital address associated with the receiver, and c) at least one encryption key associated with the first digital address and/or the second digital address, the shipping group coordinator to initiate delivery instruction and manage receipt confirmation of a package at a second physical address corresponding to the second digital address based on verification of a token identifying the receiver and to provide messaging between the sender and the receiver in the group using a group encryption key to keep messages private in the group.

公开(公告)号：US20220014423A1

公开(公告)日：2022-01-13

申请号：US17485366

申请日：2021-09-25

Applicant: Intel Corporation

Inventor： Ned Smith ,  Nageen Himayat ,  Srikathyayani Srikanteswara ,  Kshitij Doshi ,  Francesc Guim Bernat ,  Satish Jha ,  Vesh Raj Sharma Banjade ,  S M Iftekharul Alam

IPC: H04L12/24 ,  H04L29/08

Abstract: Methods, apparatus, systems, and articles of manufacture are disclosed for data resiliency in an edge network environment. An example apparatus includes at least one memory, instructions in the apparatus, and processor circuitry to at least one of execute and/or instantiate the instructions to generate spectrum metadata based on spectrum data, determine a resiliency operation based on one or more resiliency requirements, generate a resiliency policy based on at least one of the resiliency operation or the one or more resiliency requirements, generate a resiliency operation map based on at least one of the resiliency policy or first identifiers of respective workloads associated with the network environment, the first identifiers including a second identifier, and, in response to identifying a FAFO event associated with the second identifier, execute the resiliency operation based on mapping the second identifier to the resiliency operation in the resiliency operation map.

公开(公告)号：US20210390186A1

公开(公告)日：2021-12-16

申请号：US17321764

申请日：2021-05-17

Applicant: Intel Corporation

Inventor： Ned Smith ,  Samuel Ortiz ,  Manohar Castelino ,  Mikko Ylinen

IPC: G06F21/57 ,  G06F21/60 ,  G06F9/455 ,  G06F21/74

Abstract: Technologies for fast launch of trusted containers include a computing device having a trusted platform module (TPM). The computing device measures a container runtime with the TPM and executes the container runtime in response to the measurement. The computing device establishes a trust relationship between the TPM and a virtual platform credential, provisions the virtual platform credential to a virtual TPM, and executes a guest environment in response to provisioning the virtual platform credential. The computing device measures a containerized application with the virtual TPM and executes the containerized application in response to the measurement. The computing device may perform a trusted computing operation in the guest environment with the virtual TPM. The virtual TPM and the containerized application may be protected with multi-key total memory encryption (MKTME) support of the computing device. State of the virtual TPM may be encrypted and persisted. Other embodiments are described and claimed.

公开(公告)号：US11068834B2

公开(公告)日：2021-07-20

申请号：US16023892

申请日：2018-06-29

Applicant: Intel Corporation

Inventor： Ned Smith ,  Mats Agerstam ,  Vijay Sarathi Kesavan ,  Shilpa Sodani

IPC: G06Q10/08 ,  G06K19/07 ,  H04L9/30 ,  H04L9/08 ,  H04L9/32

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to coordinate and manage secure shipment of a package. An example shipment coordination apparatus includes an address generator and a verification engine. The example apparatus includes a shipping group coordinator to generate a group including a sender and a receiver based on a) a first digital address associated with the sender, b) a second digital address associated with the receiver, and c) at least one encryption key associated with at least one of the first digital address or the second digital address, the shipping group coordinator to initiate delivery instruction and manage receipt confirmation of a package at a second physical address corresponding to the second digital address based on verification of a token identifying the receiver and to provide messaging between the sender and the receiver in the group using a group encryption key to keep messages private in the group.

公开(公告)号：US11017092B2

公开(公告)日：2021-05-25

申请号：US16144325

申请日：2018-09-27

Applicant: Intel Corporation

Inventor： Ned Smith ,  Samuel Ortiz ,  Manohar Castelino ,  Mikko Ylinen

IPC: G06F21/57 ,  H04L29/06 ,  G06F21/60 ,  G06F9/455 ,  G06F21/74

Abstract: Technologies for fast launch of trusted containers include a computing device having a trusted platform module (TPM). The computing device measures a container runtime with the TPM and executes the container runtime in response to the measurement. The computing device establishes a trust relationship between the TPM and a virtual platform credential, provisions the virtual platform credential to a virtual TPM, and executes a guest environment in response to provisioning the virtual platform credential. The computing device measures a containerized application with the virtual TPM and executes the containerized application in response to the measurement. The computing device may perform a trusted computing operation in the guest environment with the virtual TPM. The virtual TPM and the containerized application may be protected with multi-key total memory encryption (MKTME) support of the computing device. State of the virtual TPM may be encrypted and persisted. Other embodiments are described and claimed.

公开(公告)号：US10970103B2

公开(公告)日：2021-04-06

申请号：US16234731

申请日：2018-12-28

Applicant: Intel Corporation

Inventor： Ned Smith ,  Bing Zhu ,  Vincent Scarlata ,  Kapil Sood ,  Francesc Guim Bernat

IPC: G06F9/455

Abstract: Technologies for hybrid virtualization and secure enclave include a computing device and an edge orchestrator. The edge orchestrator securely provisions a container-enclave policy to the computing device. A VMM of the computing device constructs a platform services enclave that includes the container-enclave policy. The platform services enclave requests a local attestation report from an application enclave, and the application enclave generates the attestation report using secure enclave support of a compute engine of the computing device. The attestation report is indicative of a virtualization context of the application enclave, and may include a VM flag, a VMM flag, and a source address of the application enclave. The platform services enclave enforces the container-enclave policy based on the virtualization context of the application enclave. The platform services enclave may control access to functions of the computing device based on the virtualization context. Other embodiments are described and claimed.

公开(公告)号：US20200167205A1

公开(公告)日：2020-05-28

申请号：US16723873

申请日：2019-12-20

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Kshitij Doshi ,  Ned Smith ,  Thijs Metsch

IPC: G06F9/50 ,  G06F9/48 ,  G06F1/20

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to control processing of telemetry data at an edge platform. An example apparatus includes an orchestrator interface to, responsive to an amount of resources allocated to an orchestrator to orchestrate a workload at the edge platform meeting a first threshold, transmit telemetry data associated with the orchestrator to a computer to obtain a first orchestration result at a first granularity; a resource management controller to determine a second orchestration result at a second granularity to orchestrate the workload at the edge platform, the second granularity finer than the first granularity; and a scheduler to schedule a workload assigned to the edge platform based on the second orchestration result.

公开(公告)号：US20190141121A1

公开(公告)日：2019-05-09

申请号：US16234865

申请日：2018-12-28

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Ned Smith ,  Evan Custodio ,  Suraj Prabhkaran ,  Ignacio Astilleros Diez

IPC: H04L29/08 ,  H04L12/24 ,  H04L12/14 ,  H04L12/927

Abstract: Technologies for determining a set of edge resources to offload a workload from a client compute device based on a brokering logic provided by a service provider include a device that includes circuitry that is in communication with edge resources. The circuitry is to receive a brokering logic from a service provider receive a request from a client compute device, wherein the request includes a function to be used to execute the request and one or more parameters associated with the client compute device, determine the one or more parameters, select, as a function of the one or more parameters and the brokering logic, a physical implementation to perform the function, wherein the physical implementation indicates a set of edge resources and a performance level for each edge resource of the set of edge resources, and perform, in response to a selection of the physical implementation, the request using the set of edge resources associated with the physical implementation.

公开(公告)号：US20190141120A1

公开(公告)日：2019-05-09

申请号：US16234718

申请日：2018-12-28

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Ned Smith ,  Thomas Willhalm ,  Francesc Guim Bernat ,  Karthik Kumar ,  Timothy Verrall

IPC: H04L29/08

Abstract: Technologies for providing selective offload of execution of an application to the edge include a device that includes circuitry to determine whether a section of an application to be executed by the device is available to be offloaded. Additionally, the circuitry is to determine one or more characteristics of an edge resource available to execute the section. Further, the circuitry is to determine, as a function of the one or more characteristics and a target performance objective associated with the section, whether to offload the section to the edge resource and offload, in response to a determination to offload the section, the section to the edge resource.