公开(公告)号：US12229270B2

公开(公告)日：2025-02-18

申请号：US18538787

申请日：2023-12-13

Applicant: Intel Corporation

Inventor： Prashant Dewan ,  Nivedita Aggarwal

IPC: G06F21/57 ,  H04L9/08

Abstract: An apparatus to facilitate permissions at a computing system platform is disclosed. The apparatus includes a plurality of agents, each including a non-volatile memory storing firmware executed to perform a function associated with the agent and attestation hardware to detect an update at the computing system platform, generate a cryptographic key associated with each of the plurality of agents, perform an attestation with a relying party using the generated cryptographic keys and receive a tuple associated with each of the plurality of agents, wherein a tuple includes one or more permissions indicating platform resources an agent is permitted to access.

公开(公告)号：US12022013B2

公开(公告)日：2024-06-25

申请号：US17134363

申请日：2020-12-26

Applicant: Intel Corporation

Inventor： Siddhartha Chhabra ,  Prashant Dewan ,  Baiju Patel

IPC: H04L29/06 ,  G06F9/30 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04L9/3278 ,  G06F9/30098 ,  G06F9/30145 ,  H04L9/0861 ,  H04L9/0894

Abstract: Techniques for encrypting data using a key generated by a physical unclonable function (PUF) are described. An apparatus according to the present disclosure may include decoder circuitry to decode an instruction and generate a decoded instruction. The decoded instruction includes operands and an opcode. The opcode indicates that execution circuitry is to encrypt data using a key generated by a PUF. The apparatus may further include execution circuitry to execute the decoded instruction according to the opcode to encrypt the data to generate encrypted data using the key generated by the PUF.

公开(公告)号：US20240152619A1

公开(公告)日：2024-05-09

申请号：US18538787

申请日：2023-12-13

Applicant: Intel Corporation

Inventor： Prashant Dewan ,  Nivedita Aggarwal

IPC: G06F21/57 ,  H04L9/08

CPC classification number: G06F21/572 ,  H04L9/0816

Abstract: An apparatus to facilitate permissions at a computing system platform is disclosed. The apparatus includes a plurality of agents, each including a non-volatile memory storing firmware executed to perform a function associated with the agent and attestation hardware to detect an update at the computing system platform, generate a cryptographic key associated with each of the plurality of agents, perform an attestation with a relying party using the generated cryptographic keys and receive a tuple associated with each of the plurality of agents, wherein a tuple includes one or more permissions indicating platform resources an agent is permitted to access.

公开(公告)号：US11861009B2

公开(公告)日：2024-01-02

申请号：US17131959

申请日：2020-12-23

Applicant: Intel Corporation

Inventor： Prashant Dewan ,  Nivedita Aggarwal

IPC: G06F21/57 ,  H04L9/08

CPC classification number: G06F21/572 ,  H04L9/0816

Abstract: An apparatus to facilitate permissions at a computing system platform is disclosed. The apparatus includes a plurality of agents, each including a non-volatile memory storing firmware executed to perform a function associated with the agent and attestation hardware to detect an update at the computing system platform, generate a cryptographic key associated with each of the plurality of agents, perform an attestation with a relying party using the generated cryptographic keys and receive a tuple associated with each of the plurality of agents, wherein a tuple includes one or more permissions indicating platform resources an agent is permitted to access.

公开(公告)号：US11811772B2

公开(公告)日：2023-11-07

申请号：US17127579

申请日：2020-12-18

Applicant: Intel Corporation

Inventor： Hong C. Li ,  John B. Vicente ,  Prashant Dewan

IPC: H04L9/40 ,  G06F21/51 ,  G06F21/53 ,  H04L67/02

CPC classification number: H04L63/101 ,  G06F21/51 ,  G06F21/53 ,  G06F2221/2119 ,  H04L67/02

Abstract: Systems and methods may provide for receiving web content and determining a trust level associated with the web content. Additionally, the web content may be mapped to an execution environment based at least in part on the trust level. In one example, the web content is stored to a trust level specific data container.

公开(公告)号：US11706039B2

公开(公告)日：2023-07-18

申请号：US17134364

申请日：2020-12-26

Applicant: Intel Corporation

Inventor： Siddhartha Chhabra ,  Prashant Dewan ,  Baiju Patel

IPC: H04L9/32 ,  G06F9/30 ,  H04L9/08

CPC classification number: H04L9/3278 ,  G06F9/30098 ,  G06F9/30145 ,  H04L9/0861

Abstract: Techniques for encrypting data using a key generated by a physical unclonable function (PUF) are described. An apparatus according to the present disclosure may include decoder circuitry to decode an instruction and generate a decoded instruction. The decoded instruction includes operands and an opcode. The opcode indicates that execution circuitry is to encrypt data using a key generated by a PUF. The apparatus may further include execution circuitry to execute the decoded instruction according to the opcode to encrypt the data to generate encrypted data using the key generated by the PUF.

公开(公告)号：US11700135B2

公开(公告)日：2023-07-11

申请号：US17134360

申请日：2020-12-26

Applicant: Intel Corporation

Inventor： Siddhartha Chhabra ,  Prashant Dewan ,  Baiju Patel ,  Vedvyas Shanbhogue

IPC: H04L9/32 ,  G06F9/30 ,  G06F12/14 ,  H04L9/08

CPC classification number: H04L9/3278 ,  G06F9/30145 ,  G06F12/1408 ,  H04L9/0866 ,  H04L9/3242

Abstract: Techniques for encrypting data using a key generated by a physical unclonable function (PUF) are described. An apparatus according to the present disclosure may include decoder circuitry to decode an instruction and generate a decoded instruction. The decoded instruction includes operands and an opcode. The opcode indicates that execution circuitry is to encrypt data using a key generated by a PUF. The apparatus may further include execution circuitry to execute the decoded instruction according to the opcode to encrypt the data to generate encrypted data using the key generated by the PUF.

公开(公告)号：US20230169173A1

公开(公告)日：2023-06-01

申请号：US18088730

申请日：2022-12-26

Applicant: Intel Corporation

Inventor： Aditya Katragada ,  Prashant Dewan ,  Karunakara Kotary ,  Vinupama Godavarthi ,  Kumar Dwarakanath ,  Alex Izbinsky ,  Purushottam Goel

IPC: G06F21/57 ,  G06F21/72 ,  G06F9/445

CPC classification number: G06F21/572 ,  G06F21/72 ,  G06F9/445 ,  G06F2221/033

Abstract: An integrated circuit provides a firmware dashboard to communicatively couple to a basic input/output system (BIOS), and provide to the BIOS a firmware load interface, and an intellectual property (IP) block interface to communicatively couple to an IP block, wherein the IP block provides a push model to load a firmware or a pull model to load the firmware, and wherein the firmware dashboard provides a common load flow to the BIOS for both the push model and pull model.

公开(公告)号：US20230100106A1

公开(公告)日：2023-03-30

申请号：US17483904

申请日：2021-09-24

Applicant: Intel Corporation

Inventor： Prashant Dewan ,  Siddhartha Chhabra ,  Robert Royer, JR. ,  Baiju Patel

IPC: G06F12/14 ,  G06F3/06

Abstract: In one embodiment, an apparatus includes: an access control circuit to receive a memory transaction directed to a storage, the memory transaction having a requester ID and a key ID; a first memory to store an access control table, the access control table having a plurality of entries each to store a requester ID and at least one key ID; and a cryptographic circuit coupled to the access control circuit, the cryptographic circuit to perform a cryptographic operation on data associated with the memory transaction based at least in part on the key ID. The apparatus may be implemented as an inline engine coupled between the storage and an accelerator, the inline engine to provide decrypted data to the accelerator, the storage to store encrypted data. Other embodiments are described and claimed.

公开(公告)号：US20220417042A1

公开(公告)日：2022-12-29

申请号：US17358238

申请日：2021-06-25

Applicant: Intel Corporation

Inventor： Siddhartha Chhabra ,  Prashant Dewan

IPC: H04L9/32 ,  H04L9/08

Abstract: Methods and apparatus relating to provision of platform sealing secrets using a Physically Unclonable Function (PUF) with Trusted Computing Based (TCB) Recoverability are described. In an embodiment, decode circuitry decodes an instruction to determine data to be cryptographically protected and a challenge for a Physically Unclonable Function (PUF) circuitry. Execution circuitry executes the decoded instruction to cryptographically protect the data in accordance with a key, wherein the PUF circuitry is to generate the key in response to the challenge. Other embodiments are also disclosed and claimed.