公开(公告)号：WO2015047789A1

公开(公告)日：2015-04-02

申请号：PCT/US2014/055807

申请日：2014-09-16

Applicant: INTEL CORPORATION ,  CHHABRA, Siddhartha ,  SAVAGAONKAR, Uday R. ,  GOLDSMITH, Michael A. ,  JOHNSON, Simon P. ,  LESLIE-HURD, Rebekah M. ,  MCKEEN, Francis X. ,  NEIGER, Gilbert ,  MAKARAM, Raghunandan ,  ROZAS, Carlos V. ,  SANTONI, Amy L. ,  SCARLATA, Vincent R. ,  SHANBHOGUE, Vedvyas ,  SMITH, Wesley H. ,  ANATI, Ittai ,  ALEXANDROVICH, Ilya

Inventor： CHHABRA, Siddhartha ,  SAVAGAONKAR, Uday R. ,  GOLDSMITH, Michael A. ,  JOHNSON, Simon P. ,  LESLIE-HURD, Rebekah M. ,  MCKEEN, Francis X. ,  NEIGER, Gilbert ,  MAKARAM, Raghunandan ,  ROZAS, Carlos V. ,  SANTONI, Amy L. ,  SCARLATA, Vincent R. ,  SHANBHOGUE, Vedvyas ,  SMITH, Wesley H. ,  ANATI, Ittai ,  ALEXANDROVICH, Ilya

IPC: G06F21/79 ,  G06F12/14

CPC classification number: G06F12/1408 ,  G06F9/45558 ,  G06F12/0808 ,  G06F12/0897 ,  G06F12/1027 ,  G06F2009/45587 ,  G06F2212/1032 ,  G06F2212/1048 ,  G06F2212/152

Abstract: Secure memory repartitioning technologies are described. A processor includes a processor core and a memory controller coupled between the processor core and main memory. The main memory includes a memory range including a section of convertible pages are convertible to secure pages or non-secure pages. The processor core, in response to a page conversion instruction, is to determine from the instruction a convertible page in the memory range to be converted and convert the convertible page to be at least one of a secure page or a non-secure page. The memory range may also include a hardware reserved section are convertible in response to a section conversion instruction.

Abstract translation: 描述了安全的内存重新分区技术。 处理器包括耦合在处理器核心和主存储器之间的处理器核心和存储器控制器。 主存储器包括一个内存范围，包括可转换页面的一部分可转换为安全页面或非安全页面。 响应于页面转换指令的处理器核心是从指令中确定要转换的存储器范围内的可转换页面，并将可转换页面转换为安全页面或非安全页面中的至少一个页面。 存储器范围还可以包括可响应于段转换指令而转换的硬件保留部分。

公开(公告)号：WO2011078855A1

公开(公告)日：2011-06-30

申请号：PCT/US2009069212

申请日：2009-12-22

Applicant: INTEL CORP ,  MCKEEN FRANCIS X ,  ROZAS CARLOS V ,  SAVAGANKAR UDAY R ,  JOHNSON SIMON P ,  SCARLATA VINCENT R ,  GOLDSMITH MICHAEL A ,  BRICKELL ERNIE ,  LI JIANGTAO ,  HERBERT HOWARD C ,  DEWAN PRASHANT ,  TOLOPKA STEPHEN J ,  NEIGER GILBERT ,  DURHAM DAVID ,  GRAUNKE GARY ,  LINT BERNARD ,  VAN DYKE DON A ,  CIHULA JOSEPH ,  JEYASINGH STALINSELVARAJ ,  VAN DOREN STEPHEN R ,  RODGERS DION ,  GARNEY JOHN

Inventor： MCKEEN FRANCIS X ,  ROZAS CARLOS V ,  SAVAGANKAR UDAY R ,  JOHNSON SIMON P ,  SCARLATA VINCENT R ,  GOLDSMITH MICHAEL A ,  BRICKELL ERNIE ,  LI JIANGTAO ,  HERBERT HOWARD C ,  DEWAN PRASHANT ,  TOLOPKA STEPHEN J ,  NEIGER GILBERT ,  DURHAM DAVID ,  GRAUNKE GARY ,  LINT BERNARD ,  VAN DYKE DON A ,  CIHULA JOSEPH ,  JEYASINGH STALINSELVARAJ ,  VAN DOREN STEPHEN R ,  RODGERS DION ,  GARNEY JOHN

IPC: G06F9/44 ,  G06F12/02 ,  G06F13/14 ,  G06F21/72 ,  G06F21/74

CPC classification number: G06F12/1491 ,  G06F12/0802 ,  G06F12/10 ,  G06F21/72 ,  G06F21/74 ,  G06F2221/2105

Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.

Abstract translation: 一种在计算机系统内实现安全应用和数据完整性的技术。 在一个实施例中，建立一个或多个安全空间，其中可以存储和执行应用和数据。

公开(公告)号：WO2014105160A1

公开(公告)日：2014-07-03

申请号：PCT/US2013/047332

申请日：2013-06-24

Applicant: INTEL CORPORATION ,  MCKEEN, Francis X. ,  GOLDSMITH, Michael A. ,  HUNTLEY, Barrey E. ,  JOHNSON, Simon P. ,  LESLIE-HURD, Rebekah ,  ROZAS, Carlos V. ,  SAVAGAONKAR, Uday R. ,  SCARLATA, Vincent R. ,  SHANBHOGUE, Vedvyas ,  SMITH, Wesley H. ,  NEIGER, Gilbert

Inventor： MCKEEN, Francis X. ,  GOLDSMITH, Michael A. ,  HUNTLEY, Barrey E. ,  JOHNSON, Simon P. ,  LESLIE-HURD, Rebekah ,  ROZAS, Carlos V. ,  SAVAGAONKAR, Uday R. ,  SCARLATA, Vincent R. ,  SHANBHOGUE, Vedvyas ,  SMITH, Wesley H. ,  NEIGER, Gilbert

IPC: G06F12/14 ,  G06F12/08

CPC classification number: G06F21/60 ,  G06F12/0875 ,  G06F12/14 ,  G06F12/145 ,  G06F21/72 ,  G06F2212/1052 ,  G06F2212/152 ,  G06F2212/452

Abstract: Embodiments of an invention for logging in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive an instruction having an associated enclave page cache address. The execution unit is to execute the instruction without causing a virtual machine exit, wherein execution of the instruction includes logging the instruction and the associated enclave page cache address.

Abstract translation: 公开了用于登录安全飞行器的发明的实施例。 在一个实施例中，处理器包括指令单元和执行单元。 该指令单元用于接收具有关联的飞地页面缓存地址的指令。 执行单元执行指令而不引起虚拟机退出，其中指令的执行包括记录指令和关联的飞地页面缓存地址。

公开(公告)号：WO2014105159A1

公开(公告)日：2014-07-03

申请号：PCT/US2013/047322

申请日：2013-06-24

Applicant: INTEL CORPORATION ,  MCKEEN, Francis X. ,  GOLDSMITH, Michael A. ,  HUNTLEY, Barry E. ,  JOHNSON, Simon P. ,  LESLIE-HURD, Rebekah ,  ROZAS, Carlos V. ,  SAVAGAONKAR, Uday R. ,  SCARLATA, Vincent R. ,  SHANBHOGUE, Vedvyas ,  SMITH, Wesley H. ,  ANATI, Ittai ,  ALEXANDROVICH, Ilya ,  BERENZON, Alex ,  NEIGER, Gilbert

Inventor： MCKEEN, Francis X. ,  GOLDSMITH, Michael A. ,  HUNTLEY, Barry E. ,  JOHNSON, Simon P. ,  LESLIE-HURD, Rebekah ,  ROZAS, Carlos V. ,  SAVAGAONKAR, Uday R. ,  SCARLATA, Vincent R. ,  SHANBHOGUE, Vedvyas ,  SMITH, Wesley H. ,  ANATI, Ittai ,  ALEXANDROVICH, Ilya ,  BERENZON, Alex ,  NEIGER, Gilbert

IPC: G06F12/14

CPC classification number: G06F12/0804 ,  G06F9/30047 ,  G06F12/0875 ,  G06F12/1408 ,  G06F2212/1052 ,  G06F2212/402

Abstract: Embodiments of an invention for paging in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive a first instruction. The execution unit is to execute the first instruction, wherein execution of the first instruction includes evicting a first page from an enclave page cache.

Abstract translation: 公开了用于在安全飞行器中寻呼的发明的实施例。 在一个实施例中，处理器包括指令单元和执行单元。 指令单元接收第一条指令。 执行单元执行第一指令，其中第一指令的执行包括从飞地页面缓存中逐出第一页。

公开(公告)号：WO2014008399A1

公开(公告)日：2014-01-09

申请号：PCT/US2013/049325

申请日：2013-07-03

Applicant: INTEL CORPORATION ,  JANUS, Scott ,  LAYTON, Kenneth T. ,  GOLDSMITH, Michael A.

Inventor： JANUS, Scott ,  LAYTON, Kenneth T. ,  GOLDSMITH, Michael A.

IPC: G06F21/30 ,  G06F21/10

CPC classification number: G06F21/31 ,  G06F21/32 ,  G06F21/6245 ,  G06F21/84 ,  H04L63/0861 ,  H04L2463/082

Abstract: A method and computing device for continuous multi-factor authentication are included in which a plurality of valid authentication credentials may be detected. Also, an authorized user may be detected within a viewing area. Additionally, an unauthorized object may be detected in the viewing area. Furthermore, a display device may be prevented from displaying content.

Abstract translation: 包括用于连续多因素认证的方法和计算装置，其中可以检测多个有效的认证证书。 此外，可以在观看区域内检测到授权用户。 此外，可以在观看区域中检测到未经授权的对象。 此外，可以防止显示装置显示内容。

公开(公告)号：WO2010057065A3

公开(公告)日：2010-08-19

申请号：PCT/US2009064493

申请日：2009-11-14

Applicant: INTEL CORP ,  MCKEEN FRANK ,  SAVAGAONKAR UDAY ,  ROZAS CARLOS V ,  GOLDSMITH MICHAEL A ,  HERBERT HOWARD C ,  ALTMAN ASHER ,  GRAUNKE GARY ,  DURHAM DAVID ,  JOHNSON SIMON P ,  KOUNAVIS MICHAEL E ,  SCARLATA VINCENT R ,  CIHULA JOSEPH ,  JEYASINGH STALINSELVARAJ ,  LINT BERNARD ,  NEIGER GIL ,  RODGERS DION ,  BRICKELL ERNIE ,  LI JIANGUO

Inventor： MCKEEN FRANK ,  SAVAGAONKAR UDAY ,  ROZAS CARLOS V ,  GOLDSMITH MICHAEL A ,  HERBERT HOWARD C ,  ALTMAN ASHER ,  GRAUNKE GARY ,  DURHAM DAVID ,  JOHNSON SIMON P ,  KOUNAVIS MICHAEL E ,  SCARLATA VINCENT R ,  CIHULA JOSEPH ,  JEYASINGH STALINSELVARAJ ,  LINT BERNARD ,  NEIGER GIL ,  RODGERS DION ,  BRICKELL ERNIE ,  LI JIANGUO

IPC: G06F3/06 ,  G06F9/06 ,  G06F9/44 ,  G06F21/56

CPC classification number: G06F9/30043 ,  G06F9/30032 ,  G06F21/56

Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.

Abstract translation: 一种在计算机系统内实现安全应用程序和数据完整性的技术。 在一个实施例中，建立一个或多个安全区域，其中可以存储和执行应用程序和数据。

公开(公告)号：WO2010057065A2

公开(公告)日：2010-05-20

申请号：PCT/US2009/064493

申请日：2009-11-14

Applicant: INTEL CORPORATION ,  MCKEEN, Frank ,  SAVAGAONKAR, Uday ,  ROZAS, Carlos, V. ,  GOLDSMITH, Michael, A. ,  HERBERT, Howard, C. ,  ALTMAN, Asher ,  GRAUNKE, Gary ,  DURHAM, David ,  JOHNSON, Simon, P. ,  KOUNAVIS, Michael, E. ,  SCARLATA, Vincent, R. ,  CIHULA, Joseph ,  JEYASINGH, Stalinselvaraj ,  LINT, Bernard ,  NEIGER, Gil ,  RODGERS, Dion ,  BRICKELL, Ernie ,  LI, Jianguo

Inventor： MCKEEN, Frank ,  SAVAGAONKAR, Uday ,  ROZAS, Carlos, V. ,  GOLDSMITH, Michael, A. ,  HERBERT, Howard, C. ,  ALTMAN, Asher ,  GRAUNKE, Gary ,  DURHAM, David ,  JOHNSON, Simon, P. ,  KOUNAVIS, Michael, E. ,  SCARLATA, Vincent, R. ,  CIHULA, Joseph ,  JEYASINGH, Stalinselvaraj ,  LINT, Bernard ,  NEIGER, Gil ,  RODGERS, Dion ,  BRICKELL, Ernie ,  LI, Jianguo

IPC: G06F21/24 ,  G06F9/06 ,  G06F3/06 ,  G06F9/44

CPC classification number: G06F9/30043 ,  G06F9/30032 ,  G06F21/56

Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.

Abstract translation: 一种在计算机系统内实现安全应用和数据完整性的技术。 在一个实施例中，建立一个或多个安全空间，其中可以存储和执行应用和数据。

公开(公告)号：WO2006012291A3

公开(公告)日：2006-08-03

申请号：PCT/US2005022467

申请日：2005-06-22

Applicant: INTEL CORP ,  GOLDSMITH MICHAEL A

Inventor： GOLDSMITH MICHAEL A

IPC: G06F13/38 ,  G06F9/455 ,  G06F13/10

CPC classification number: G06F13/382

Abstract: A physical device has core function circuitry that is to perform a core I/O function of a computer system. Multiple client interface circuits are provided, each of which presents itself as a complete device to a software client in the system, to access the core function circuitry. Multiplexing circuitry couples the client interfaces to the core I/O functionality. Other embodiments are also described and claimed.

Abstract translation: 物理设备具有执行计算机系统的核心I / O功能的核心功能电路。 提供了多个客户端接口电路，每个客户端接口电路将其自身呈现为系统中的软件客户端的完整设备，以访问核心功能电路。 多路复用电路将客户端接口耦合到核心I / O功能。 还描述和要求保护其他实施例。

公开(公告)号：WO2011078855A9

公开(公告)日：2011-06-30

申请号：PCT/US2009/069212

申请日：2009-12-22

Applicant: INTEL CORPORATION ,  MCKEEN, Francis X. ,  ROZAS, Carlos V. ,  SAVAGANKAR, Uday R. ,  JOHNSON, Simon P. ,  SCARLATA, Vincent R. ,  GOLDSMITH, Michael A. ,  BRICKELL, Ernie ,  LI, JiangTao ,  HERBERT, Howard C. ,  DEWAN, Prashant ,  TOLOPKA, Stephen J. ,  NEIGER, Gilbert ,  DURHAM, David ,  GRAUNKE, Gary ,  LINT, Bernard ,  VAN DYKE, Don A. ,  CIHULA, Joseph ,  JEYASINGH, Stalinselvaraj ,  VAN DOREN, Stephen R. ,  RODGERS, Dion ,  GARNEY, John

Inventor： MCKEEN, Francis X. ,  ROZAS, Carlos V. ,  SAVAGANKAR, Uday R. ,  JOHNSON, Simon P. ,  SCARLATA, Vincent R. ,  GOLDSMITH, Michael A. ,  BRICKELL, Ernie ,  LI, JiangTao ,  HERBERT, Howard C. ,  DEWAN, Prashant ,  TOLOPKA, Stephen J. ,  NEIGER, Gilbert ,  DURHAM, David ,  GRAUNKE, Gary ,  LINT, Bernard ,  VAN DYKE, Don A. ,  CIHULA, Joseph ,  JEYASINGH, Stalinselvaraj ,  VAN DOREN, Stephen R. ,  RODGERS, Dion ,  GARNEY, John

IPC: G06F21/24 ,  G06F13/14 ,  G06F9/44 ,  G06F12/02

Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.

公开(公告)号：WO2006012291A2

公开(公告)日：2006-02-02

申请号：PCT/US2005/022467

申请日：2005-06-22

Applicant: INTEL CORPORATION ,  GOLDSMITH, Michael, A

Inventor： GOLDSMITH, Michael, A

IPC: G06F13/10

CPC classification number: G06F13/382

Abstract: A physical device has core function circuitry that is to perform a core I/O function of a computer system. Multiple client interface circuits are provided, each of which presents itself as a complete device to a software client in the system, to access the core function circuitry. Multiplexing circuitry couples the client interfaces to the core I/O functionality. Other embodiments are also described and claimed.

Abstract translation: 物理设备具有执行计算机系统的核心I / O功能的核心功能电路。 提供多个客户端接口电路，其中每个客户端接口电路将其自身呈现为系统中的软件客户端的完整设备，以访问核心功能电路。 复用电路将客户端接口连接到核心I / O功能。 其他实施例也被描述和要求保护。