公开(公告)号：WO0175595A3

公开(公告)日：2002-07-25

申请号：PCT/US0108374

申请日：2001-03-14

Applicant: INTEL CORP ,  ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

Inventor： ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F21/00 ,  G06F12/14

CPC classification number: G06F21/53 ,  G06F9/30189 ,  G06F12/1491 ,  G06F21/567 ,  G06F21/71 ,  G06F21/74 ,  G06F21/85 ,  G06F2221/2105 ,  G06F2221/2141 ,  G06F2221/2145

Abstract: An access transaction generated by a processor is configured using a configuration storage containing a configuration setting. The processor has a normal execution mode and an isolated execution mode. The access transaction has access information. Access to the configuration storage is controlled. An access grant signal is generated using the configuration setting and the access information. The access grant signal indicates if the access transaction is valid.

Abstract translation: 使用包含配置设置的配置存储来配置由处理器生成的访问事务。 处理器具有正常执行模式和隔离执行模式。 访问事务具有访问信息。 控制对配置存储的访问。 使用配置设置和访问信息生成访问许可信号。 访问许可信号指示访问事务是否有效。

公开(公告)号：WO0175563A3

公开(公告)日：2002-05-23

申请号：PCT/US0108365

申请日：2001-03-14

Applicant: INTEL CORP ,  ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

Inventor： ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F21/22 ,  G06F21/00 ,  G09C1/00 ,  H04L9/08 ,  H04L9/10 ,  G06F1/00

CPC classification number: G06F21/53 ,  G06F21/57 ,  G06F2221/2101 ,  G06F2221/2105

Abstract: The present invention is a method, apparatus, and system to generate a key hierarchy for use in an isolated execution environment of a protected platform. In order to bind secrets to particular code operating in isolated execution, a key hierarchy comprising a series of symmetric keys for a standard symmetric cipher is utilized. The protected platform includes a processor that is configured in one of a normal execution mode and an isolated execution mode. A key storage stores an initial key that is unique for the platform. A cipher key creator located in the protected platform creates the hierarchy of keys based upon the initial key. The cipher key creator creates a series of symmetric cipher keys to protect the secrets of loaded software code.

Abstract translation: 本发明是一种用于生成在受保护平台的隔离执行环境中使用的密钥层级的方法，装置和系统。 为了将秘密绑定到在隔离执行中操作的特定代码，使用包括用于标准对称密码的一系列对称密钥的密钥层次。 受保护平台包括被配置为正常执行模式和隔离执行模式之一的处理器。 密钥存储存储该平台独有的初始密钥。 位于受保护平台中的加密密钥创建者基于初始密钥创建密钥的层次结构。 密码密钥创建者创建一系列对称密钥，以保护加载的软件代码的秘密。

公开(公告)号：WO0022512A9

公开(公告)日：2000-09-21

申请号：PCT/US9923600

申请日：1999-10-08

Applicant: INTEL CORP ,  MAKINENI SIVAKUMAR ,  KIMN SUNNHYUK ,  DOSHI GAUTAM B ,  GOLLIVER ROGER A

Inventor： MAKINENI SIVAKUMAR ,  KIMN SUNNHYUK ,  DOSHI GAUTAM B ,  GOLLIVER ROGER A

IPC: G06F9/302 ,  G06F9/38 ,  G06F17/16

CPC classification number: G06F9/3885 ,  G06F9/30014 ,  G06F9/30036 ,  G06F9/3893

Abstract: A system (100) for processing SIMD operands (260(a), 260(b)) in a packed data format (250) includes a scalar FMAC (140) and a vector FMAC (130) coupled to a register file through an operand delivery module (120). For vector operations, the operand delivery module (120) bit steers a SIMD Operand (260(a), 260(b)) of the packed operand (250) into an unpacked operand (200) for processing by the first execution unit (140). Another SIMD operand (260(a), 260(b)) is processed by the vector execution unit (130).

Abstract translation: 用于以打包数据格式（250）处理SIMD操作数（260（a），260（b））的系统（100）包括标量FMAC（140）和通过操作数耦合到寄存器文件的向量FMAC（130） 传递模块（120）。 对于矢量操作，操作数传送模块（120）将打包操作数（250）的SIMD操作数（260（a），260（b））引导到解包操作数（200）中，以由第一执行单元（140 ）。 另一个SIMD操作数（260（a），260（b））由向量执行单元（130）处理。

公开(公告)号：WO0175564A3

公开(公告)日：2003-01-16

申请号：PCT/US0108891

申请日：2001-03-21

Applicant: INTEL CORP ,  HERBERT HOWARD C ,  GRAWROCK DAVID W ,  ELLISON CARL M ,  GOLLIVER ROGER A ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

Inventor： HERBERT HOWARD C ,  GRAWROCK DAVID W ,  ELLISON CARL M ,  GOLLIVER ROGER A ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F1/00 ,  G06F12/14 ,  G06F21/00

CPC classification number: G06F21/305 ,  G06F9/30189 ,  G06F12/1491 ,  G06F21/35 ,  G06F21/53 ,  G06F21/57 ,  G06F21/575 ,  G06F21/64 ,  G06F21/74 ,  G06F2221/2101 ,  G06F2221/2103 ,  G06F2221/2105 ,  G06F2221/2149

Abstract: In one embodiment, a method of remote attestation for a special mode of operation. The method comprises storing an audit log within protected memory of a platform. The audit log is a listing of data representing each of a plurality of IsoX software modules loaded into the platform. The audit log is retrieved from the protected memory in response to receiving a remote attestation request from a remotely located platform. Then, the retrieved audit log is digitally signed to produce a digital signature for transfer to the remotely located platform.

Abstract translation: 在一个实施例中，用于特殊操作模式的远程证明的方法。 该方法包括将审核日志存储在平台的受保护的存储器内。 审计日志是表示加载到平台中的多个IsoX软件模块中的每一个的数据的列表。 响应于从远程位置的平台接收远程认证请求，从受保护的内存中检索审核日志。 然后，检索的审核日志进行数字签名，以产生数字签名，以转移到位于远程的平台。

公开(公告)号：WO0175565A3

公开(公告)日：2002-06-27

申请号：PCT/US0109371

申请日：2001-03-23

Applicant: INTEL CORP ,  ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

Inventor： ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F9/46 ,  G06F1/00 ,  G06F9/48 ,  G06F21/00

CPC classification number: G06F21/53 ,  G06F2221/2105

Abstract: A technique is provided to execute isolated instructions according to an embodiment of the present invention. An execution unit executes an isolated instruction in a processor operating in a platform. The processor is configured in one of a normal execution mode and an isolated execution mode. A parameter storage containing at least one parameter to support execution of the isolated instruction when the processor is configured in the isolated execution mode.

Abstract translation: 提供了根据本发明的实施例的执行隔离指令的技术。 执行单元在平台中操作的处理器中执行隔离指令。 处理器配置为正常执行模式和隔离执行模式之一。 当处理器被配置为隔离执行模式时，包含至少一个参数以支持执行隔离指令的参数存储器。

公开(公告)号：HK1072307A1

公开(公告)日：2005-08-19

申请号：HK05104208

申请日：2003-03-26

Applicant: INTEL CORP

Inventor： HERBERT HOWARD C ,  GRAWROCK DAVID W ,  ELLISON CARL M ,  GOLLIVER ROGER A ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND ,  NEIGER GILBERT

IPC: G06F20060101 ,  G06F

公开(公告)号：GB2381626B

公开(公告)日：2005-02-09

申请号：GB0303644

申请日：2001-07-13

Applicant: INTEL CORP

Inventor： GOLLIVER ROGER A ,  SUTTON II JAMES ,  LIN DERRICK ,  THAKKAR SHREEKANT ,  NEIGER GILBERT ,  MCKEEN FRANCIS ,  HERBERT HOWARD ,  RENERIS KENNETH ,  ELLISON CARL

IPC: G06F12/14

公开(公告)号：GB2377793B

公开(公告)日：2004-12-22

申请号：GB0225049

申请日：2001-03-14

Applicant: INTEL CORP

Inventor： ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F21/00 ,  G06F12/14

Abstract: An access transaction generated by a processor is configured using a configuration storage containing a configuration setting. The processor has a normal execution mode and an isolated execution mode. The access transaction has access information. Access to the configuration storage is controlled. An access grant signal is generated using the configuration setting and the access information. The access grant signal indicates if the access transaction is valid.

公开(公告)号：DE10196007T1

公开(公告)日：2003-10-09

申请号：DE10196007

申请日：2001-03-21

Applicant: INTEL CORP

Inventor： HERBERT HOWARD C ,  GRAWROCK DAVID W ,  ELLISON CARL M ,  GOLLIVER ROGER A ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F1/00 ,  G06F12/14 ,  G06F21/00

公开(公告)号：DE10195999T1

公开(公告)日：2003-04-03

申请号：DE10195999

申请日：2001-03-14

Applicant: INTEL CORP

Inventor： ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F21/00 ,  G06F9/00

Abstract: An access transaction generated by a processor is configured using a configuration storage containing a configuration setting. The processor has a normal execution mode and an isolated execution mode. The access transaction has access information. Access to the configuration storage is controlled. An access grant signal is generated using the configuration setting and the access information. The access grant signal indicates if the access transaction is valid.