公开(公告)号：US12047503B2

公开(公告)日：2024-07-23

申请号：US18051825

申请日：2022-11-01

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Omer Ben-Shalom ,  Alex Nayshtut

IPC: H04L9/14 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04L9/14 ,  H04L9/0822 ,  H04L9/0825 ,  H04L9/0836 ,  H04L9/3247

Abstract: Technologies for secure collective authorization include multiple computing devices in communication over a network. A computing device may perform a join protocol with a group leader to receive a group private key that is associated with an interface implemented by the computing device. The interface may be an instance of an object model implemented by the computing device or membership of the computing device in a subsystem. The computing device receives a request for attestation to the interface, selects the group private key for the interface, and sends an attestation in response to the request. Another computing device may receive the attestation and verify the attestation with a group public key corresponding to the group private key. The group private key may be an enhanced privacy identifier (EPID) private key, and the group public key may be an EPID public key. Other embodiments are described and claimed.

公开(公告)号：US12026074B2

公开(公告)日：2024-07-02

申请号：US17028844

申请日：2020-09-22

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Kshitij Arun Doshi ,  Ned M. Smith

IPC: G06F9/445 ,  G06F11/263

CPC classification number: G06F11/263 ,  G06F9/44505

Abstract: Various aspects of methods, systems, and use cases for testing, integration, and deployment of failure conditions in an edge computing environment is provided through use of perturbations. In an example, operations to implement controlled perturbations in an edge computing platform include: identifying at least one perturbation parameter available to be implemented with a hardware components of an edge computing system that provides a service using the hardware components; determining values, which disrupt operation of the service, to implement the perturbation parameter among the hardware components; deploying the perturbation parameters to the hardware components, during operation of the service to process a computing workload, to cause perturbation effects on the service; collecting telemetry values associated with the hardware components, produced during operation of the service that indicate the perturbation effects upon the operation of the service; and cause a computing operation to occur based on the collected telemetry values.

公开(公告)号：US20240187310A1

公开(公告)日：2024-06-06

申请号：US18399569

申请日：2023-12-28

Applicant: Intel Corporation

Inventor： Malini K. Bhandaru ,  Ned M. Smith ,  Sunil K. Cheruvu ,  Anahit Tarkhanyan ,  Mats Agerstam

IPC: H04L41/147 ,  H04L67/12

CPC classification number: H04L41/147 ,  H04L67/12

Abstract: Systems, apparatus, articles of manufacture, and methods are disclosed to monitor telemetry data in computing system. An example apparatus includes interface circuitry to obtain telemetry data; computer readable instructions; and programmable circuitry to instantiate: aggregation circuitry to analyze the telemetry data using an artificial intelligence model to detect an event; and action controller circuitry to: determine a telemetry collection resolution associated with the event; and instruct a telemetry collection operation associated with the telemetry data to adjust collection of the telemetry data according to the determined telemetry collection resolution.

公开(公告)号：US11991054B2

公开(公告)日：2024-05-21

申请号：US17063991

申请日：2020-10-06

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Ned M. Smith ,  Sunil Cheruvu ,  Alexander Bachmutsky ,  James Coleman

IPC: H04L12/24 ,  H04L12/26 ,  H04L29/08 ,  H04L41/50 ,  H04L41/5003 ,  H04L41/5022 ,  H04L43/087 ,  H04L67/288

CPC classification number: H04L41/5022 ,  H04L41/5003 ,  H04L41/5096 ,  H04L43/087 ,  H04L67/288

Abstract: Methods and apparatus for jitter-less distributed Function as a Service (FaaS) using flavor clustering. A set of FaaS functions clustered by flavor chaining is implemented to deploy one or more FaaS flavor clusters on one or more edge nodes, wherein each flavor is defined by a set of resource requirements mapped into a jitter Quality of Service (QoS) and is executed on at least one hardware computing component on the one or more edge nodes. One or more jitter controllers are implemented to control and monitor execution of FaaS functions in the one or more FaaS flavor clusters such that the functions are executed to meet jitter-less QoS requirements. Jitter controllers include platform jitter-less function controllers in edge nodes and a data center FaaS jitter-less controller. A jitter-less Software Defined Wide Area Network (SD-WAN) network controller is also provided to provide network resources used by FaaS flavor clusters and satisfy connectivity requirements between the edge nodes.

公开(公告)号：US11972298B2

公开(公告)日：2024-04-30

申请号：US17666366

申请日：2022-02-07

Applicant: Intel Corporation

Inventor： Evan Custodio ,  Francesc Guim Bernat ,  Suraj Prabhakaran ,  Trevor Cooper ,  Ned M. Smith ,  Kshitij Doshi ,  Petar Torre

IPC: G06F3/06 ,  G06F8/30 ,  G06F8/41 ,  G06F9/50 ,  G06F11/00 ,  G06F11/20 ,  G06F21/62

CPC classification number: G06F9/505 ,  G06F9/5044 ,  G06F9/5083 ,  G06F2209/509

Abstract: Technologies for migrating data between edge accelerators hosted on different edge locations include a device hosted on a present edge location. The device includes one or more processors to: receive a workload from a requesting device, determine one or more accelerator devices hosted on the present edge location to perform the workload, and transmit the workload to the one or more accelerator devices to process the workload. The one or more processor is further to determine whether to perform data migration from the one or more accelerator devices to one or more different edge accelerator devices hosted on a different edge location, and send, in response to a determination to perform the data migration, a request to the one or more accelerator devices on the present edge location for transformed workload data to be processed by the one or more different edge accelerator devices.

公开(公告)号：US11943207B2

公开(公告)日：2024-03-26

申请号：US17032391

申请日：2020-09-25

Applicant: Intel Corporation

Inventor： Kshitij Arun Doshi ,  Uzair Qureshi ,  Lokpraveen Mosur ,  Patrick Fleming ,  Stephen Doyle ,  Brian Andrew Keating ,  Ned M. Smith

IPC: H04L9/40 ,  G06F13/28 ,  G06F21/60

CPC classification number: H04L63/0435 ,  G06F13/28 ,  G06F21/602 ,  H04L63/166

Abstract: Methods, systems, and use cases for one-touch inline cryptographic data security are discussed, including an edge computing device with a network communications circuitry (NCC), an enhanced DMA engine coupled to a memory device and including a cryptographic engine, and processing circuitry configured to perform a secure exchange with a second edge computing device to negotiate a shared symmetric encryption key, based on a request for data. An inline encryption command for communication to the enhanced DMA engine is generated. The inline encryption command includes a first address associated with a storage location storing the data, a second address associated with a memory location in the memory device, and the shared symmetric encryption key. The data is retrieved from the storage location using the first address, the data is encrypted using the shared symmetric encryption key, and the encrypted data is stored in the memory location using the second address.

公开(公告)号：US11936637B2

公开(公告)日：2024-03-19

申请号：US18047934

申请日：2022-10-19

Applicant: Intel Corporation

Inventor： Kapil Sood ,  Seosamh O'Riordain ,  Ned M. Smith ,  Tarun Viswanathan

IPC: H04L9/40 ,  G06F9/4401 ,  G06F9/455 ,  G06F9/46 ,  G06F9/50 ,  G06F21/53 ,  G06F21/57 ,  G06F21/62

CPC classification number: H04L63/06 ,  G06F9/4401 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/468 ,  G06F9/5077 ,  G06F21/53 ,  G06F21/57 ,  G06F21/6209 ,  H04L63/0435 ,  H04L63/062 ,  H04L63/083 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Technologies for providing secure utilization of tenant keys include a compute device. The compute device includes circuitry configured to obtain a tenant key. The circuitry is also configured to receive encrypted data associated with a tenant. The encrypted data defines an encrypted image that is executable by the compute device to perform a workload on behalf of the tenant in a virtualized environment. Further, the circuitry is configured to utilize the tenant key to decrypt the encrypted data and execute the workload without exposing the tenant key to a memory that is accessible to another workload associated with another tenant.

公开(公告)号：US11888858B2

公开(公告)日：2024-01-30

申请号：US17064218

申请日：2020-10-06

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Sunil Cheruvu ,  Francesc Guim Bernat ,  Kshitij Arun Doshi ,  Eve M. Schooler ,  Dario Sabella

IPC: H04L29/06 ,  H04L9/40 ,  G06F8/60 ,  H04L45/00 ,  H04L67/568

CPC classification number: H04L63/123 ,  G06F8/60 ,  H04L45/72 ,  H04L63/08 ,  H04L67/568

Abstract: Various aspects of methods, systems, and use cases for verification and attestation of operations in an edge computing environment are described, based on use of a trust calculus and established definitions of trustworthiness properties. In an example, an edge computing verification node is configured to: obtain a trust representation, corresponding to an edge computing feature, that is defined with a trust calculus and provided in a data definition language; receive, from an edge computing node, compute results and attestation evidence from the edge computing feature; attempt validation of the attestation evidence based on attestation properties defined by the trust representation; and communicate an indication of trustworthiness for the compute results, based on the validation of the attestation evidence. In further examples, the trust representation and validation is used in a named function network (NFN), for dynamic composition and execution of a function.

公开(公告)号：US11838841B2

公开(公告)日：2023-12-05

申请号：US17821422

申请日：2022-08-22

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Ravi S. Subramaniam ,  David W. Grawrock

IPC: H04W4/70 ,  H04W4/00 ,  H04W12/069 ,  H04L9/40

CPC classification number: H04W4/70 ,  H04L63/06 ,  H04L63/08 ,  H04L63/1441 ,  H04W4/00 ,  H04W12/069

Abstract: In one embodiment, a domain controller (a) quarantines unknown devices at a first quarantine point at a first layer of a multi-layer communication model; (b) communicates with a domain name system (DNS) service to self-allocate and register a domain name with the DNS service; (c) receives a provisioning request for a first device via an access point, wherein the access point comprises a second quarantine point at a second layer of the multi-level communication model; (d) verifies a device type of the first device with the DNS service; and (e) responsive to that verification, provisions the first device into the domain. The domain controller may also send a provisioning response to the access point to enable the first device to be removed from the second quarantine point, to enable the first device to communicate with the domain controller. Other embodiments are described and claimed.

公开(公告)号：US11831507B2

公开(公告)日：2023-11-28

申请号：US17737413

申请日：2022-05-05

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Kshitij Arun Doshi ,  Ned M. Smith ,  Timothy Verrall ,  Uzair Qureshi

IPC: H04L41/084 ,  H04L41/0869 ,  H04L49/00 ,  H04L47/78 ,  H04L41/5054 ,  G06F9/48 ,  G06F9/50 ,  G06F9/54 ,  G06F11/30 ,  H04L9/06 ,  H04L9/32 ,  G06F1/20 ,  H04L67/10 ,  H04W4/08 ,  H04W12/04

CPC classification number: H04L41/0843 ,  G06F1/206 ,  G06F9/4881 ,  G06F9/505 ,  G06F9/5094 ,  G06F9/542 ,  G06F11/3006 ,  H04L9/0637 ,  H04L9/3213 ,  H04L9/3247 ,  H04L41/0869 ,  H04L41/5054 ,  H04L47/781 ,  H04L49/70 ,  H04L67/10 ,  H04W4/08 ,  H04W12/04 ,  G06F2209/5021

Abstract: Various approaches for deployment and use of configurable edge computing platforms are described. In an edge computing system, an edge computing device includes hardware resources that can be composed from a configuration of chiplets, as the chiplets are disaggregated for selective use and deployment (for compute, acceleration, memory, storage, or other resources). In an example, configuration operations are performed to: identify a condition for use of the hardware resource, based on an edge computing workload received at the edge computing device; obtain, determine, or identify properties of a configuration for the hardware resource that are available to be implemented with the chiplets, with the configuration enabling the hardware resource to satisfy the condition for use of the hardware resource; and compose the chiplets into the configuration, according to the properties of the configuration, to enable the use of the hardware resource for the edge computing workload.