公开(公告)号：US09064109B2

公开(公告)日：2015-06-23

申请号：US13721760

申请日：2012-12-20

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Conor P. Cahill ,  Victoria C. Moore ,  Jason Martin ,  Micah J. Sheller

IPC: G06F17/30 ,  G06F21/45 ,  G06F21/31 ,  G06F21/33 ,  H04L29/06

CPC classification number: H04L9/0861 ,  G06F21/31 ,  G06F21/33 ,  G06F21/45 ,  H04L9/3234 ,  H04L63/0281 ,  H04L63/061 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/0838 ,  H04L63/1466 ,  H04L2209/127 ,  H04L2463/082

Abstract: In an embodiment, a security engine of a processor includes an identity provider logic to generate a first key pair of a key pairing associating system user and a service provider that provides a web service and having a second system coupled to the system via a network, to perform a secure communication with the second system to enable the second system to verify that the identity provider logic is executing in a trusted execution environment, and responsive to the verification, to send a first key of the first key pair to the second system. This key may enable the second system to verify an assertion communicated by the identity provider logic that the user has been authenticated to the system according to a multi-factor authentication. Other embodiments are described and claimed.

Abstract translation: 在一个实施例中，处理器的安全引擎包括身份提供者逻辑，以生成密钥配对关联系统用户的第一密钥对和提供Web服务并具有通过网络耦合到系统的第二系统的服务提供者， 以执行与所述第二系统的安全通信，以使所述第二系统能够验证所述身份提供者逻辑在可信执行环境中正在执行，并且响应于所述验证​​，将所述第一密钥对的第一密钥发送到所述第二系统。 该密钥可以使得第二系统可以根据多因素认证来验证由身份提供者逻辑传达的断言，用户已被认证给系统。 描述和要求保护其他实施例。

公开(公告)号：US20140282945A1

公开(公告)日：2014-09-18

申请号：US13995247

申请日：2013-03-15

Applicant: INTEL CORPORATION

Inventor： Ned M. Smith ,  Conor P. Cahill ,  Micah J. Sheller ,  Jason Martin

IPC: H04L29/06

CPC classification number: H04L63/06 ,  G06F21/32 ,  G06F21/62 ,  G06F21/78 ,  H04L63/0861

Abstract: Generally, this disclosure describes technologies for securely storing and using biometric authentication information, such as biometric reference templates. In some embodiments, the technologies include a client device that stores one or more biometric reference templates in a memory thereof. The client device may transfer such templates to an authentication device. The transfer may be conditioned on verification that the authentication device includes a suitable protected environment for the templates and will execute an acceptable temporary storage policy. The technologies may also include an authentication device that is configured to temporarily store biometric reference templates received from a client device in a protected environment thereof. Upon completion of biometric authentication or the occurrence of a termination event, the authentication devices may delete the biometric reference templates from the protected environment.

Abstract translation: 通常，本公开描述了用于安全地存储和使用生物测定认证信息（诸如生物测定参考模板）的技术。 在一些实施例中，技术包括将一个或多个生物测定参考模板存储在其存储器中的客户端设备。 客户端设备可以将这样的模板传送到认证设备。 传输可以根据认证设备包括用于模板的合适的受保护环境并将执行可接受的临时存储策略的验证。 这些技术还可以包括认证设备，其被配置为在其受保护的环境中临时存储从客户端设备接收的生物测定参考模板。 在完成生物认证或发生终止事件时，认证设备可以从受保护的环境中删除生物测定参考模板。

公开(公告)号：US10666635B2

公开(公告)日：2020-05-26

申请号：US16282601

申请日：2019-02-22

Applicant: Intel Corporation

Inventor： Venky P. Venkateswaran ,  Jason Martin ,  Gyan Prakash

IPC: H04L29/06 ,  G06F21/31 ,  H04W12/06 ,  H04W12/00

Abstract: An embodiment includes a method executed by at least one processor comprising: determining a first environmental factor for a mobile communications device; determining a first security authentication level based on the determined first environmental factor; and allowing access to a first module of the mobile communications device based on the first security authentication level. Other embodiments are described herein.

公开(公告)号：US20190220003A1

公开(公告)日：2019-07-18

申请号：US16366120

申请日：2019-03-27

Applicant: Intel Corporation

Inventor： Sridhar G. Sharma ,  S M Iftekharul Alam ,  Nilesh Ahuja ,  Avinash Kumar ,  Jason Martin ,  Ignacio J. Alvarez

IPC: G05D1/00 ,  H04W4/46 ,  G06N7/00 ,  G06K9/62 ,  G06K9/00

CPC classification number: G05D1/0044 ,  G06K9/00805 ,  G06K9/00818 ,  G06K9/6256 ,  G06K9/6277 ,  G06N7/005 ,  H04W4/46

Abstract: Disclosures herein may be directed to a method, technique, or apparatus directed to a CA/AD that includes a system controller, disposed in a first CA/AD vehicle, to manage a collaborative three-dimensional (3-D) map of an environment around the first CA/AD vehicle, wherein the system controller is to receive, from another CA/AD vehicle proximate to the first CA/AD vehicle, an indication of at least a portion of another 3-D map of another environment around both the first CA/AD vehicle and the other CA/AD vehicle and incorporate the at least the portion of the 3-D map proximate to the first CA/AD vehicle and the other CA/AD vehicle into the 3-D map of the environment of the first CA/AD vehicle managed by the system controller.

公开(公告)号：US20190190901A1

公开(公告)日：2019-06-20

申请号：US16282601

申请日：2019-02-22

Applicant: Intel Corporation

Inventor： Venky P. Venkateswaran ,  Jason Martin ,  Gyan Prakash

IPC: H04L29/06 ,  H04W12/06 ,  G06F21/31

Abstract: An embodiment includes a method executed by at least one processor comprising: determining a first environmental factor for a mobile communications device; determining a first security authentication level based on the determined first environmental factor; and allowing access to a first module of the mobile communications device based on the first security authentication level. Other embodiments are described herein.

公开(公告)号：US10097350B2

公开(公告)日：2018-10-09

申请号：US15423975

申请日：2017-02-03

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Conor P. Cahill ,  Victoria C. Moore ,  Jason Martin ,  Micah J. Sheller

IPC: G06F17/30 ,  H04L9/08 ,  H04L29/06

Abstract: In an embodiment, a security engine of a processor includes an identity provider logic to generate a first key pair of a key pairing associating system user and a service provider that provides a web service and having a second system coupled to the system via a network, to perform a secure communication with the second system to enable the second system to verify that the identity provider logic is executing in a trusted execution environment, and responsive to the verification, to send a first key of the first key pair to the second system. This key may enable the second system to verify an assertion communicated by the identity provider logic that the user has been authenticated to the system according to a multi-factor authentication. Other embodiments are described and claimed.

公开(公告)号：US20180239976A1

公开(公告)日：2018-08-23

申请号：US15439224

申请日：2017-02-22

Applicant: Intel Corporation

Inventor： Cory Cornelius ,  Jason Martin ,  Ramune Nagisetty ,  Micah J. Sheller ,  Thao W. Xiong ,  Reese Bowes

IPC: G06K9/00 ,  G06T7/11 ,  G06K9/62 ,  G06F1/16 ,  H04L29/06

Abstract: In one embodiment, an apparatus includes: a bioimpedance sensor to generate bioimpedance information based on bioimpedance sample information from at least some of a plurality of electrodes to be adapted about a portion of a person; at least one biometric sensor to generate biometric information based on biometric sample information from at least some of the plurality of electrodes; at least one environmental sensor to generate environmental context data; and an integration circuit to receive the bioimpedance information, the biometric information and the environmental context data and to adjust the bioimpedance information based at least in part on a value of one or more of the biometric information and the environmental context data. Other embodiments are described and claimed.

公开(公告)号：US10009327B2

公开(公告)日：2018-06-26

申请号：US15451600

申请日：2017-03-07

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Conor P. Cahill ,  Micah J. Sheller ,  Jason Martin

IPC: G06F15/16 ,  G06F7/04 ,  H04L29/06

CPC classification number: H04L63/06 ,  G06F21/32 ,  G06F21/62 ,  G06F21/78 ,  H04L63/0861

Abstract: Generally, this disclosure describes technologies for securely storing and using biometric authentication information, such as biometric reference templates. In some embodiments, the technologies include a client device that stores one or more biometric reference templates in a memory thereof. The client device may transfer such templates to an authentication device. The transfer may be conditioned on verification that the authentication device includes a suitable protected environment for the templates and will execute an acceptable temporary storage policy. The technologies may also include an authentication device that is configured to temporarily store biometric reference templates received from a client device in a protected environment thereof. Upon completion of biometric authentication or the occurrence of a termination event, the authentication devices may delete the biometric reference templates from the protected environment.

公开(公告)号：US09898880B2

公开(公告)日：2018-02-20

申请号：US14479604

申请日：2014-09-08

Applicant: Intel Corporation

Inventor： Ramune Nagisetty ,  Melissa A Cowan ,  Jason Martin ,  Richard A Forand ,  Wen-Ling M Huang ,  Conor P Cahill

IPC: G07C9/00 ,  H04W12/06 ,  H04W12/08

CPC classification number: G07C9/00119 ,  G07C9/00111 ,  G07C2009/00095 ,  H04W12/06 ,  H04W12/08

Abstract: A wearable device (“WD”) stores a token after its wearer completes a successful strong authentication on a primary protected device (“primary PD”). Other protected devices (“secondary PDs”) recognize the stored token as representing a strong authentication and grant the user access while the user continues to wear the WD within a “digital leash-length” proximity. The WD constantly monitors whether the user continues to wear the device. Upon sensing that the user has removed the WD, the WD deletes, disables, or invalidates the token, The user must then repeat the strong authentication to gain further access to the protected devices.

公开(公告)号：US09762566B2

公开(公告)日：2017-09-12

申请号：US15419447

申请日：2017-01-30

Applicant: Intel Corporation

Inventor： Micah Sheller ,  Conor Cahill ,  Jason Martin ,  Brandon Baker

IPC: G06F7/04 ,  H04L29/06 ,  G06F15/16

CPC classification number: H04L63/08 ,  G06F21/31 ,  G06F21/57 ,  G06F2221/2101 ,  G06F2221/2113 ,  G06F2221/2137 ,  G06F2221/2151

Abstract: Technologies are provided in embodiments to manage an authentication confirmation score. Embodiments are configured to identify, in absolute session time, a beginning time and an ending time of an interval of an active user session on a client. Embodiments are also configured to determine a first value representing a first subset of a set of prior user sessions, where the prior user sessions of the first subset were active for at least as long as the beginning time. Embodiments can also determine a second value representing a second subset of the set of prior user sessions, where the prior user sessions of the second subset were active for at least as long as the ending time. Embodiments also determine, based on the first and second values, a decay rate for the authentication confidence score of the active user session. In some embodiments, the set is based on context attributes.