公开(公告)号：US20190391971A1

公开(公告)日：2019-12-26

申请号：US16563183

申请日：2019-09-06

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Kshitij Doshi ,  Ned M. Smith

IPC: G06F16/23 ,  H04L9/06 ,  H04L9/32 ,  G06F16/27

Abstract: Technologies for providing attestation for function as a service flavors include a compute device including circuitry configured to obtain function definition data indicative of a set of operations to be performed in a function and a set of hardware resources to be utilized by the function, execute a benchmark operation to produce benchmark data indicative of a measured performance of the function, and sign the function definition data and the benchmark data to produce function flavor data. The circuitry is also configured to provide the function flavor data to one or more other compute devices for validation that the function, when executed on the hardware resources, provides the measured performance and write, to a distributed ledger, the function flavor data.

公开(公告)号：US20190384707A1

公开(公告)日：2019-12-19

申请号：US16006956

申请日：2018-06-13

Applicant: Intel Corporation

Inventor： Kshitij Doshi ,  Bhanu Shankar

IPC: G06F12/0804 ,  G06F3/06

Abstract: In one embodiment, a processor has a core including at least one execution circuit, a retirement circuit, a first cache memory, and a first cache controller to control the first cache memory, where the first cache controller, in response to a store request to store a first value to a memory coupled to the processor, is to suppress the store operation when the first value matches a stored value of a cache line associated with the store operation. Other embodiments are described and claimed.

公开(公告)号：US20190243545A1

公开(公告)日：2019-08-08

申请号：US16384441

申请日：2019-04-15

Applicant: Intel Corporation

Inventor： Sanjeev Trika ,  Kshitij Doshi

IPC: G06F3/06 ,  G06F16/903 ,  G06F16/00 ,  G06F12/126 ,  G11C15/00 ,  G06F12/06 ,  G06F12/10 ,  G06F12/02

CPC classification number: G06F3/0604 ,  G06F3/0659 ,  G06F3/0673 ,  G06F12/02 ,  G06F12/06 ,  G06F12/10 ,  G06F12/126 ,  G06F16/00 ,  G06F16/90335 ,  G11C7/106 ,  G11C7/1087 ,  G11C7/16 ,  G11C15/00 ,  G11C27/026 ,  Y02D10/13

Abstract: An apparatus and method for performing search and replace operations at a storage controller of a storage device are disclosed. The storage controller can receive a search command with one or more parameters that instructs the storage controller to search for a data pattern in data stored in a memory and can locally search the data in the memory for the data pattern according to the parameters without transferring the data to a processor to perform the search. The parameters can include, but are not limited to, the data pattern or template to be searched, a data pattern length, a bit-mask, a logical block address (LBA) range, a byte offset, and an alignment parameter. Verdict bits can be provided to indicate data chunks in the memory that match the data pattern. Flags may define potential outputs to provide after searching, such as location and number of matches. A replace command with a set of parameters, including a write mask, can instruct the storage controller to replace the data pattern with a replacement or substitute pattern.

公开(公告)号：US20190141119A1

公开(公告)日：2019-05-09

申请号：US16234734

申请日：2018-12-28

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Ned Smith ,  Kshitij Doshi ,  Alexander Bachmutsky ,  Suraj Prabhakaran

IPC: H04L29/08 ,  H04L12/24

Abstract: Technologies for function as a service (FaaS) arbitration include an edge gateway, multiple endpoint devices, and multiple service providers. The edge gateway receives a registration request from a service provider that is indicative of an FaaS function identifier and a transform function. The edge gateway verifies an attestation received from the service provider and registers the service provider. The edge gateway receives a function execution request from an endpoint device that is indicative of the FaaS function identifier. The edge gateway selects the service provider based on the FaaS function identifier, programs an accelerator with the transform function, executes the transform function with the accelerator to transform the function execution request to a provider request, and submits the provider request to the service provider. The service provider may be selected based on an expected service level included in the function execution request. Other embodiments are described and claimed.

公开(公告)号：US20190045037A1

公开(公告)日：2019-02-07

申请号：US15942012

申请日：2018-03-30

Applicant: Intel Corporation

Inventor： Vadim Sukhomlinov ,  Kshitij Doshi ,  Areg Melik-Adamyan

IPC: H04L29/08 ,  H04L12/46 ,  G06F9/54

Abstract: Technologies for network packet processing between cloud and telecommunications networks includes a network computing device which includes two application layer packet translators (ALPTs). The first ALPT is configured to receive a network packet from a computing device in a telecommunications network, identify a virtual network function (VNF) instance, and perform an application layer encapsulation of at least a portion of data of the received network packet as a parameter of a remote procedure call (RPC) associated with the identified VNF instance. The first ALPT is additionally configured to invoke the identified VNF instance using an API call corresponding to the RPC that includes the RPC parameter and the VNF instance is configured to transmit an RPC call response to the second ALPT. The second ALPT is configured to generate a new network packet as a function of the RPC call response and transmit the new network packet to another computing device in a cloud network.

公开(公告)号：US20190042747A1

公开(公告)日：2019-02-07

申请号：US16023160

申请日：2018-06-29

Applicant: Intel Corporation

Inventor： Vadim Sukhomlinov ,  Kshitij Doshi ,  Francesc Guim ,  Alex Nayshtut

IPC: G06F21/56 ,  G06F21/62

Abstract: The present disclosure is directed to systems and methods for mitigating or eliminating the effectiveness of a side channel attack, such as a Meltdown or Spectre type attack by selectively introducing a variable, but controlled, quantity of uncertainty into the externally accessible system parameters visible and useful to the attacker. The systems and methods described herein provide perturbation circuitry that includes perturbation selector circuitry and perturbation block circuitry. The perturbation selector circuitry detects a potential attack by monitoring the performance/timing data generated by the processor. Upon detecting an attack, the perturbation selector circuitry determines a variable quantity of uncertainty to introduce to the externally accessible system data. The perturbation block circuitry adds the determined uncertainty into the externally accessible system data. The added uncertainty may be based on the frequency or interval of the event occurrences indicative of an attack.

公开(公告)号：US20180152517A1

公开(公告)日：2018-05-31

申请号：US15574705

申请日：2015-06-26

Applicant: Intel Corporation

Inventor： Tao Zhong ,  Gang Deng ,  Zhongyan Lu ,  Kshitij Doshi

IPC: H04L29/08 ,  H04L12/66 ,  H04L12/24

CPC classification number: H04L67/12 ,  H04L12/66 ,  H04L41/069 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/142 ,  H04L41/147 ,  H04L43/04 ,  H04L43/0882 ,  H04N7/181 ,  H04N7/188 ,  H04W4/70

Abstract: Methods and apparatus to adaptively manage data collection devices in distributed computing systems are disclosed. Example disclosed methods involve instructing a first data collection device to operate according to a first rule. The example first rule specifies a first operating mode and defining a first event of interest. Example disclosed methods also involve obtaining first data from the first data collection device while operating according to the first rule. Example disclosed methods also involve, in response to determining that the first event of interest has occurred based on the first data, providing a second rule based on the first data to the first data collection device, and providing a third rule to a second data collection device. The example second rule specifies a second operating mode and defines a second event of interest, and the examples third rule specifies a third operating mode.

公开(公告)号：US20240195635A1

公开(公告)日：2024-06-13

申请号：US18064546

申请日：2022-12-12

Applicant: Intel Corporation

Inventor： Kshitij Doshi ,  Ned M. Smith ,  Rajesh Poornachandran ,  Sunil K. Cheruvu ,  David W. Palmer

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3247 ,  H04L9/0825 ,  H04L9/0869

Abstract: The technology described herein includes a plurality of intellectual property (IP) blocks; and a host IP block, the host IP block including a primary root of trust (RoT) IP block (PRIB) coupled to the plurality of IP blocks, to receive a request from a computing system to establish a secure communications session with a selected one of a plurality of intellectual property (IP) blocks, authenticate and attest the computing system, sign evidence of the PRIB with a PRIB key, send the signed evidence of the PRIB to the computing system, and establish the secure communications session between the computing system and the selected IP block if the PRIB is trusted by the computing system based at least in part on the signed evidence of the PRIB.

公开(公告)号：US11977612B2

公开(公告)日：2024-05-07

申请号：US17133876

申请日：2020-12-24

Applicant: Intel Corporation

Inventor： Katalin Klara Bartfai-Walcott ,  Tamir Damian Munafo ,  Ghouse Adoni Mohammed ,  Kshitij Doshi ,  Haseeb Mohammed Abdul

IPC: G06F21/10

CPC classification number: G06F21/105

Abstract: Methods, apparatus, systems and articles of manufacture (e.g., physical storage media) for software defined silicon guardianship are disclosed. An example method for semiconductor feature guardianship includes identifying, with a co-processor of a first semiconductor device, a feature based on a license received via a network from a remote enterprise system, the feature activated on a first semiconductor device based on the license, generating, with the co-processor of the first semiconductor device, a mesh network, the mesh network including a plurality of nodes associated with respective semiconductor devices including the first semiconductor device, the plurality of nodes including a primary node in communication with one or more secondary nodes, and migrating, with the co-processor of the first semiconductor device, the feature from a first secondary node to a second secondary node in response to a feature failure even on the first secondary node, the migration to maintain a feature entitlement associated with the license.

公开(公告)号：US20240134705A1

公开(公告)日：2024-04-25

申请号：US18538852

申请日：2023-12-13

Applicant: Intel Corporation

Inventor： Niranjan Hasabnis ,  Patricia Mwove ,  Ellick Chan ,  Derssie Mebratu ,  Kshitij Doshi ,  Mohammad Hossain ,  Gaurav Chaudhary

IPC: G06F9/50

CPC classification number: G06F9/505 ,  G06F9/5016

Abstract: Adjusting workload execution based on workload similarity. A processor may determine a similarity of a first workload to a second workload. The processor may adjust execution of the first workload based on execution parameters of the second workload and the similarity of the first workload to the second workload.