公开(公告)号：US20160323284A1

公开(公告)日：2016-11-03

申请号：US15204799

申请日：2016-07-07

Applicant: Intel Corporation

Inventor： Robert C. Swanson ,  Daniel Nemiroff ,  Vincent J. Zimmer ,  Mallik Bulusu ,  John R. Lindsley ,  Robert W. Cone ,  Malay Trivedi ,  Piotr Kwidzinski

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/55 ,  G06F3/06

CPC classification number: H04L63/10 ,  G06F3/0622 ,  G06F3/0637 ,  G06F3/0683 ,  G06F13/28 ,  G06F21/554 ,  G06F21/57 ,  G06F21/572

Abstract: Embodiments of multinode hubs for trust operations are disclosed herein. In some embodiments, a multinode hub may include a plurality of memory regions, a trapping module, and a trusted platform module (TPM) component. Each memory region may be associated with and receive trust operation data from a coherent computing node. The trapping module may generate trap notifications in response to accesses to the plurality of memory regions by the associated coherent computing nodes. The trap notifications may indicate which of the plurality of memory locations has been accessed, and the TPM component may process the trust operation data in a memory region indicated by a trap notification. Other embodiments may be disclosed and/or claimed.

公开(公告)号：US09158916B2

公开(公告)日：2015-10-13

申请号：US13995244

申请日：2012-10-17

Applicant: Intel Corporation

Inventor： Daniel Nemiroff ,  Paul J. Thadikaran ,  Paritosh Saxena ,  Nicholas D. Triantafillou ,  Andrew H. Gafken

IPC: G06F21/00 ,  G06F21/55

CPC classification number: G06F21/55 ,  G06F21/554 ,  G06F21/568 ,  G06F21/78

Abstract: An embodiment may include a storage processor that may be comprised, at least in part, in a host. The host may include at least one host central processing unit (CPU) to execute at least one host operating system (OS). The storage processor may execute at least one operation in isolation from interference from and control by the at least one host CPU and the at least one host OS. The at least one operation may facilitate, at least in part: (1) prevention, at least in part, of unauthorized access to storage, (2) prevention, at least in part, of execution by the at least one host CPU of at least one unauthorized instruction, (3) detection, at least in part, of the at least one unauthorized instruction, and/or (4) remediation, at least in part, of at least one condition associated, at least in part, with the at least unauthorized instruction.

Abstract translation: 一个实施例可以包括可以至少部分地包括在主机中的存储处理器。 主机可以包括至少一个主机中央处理单元（CPU），以执行至少一个主机操作系统（OS）。 存储处理器可以与至少一个主机CPU和至少一个主机OS的干扰和控制隔离起来执行至少一个操作。 所述至少一个操作可以至少部分地促进：（1）至少部分地防止非法访问存储，（2）至少部分地防止所述至少一个主机CPU执行 至少一个未经授权的指令，（3）至少部分地至少检测至少一个未经授权的指令，和/或（4）至少部分地至少部分地与 至少未经授权的指令。

公开(公告)号：US09043604B2

公开(公告)日：2015-05-26

申请号：US13987807

申请日：2013-09-05

Applicant: Intel Corporation

Inventor： Ernest F. Brickell ,  Shay Gueron ,  Jiangtao Li ,  Carlos V. Rozas ,  Daniel Nemiroff ,  Vincent R. Scarlata ,  Uday R. Savagaonkar ,  Simon P. Johnson

IPC: H04L9/08 ,  H04L9/32 ,  G06F21/73 ,  G06F21/60

CPC classification number: H04L9/0816 ,  G06F21/572 ,  G06F21/73

Abstract: Keying materials used for providing security in a platform are securely provisioned both online and offline to devices in a remote platform. The secure provisioning of the keying materials is based on a revision of firmware installed in the platform.

Abstract translation: 用于在平台中提供安全性的键控材料可以安全地在线和离线地配置到远程平台中的设备。 密钥材料的安全配置基于安装在平台中的固件的修订版本。