公开(公告)号：US09832015B2

公开(公告)日：2017-11-28

申请号：US14557125

申请日：2014-12-01

Applicant: Intel Corporation

Inventor： Men Long ,  Jesse Walker ,  Karanvir S Grewal

IPC: G06F21/00 ,  H04L9/08 ,  H04L9/06 ,  H04L29/06

CPC classification number: H04L9/0866 ,  H04L9/0631 ,  H04L63/0428 ,  H04L63/06 ,  H04L2209/125

Abstract: Both end-to-end security and traffic visibility may be achieved by a system using a controller that derives a cryptographic key that is different for each client based on a derivation key and a client identifier that is conveyed in each data packet. The controller distributes the derivation key to information technology monitoring devices and a server to provide traffic visibility. For large key sizes, the key may be derived using a derivation formula as follows: client_key_MSB=AES128(base_key_1, client_ID),  (1) client_key_LSB=AES128(base_key_2, client_ID+pad), and  (2) client_key=client_key_MSB∥client_key_LSB, where (1) and (2) are executed in parallel. The client key and a client identifier may be used so that end-to-end security may be achieved.

公开(公告)号：US20170208030A1

公开(公告)日：2017-07-20

申请号：US15472714

申请日：2017-03-29

Applicant: INTEL CORPORATION

Inventor： Emily H. Qi ,  Jesse Walker

IPC: H04L29/12 ,  H04L9/32 ,  H04L29/06 ,  H04W12/04 ,  H04W48/16

CPC classification number: H04L61/1541 ,  H04L9/3242 ,  H04L45/7453 ,  H04L63/061 ,  H04L63/0876 ,  H04W12/04 ,  H04W12/08 ,  H04W12/12 ,  H04W48/16

Abstract: Some demonstrative embodiments include apparatuses, systems and/or methods of securing a service Identifier (ID). For example, a wireless device may include a Secure Service Identifier (SSID) processor to determine a SSID corresponding to a service, the SSID including an encrypted value being based on a service name key from a service provider of the service and a service name corresponding to the service; and a radio to transmit a wireless message including the SSID.

公开(公告)号：US20170155514A1

公开(公告)日：2017-06-01

申请号：US14955255

申请日：2015-12-01

Applicant: INTEL CORPORATION

Inventor： Steffen Schulz ,  Rafael Misoczki ,  Manoj R. Sastry ,  Jesse Walker

IPC: H04L9/32 ,  H04L9/30 ,  H04L9/14 ,  G06F9/445 ,  H04L29/06

CPC classification number: H04L9/3247 ,  G06F8/65 ,  H04L9/0891 ,  H04L9/14 ,  H04L9/304 ,  H04L9/3242 ,  H04L63/06 ,  H04L63/123 ,  H04L67/34

Abstract: In a method for validating software updates, a data processing system contains a current version of a software component. The data processing system saves at least first and second current advance keys (AKs). After saving the current AKs, the data processing system receives an update package for a new version of the software component. The data processing system extracts a digital signature and two or more new AKs from the update package. The data processing system uses at least one current AK to determine whether the digital signature is valid. In response to a determination that the digital signature is valid, the data processing system uses a software image from the update package to update the software component, and the data processing system saves the new AKs, for subsequent utilization as the current AKs. Other embodiments are described and claimed.

公开(公告)号：US08903084B2

公开(公告)日：2014-12-02

申请号：US13916027

申请日：2013-06-12

Applicant: Intel Corporation

Inventor： Men Long ,  Jesse Walker ,  Karanvir S. Grewal

IPC: H04L9/00 ,  H04L9/08 ,  G06F7/04 ,  G06F21/00 ,  H04L29/06 ,  H04L9/06

CPC classification number: H04L9/0866 ,  H04L9/0631 ,  H04L63/0428 ,  H04L63/06 ,  H04L2209/125

Abstract: Both end-to-end security and traffic visibility may be achieved by a system using a controller that derives a cryptographic key that is different for each client based on a derivation key and a client identifier that is conveyed in each data packet. The controller distributes the derivation key to information technology monitoring devices and a server to provide traffic visibility. For large key sizes, the key may be derived using a derivation formula as follows: client_key_MSB=AES128(base_key_1,client_ID),  (1) client_key_LSB=AES128(base_key_2,client_ID+pad),and  (2) client_key=client_key_MSB∥client_key_LSB, where (1) and (2) are executed in parallel. The client key and a client identifier may be used so that end-to-end security may be achieved.

Abstract translation: 端到端安全性和流量可见性可以由使用控制器的系统来实现，所述控制器基于在每个数据分组中传送的导出密钥和客户端标识符来导出每个客户端不同的密码密钥。 控制器将派生密钥分发到信息技术监控设备和服务器，以提供流量可视性。 对于较大的密钥大小，可以使用如下的推导公式来导出密钥：client_key_MSB = AES128（base_key_1，client_ID），（1）client_key_LSB = AES128（base_key_2，client_ID + pad）和（2）cli​​ent_key =client_key_MSB‖client_key_LSB， 其中（1）和（2）并行执行。 可以使用客户端密钥和客户端标识符，以便可以实现端到端的安全性。