公开(公告)号：US11736277B2

公开(公告)日：2023-08-22

申请号：US17463453

申请日：2021-08-31

Applicant: INTEL CORPORATION

Inventor： Changzhen Wei ,  Junyuan Wang ,  Ned Smith ,  Weigang Li ,  Ping Yu

IPC: H04L9/40 ,  H04L9/08 ,  G16Y30/10 ,  G06F21/45 ,  H04L9/32

CPC classification number: H04L9/0833 ,  G06F21/45 ,  G16Y30/10 ,  H04L9/0822 ,  H04L9/321 ,  H04L9/3215 ,  H04L9/3255 ,  H04L63/0442

Abstract: Technologies for key management of internet-of-things (IoT) devices include an IoT device, an authority center server, and a group management server. The IoT device is configured to authenticate with an authority center server via an offline communication channel, receive a group member private key as a function of the authentication with the authority center server, and authenticate with a group management server via a secure online communication channel using the group member private key. The IoT device is further configured to receive a group shared key as a function of the authentication with the group management server, encrypt secret data with the group shared key, and transmit the encrypted secret data to the group management server. Other embodiments are described herein.

公开(公告)号：US11711268B2

公开(公告)日：2023-07-25

申请号：US16723760

申请日：2019-12-20

Applicant: Intel Corporation

Inventor： Ned Smith ,  Francesc Guim Bernat ,  Sanjay Bakshi ,  Katalin Bartfai-Walcott ,  Kapil Sood ,  Kshitij Doshi ,  Robert Munoz

IPC: G06F9/46 ,  H04L41/084 ,  H04L41/0869 ,  H04L49/00 ,  H04L47/78 ,  H04L41/5054 ,  G06F9/48 ,  G06F9/50 ,  G06F9/54 ,  G06F11/30 ,  H04L9/06 ,  H04L9/32 ,  G06F1/20 ,  H04L67/10 ,  H04W4/08 ,  H04W12/04

CPC classification number: H04L41/0843 ,  G06F1/206 ,  G06F9/4881 ,  G06F9/505 ,  G06F9/5094 ,  G06F9/542 ,  G06F11/3006 ,  H04L9/0637 ,  H04L9/3213 ,  H04L9/3247 ,  H04L41/0869 ,  H04L41/5054 ,  H04L47/781 ,  H04L49/70 ,  H04L67/10 ,  H04W4/08 ,  H04W12/04 ,  G06F2209/5021

Abstract: Methods and apparatus to execute a workload in an edge environment are disclosed. An example apparatus includes a node scheduler to accept a task from a workload scheduler, the task including a description of a workload and tokens, a workload executor to execute the workload, the node scheduler to access a result of execution of the workload and provide the result to the workload scheduler, and a controller to access the tokens and distribute at least one of the tokens to at least one provider, the provider to provide a resource to the apparatus to execute the workload.

公开(公告)号：US11567683B2

公开(公告)日：2023-01-31

申请号：US16368152

申请日：2019-03-28

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Karthik Kumar ,  Thomas Willhalm ,  Timothy Verrall ,  Ned Smith

IPC: G06F3/06 ,  G06F12/02 ,  G06F16/901 ,  G06F12/1072 ,  G06F17/17

Abstract: Technologies for providing deduplication of data in an edge network includes a compute device having circuitry to obtain a request to write a data set. The circuitry is also to apply, to the data set, an approximation function to produce an approximated data set. Additionally, the circuitry is to determine whether the approximated data set is already present in a shared memory and write, to a translation table and in response to a determination that the approximated data set is already present in the shared memory, an association between a local memory address and a location, in the shared memory, where the approximated data set is already present. Additionally, the circuitry is to increase a reference count associated with the location in the shared memory.

公开(公告)号：US11265172B2

公开(公告)日：2022-03-01

申请号：US16231172

申请日：2018-12-21

Applicant: Intel Corporation

Inventor： Ned Smith ,  Rajesh Poornachandran ,  Sundar Nadathur ,  Abdul M. Bailey

IPC: H04L9/32 ,  H04L9/08 ,  H04L9/30

Abstract: A system for supporting Enhanced Privacy Identification (EPID) is provided. The system may include a host processor operable to communicate with a remote requestor, where the host processor needs to perform signature revocation checking in accordance with EPID. To perform signature revocation checking, the host processor has to perform either a sign or verify operation. The host processor may offload the sign/verify operation onto one or more associated hardware acceleration coprocessors. A programmable coprocessor may be dynamically configured to perform the desired number of sign/verify functions in accordance with the requirements of the current workload.

公开(公告)号：US11115193B2

公开(公告)日：2021-09-07

申请号：US16649192

申请日：2017-12-29

Applicant: INTEL CORPORATION

Inventor： Changzheng Wei ,  Junyuan Wang ,  Ned Smith ,  Weigang Li ,  Ping Yu

IPC: H04L9/08 ,  G16Y30/10 ,  H04L9/32 ,  G06F21/45 ,  H04L29/06

Abstract: Technologies for key management of internet-of-things (IoT) devices include an IoT device, an authority center server, and a group management server. The IoT device is configured to authenticate with an authority center server via an offline communication channel, receive a group member private key as a function of the authentication with the authority center server, and authenticate with a group management server via a secure online communication channel using the group member private key. The IoT device is further configured to receive a group shared key as a function of the authentication with the group management server, encrypt secret data with the group shared key, and transmit the encrypted secret data to the group management server. Other embodiments are described herein.

公开(公告)号：US20210099516A1

公开(公告)日：2021-04-01

申请号：US16989210

申请日：2020-08-10

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Ned Smith ,  Kshitij Doshi ,  Alexander Bachmutsky ,  Suraj Prabhakaran

IPC: H04L29/08 ,  H04L12/24

Abstract: Technologies for function as a service (FaaS) arbitration include an edge gateway, multiple endpoint devices, and multiple service providers. The edge gateway receives a registration request from a service provider that is indicative of an FaaS function identifier and a transform function. The edge gateway verifies an attestation received from the service provider and registers the service provider. The edge gateway receives a function execution request from an endpoint device that is indicative of the FaaS function identifier. The edge gateway selects the service provider based on the FaaS function identifier, programs an accelerator with the transform function, executes the transform function with the accelerator to transform the function execution request to a provider request, and submits the provider request to the service provider. The service provider may be selected based on an expected service level included in the function execution request. Other embodiments are described and claimed.

公开(公告)号：US20210014301A1

公开(公告)日：2021-01-14

申请号：US17033120

申请日：2020-09-25

Applicant: Intel Corporation

Inventor： Kshitij Doshi ,  Francesc Guim Bernat ,  Ned Smith ,  Timothy Verrall ,  Uzair Qureshi

IPC: H04L29/08

Abstract: Methods, apparatus, systems and articles of manufacture to select a location of execution of a computation are disclosed. An example apparatus includes a cache digest interface to identify a node capable of performing a computation. A compute plan solver is to obtain a cost estimate of performing the computation from the node. Privacy weighting circuitry is to apply a privacy weighting value to the cost estimate to determine a weighted cost estimate. The compute plan solver is to select the node for performance of the computation based on the weighted cost estimate. A plan executor is to transmit a request for the selected node to perform the computation.

公开(公告)号：US10798157B2

公开(公告)日：2020-10-06

申请号：US16234734

申请日：2018-12-28

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Ned Smith ,  Kshitij Doshi ,  Alexander Bachmutsky ,  Suraj Prabhakaran

IPC: H04L29/08 ,  H04L12/24

Abstract: Technologies for function as a service (FaaS) arbitration include an edge gateway, multiple endpoint devices, and multiple service providers. The edge gateway receives a registration request from a service provider that is indicative of an FaaS function identifier and a transform function. The edge gateway verifies an attestation received from the service provider and registers the service provider. The edge gateway receives a function execution request from an endpoint device that is indicative of the FaaS function identifier. The edge gateway selects the service provider based on the FaaS function identifier, programs an accelerator with the transform function, executes the transform function with the accelerator to transform the function execution request to a provider request, and submits the provider request to the service provider. The service provider may be selected based on an expected service level included in the function execution request. Other embodiments are described and claimed.

公开(公告)号：US20200167196A1

公开(公告)日：2020-05-28

申请号：US16723760

申请日：2019-12-20

Applicant: Intel Corporation

Inventor： Ned Smith ,  Francesc Guim Bernat ,  Sanjay Bakshi ,  Katalin Bartfai-Walcott ,  Kapil Sood ,  Kshitij Doshi ,  Robert Munoz

IPC: G06F9/50 ,  G06F9/48 ,  G06F11/30 ,  H04L9/32 ,  G06F9/54 ,  H04L9/06

Abstract: Methods and apparatus to execute a workload in an edge environment are disclosed. An example apparatus includes a node scheduler to accept a task from a workload scheduler, the task including a description of a workload and tokens, a workload executor to execute the workload, the node scheduler to access a result of execution of the workload and provide the result to the workload scheduler, and a controller to access the tokens and distribute at least one of the tokens to at least one provider, the provider to provide a resource to the apparatus to execute the workload.

公开(公告)号：US20190155636A1

公开(公告)日：2019-05-23

申请号：US16234731

申请日：2018-12-28

Applicant: Intel Corporation

Inventor： Ned Smith ,  Bing Zhu ,  Vincent Scarlata ,  Kapil Sood ,  Francesc Guim Bernat

IPC: G06F9/455

Abstract: Technologies for hybrid virtualization and secure enclave include a computing device and an edge orchestrator. The edge orchestrator securely provisions a container-enclave policy to the computing device. A VMM of the computing device constructs a platform services enclave that includes the container-enclave policy. The platform services enclave requests a local attestation report from an application enclave, and the application enclave generates the attestation report using secure enclave support of a compute engine of the computing device. The attestation report is indicative of a virtualization context of the application enclave, and may include a VM flag, a VMM flag, and a source address of the application enclave. The platform services enclave enforces the container-enclave policy based on the virtualization context of the application enclave. The platform services enclave may control access to functions of the computing device based on the virtualization context. Other embodiments are described and claimed.