公开(公告)号：US20250112825A1

公开(公告)日：2025-04-03

申请号：US18977434

申请日：2024-12-11

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Kshitij Arun Doshi ,  Ned M. Smith

IPC: H04L41/084 ,  G06F1/20 ,  G06F9/48 ,  G06F9/50 ,  G06F9/54 ,  G06F11/30 ,  H04L9/06 ,  H04L9/32 ,  H04L41/0869 ,  H04L41/5054 ,  H04L47/78 ,  H04L49/00 ,  H04L67/10 ,  H04W4/08 ,  H04W12/04

Abstract: Various aspects of methods, systems, and use cases for multi-entity (e.g., multi-tenant) edge computing deployments are disclosed. Among other examples, various configurations and features enable the management of resources (e.g., controlling and orchestrating hardware, acceleration, network, processing resource usage), security (e.g., secure execution and communication, isolation, conflicts), and service management (e.g., orchestration, connectivity, workload coordination), in edge computing deployments, such as by a plurality of edge nodes of an edge computing environment configured for executing workloads from among multiple tenants.

公开(公告)号：US20250106191A1

公开(公告)日：2025-03-27

申请号：US18975721

申请日：2024-12-10

Applicant: Intel Corporation

Inventor： Kapil Sood ,  Seosamh O'Riordain ,  Ned M. Smith ,  Tarun Viswanathan

IPC: H04L9/40 ,  G06F9/4401 ,  G06F9/455 ,  G06F9/46 ,  G06F9/50 ,  G06F21/53 ,  G06F21/57 ,  G06F21/62

Abstract: Technologies for providing secure utilization of tenant keys include a compute device. The compute device includes circuitry configured to obtain a tenant key. The circuitry is also configured to receive encrypted data associated with a tenant. The encrypted data defines an encrypted image that is executable by the compute device to perform a workload on behalf of the tenant in a virtualized environment. Further, the circuitry is configured to utilize the tenant key to decrypt the encrypted data and execute the workload without exposing the tenant key to a memory that is accessible to another workload associated with another tenant.

公开(公告)号：US12260467B2

公开(公告)日：2025-03-25

申请号：US17132927

申请日：2020-12-23

Applicant: Intel Corporation

Inventor： Satish Chandra Jha ,  S M Iftekharul Alam ,  Ned M. Smith ,  Vesh Raj Sharma Banjade ,  Kathiravetpillai Sivanesan ,  Arvind Merwaday ,  Ignacio Javier Alvarez Martinez

IPC: G06Q50/40 ,  G01C21/34 ,  G06Q10/02 ,  G06Q20/14

Abstract: Systems and techniques for mobility-as-a-service for user experience are described herein. An orchestration log may be maintained that includes current orchestration data. An orchestration backup record may be generated that includes alternate MaaS nodes on the MaaS network. It may be determined that connectivity is lost to a first orchestration container hosted by a first MaaS node. An orchestration container is generated using the orchestration log to maintain orchestration functionality. An available second MaaS node is identified from the alternate MaaS nodes. The orchestration container may be transferred to the second MaaS node.

公开(公告)号：US12244507B2

公开(公告)日：2025-03-04

申请号：US17033140

申请日：2020-09-25

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Ned M. Smith ,  Kshitij Arun Doshi ,  Suraj Prabhakaran ,  Timothy Verrall ,  Kapil Sood ,  Tarun Viswanathan

IPC: H04L47/28 ,  H04L47/74 ,  H04L47/78 ,  H04L49/15

Abstract: Systems and techniques for intelligent data forwarding in edge networks are described herein. A request may be received from an edge user device for a service via a first endpoint. A time value may be calculated using a timestamp of the request. Motion characteristics may be determined for the edge user device using the time value. A response to the request may be transmitted to a second endpoint based on the motion characteristics.

公开(公告)号：US20250039041A1

公开(公告)日：2025-01-30

申请号：US18913652

申请日：2024-10-11

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Keith Nolan ,  Mark Kelly ,  Michael Nolan ,  John Brady ,  Thiago Macieira ,  Zheng Zhang ,  Glen J. Anderson ,  Igor Muttik

IPC: H04L41/0806 ,  G06F16/182 ,  H04L9/00 ,  H04L9/08 ,  H04L9/32 ,  H04L41/12 ,  H04L45/00 ,  H04L61/4505 ,  H04L61/5069 ,  H04L67/10 ,  H04L67/104 ,  H04L67/1087 ,  H04L67/12 ,  H04L67/562 ,  H04L69/18 ,  H04L69/22 ,  H04W4/08 ,  H04W4/70 ,  H04W12/69 ,  H04W84/18 ,  H04W84/22

Abstract: A trusted communications environment includes a primary participant with a group creator and a distributed ledger, and a secondary participant with communication credentials. An Internet of Things (IoT) network includes a trusted execution environment with a chain history for a blockchain, a root-of-trust for chaining, and a root-of-trust for archives. An IoT network includes an IoT device with a communication system, an onboarding tool, a device discoverer, a trust builder, a shared domain creator, and a shared resource directory. An IoT network includes an IoT device with a communication system, a policy decision engine, a policy repository, a policy enforcement engine, and a peer monitor. An IoT network includes an IoT device with a host environment and a trusted reliability engine to apply a failover action if the host environment fails. An IoT network includes an IoT server including secure booter/measurer, trust anchor, authenticator, key manager, and key generator.

公开(公告)号：US12166626B2

公开(公告)日：2024-12-10

申请号：US17033324

申请日：2020-09-25

Applicant: Intel Corporation

Inventor： Kshitij Arun Doshi ,  Ned M. Smith ,  Francesc Guim Bernat

IPC: H04L41/0806 ,  H04L41/0826 ,  H04L41/083 ,  H04L41/0895 ,  H04L41/122 ,  H04L41/342 ,  H04L41/40 ,  H04L41/5019 ,  H04L45/036

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed for workload placement in an edge environment. An example apparatus for workload placement in an edge environment includes an orchestrator to receive a request to execute a workload from an edge platform within an edge environment, and a capability controller to analyze the request to determine operating parameters for the workload from the edge platform, and analyze candidate edge tier and edge platform placements based on the operating parameters, the orchestrator to determine a candidate edge tier and edge platform placement for the workload based on a candidate edge tier and edge platform placement that satisfies the operating parameters.

公开(公告)号：US12155539B2

公开(公告)日：2024-11-26

申请号：US17028728

申请日：2020-09-22

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Kshitij Arun Doshi ,  Francesc Guim Bernat

IPC: H04L41/5009 ,  G06F9/455 ,  H04L9/00 ,  H04L9/06 ,  H04L41/16

Abstract: Methods, systems, and use cases for orchestrator execution planning using a distributed ledger are discussed, including an orchestration system with memory and at least one processing circuitry coupled to the memory. The processing circuitry is configured to perform operations to generate an execution plan for a workload based on an SLA. The execution plan includes state transitions associated with corresponding edge service instances. A distributed ledger record is retrieved from the ledger based on a reinforcement learning reward value specified by the record. The reward value is associated with a state transition of the plurality of state transitions. An edge node is selected based on the retrieved distributed ledger record. Execution of an edge service instance of the plurality of edge service instances by the edge node is scheduled. The execution of the edge service instance corresponds to the state transition associated with the reinforcement learning reward value.

公开(公告)号：US20240305661A1

公开(公告)日：2024-09-12

申请号：US18666567

申请日：2024-05-16

Applicant: Intel Corporation

Inventor： Ned M. Smith

IPC: H04L9/40

CPC classification number: H04L63/1433

Abstract: Systems, apparatus, articles of manufacture, and methods are disclosed to optimize attestation verification. An example method includes determining a first network of nodes from attestation evidence, a node of the first network of nodes associated with an appraisal context of an device, obtaining an endorsement for the device, determining a second network of nodes from the endorsements, identifying a node that is in the first network of nodes and the second network of nodes, combining the first network of nodes and the second network of nodes to form a third network of nodes, and generating an attestation result for the device from the third network of nodes.

公开(公告)号：US20240305616A1

公开(公告)日：2024-09-12

申请号：US18435546

申请日：2024-02-07

Applicant: Intel Corporation

Inventor： Kapil Sood ,  Seosamh O'Riordain ,  Ned M. Smith ,  Tarun Viswanathan

IPC: H04L9/40 ,  G06F9/4401 ,  G06F9/455 ,  G06F9/46 ,  G06F9/50 ,  G06F21/53 ,  G06F21/57 ,  G06F21/62

CPC classification number: H04L63/06 ,  G06F9/4401 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/468 ,  G06F9/5077 ,  G06F21/53 ,  G06F21/57 ,  G06F21/6209 ,  H04L63/0435 ,  H04L63/062 ,  H04L63/083 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Technologies for providing secure utilization of tenant keys include a compute device. The compute device includes circuitry configured to obtain a tenant key. The circuitry is also configured to receive encrypted data associated with a tenant. The encrypted data defines an encrypted image that is executable by the compute device to perform a workload on behalf of the tenant in a virtualized environment. Further, the circuitry is configured to utilize the tenant key to decrypt the encrypted data and execute the workload without exposing the tenant key to a memory that is accessible to another workload associated with another tenant.

公开(公告)号：US12069040B2

公开(公告)日：2024-08-20

申请号：US16957693

申请日：2018-09-28

Applicant: Intel Corporation

Inventor： Ned M. Smith

IPC: H04L9/40 ,  H04L67/142 ,  H04L67/02

CPC classification number: H04L63/0823 ,  H04L63/20 ,  H04L67/142 ,  H04L67/02

Abstract: Various systems and methods of establishing and providing credential dependency information in RESTful transactions are described. In an example, accessing credential resource dependencies may be performed by a credential management service (CMS) or other server, with operations including: receiving a request for a credential resource in a Representation State Transfer (RESTful) communication; identifying the credential resource which has a credential path that indicates a dependency associated with a credential; identifying dependency characteristics of the credential resource, based on the dependency; populating the credential resource to include a dependent credential, based on the dependency characteristics; and transmitting the populated credential resource in response to the request. In further examples, the credential resource and the credential path within the credential resource may be established, such as by defining paths to trust anchor entries, or dependencies to a trusted computing key of a trusted computing module that attests to trust properties.