-
公开(公告)号:US20190138739A1
公开(公告)日:2019-05-09
申请号:US16221298
申请日:2018-12-14
Applicant: Intel Corporation
Inventor: Kekai Hu , Amitabh Das
IPC: G06F21/60 , G06F16/2455 , H04L9/12 , G06F21/76 , H04L9/32
Abstract: A programmable logic device that is interposed between a client device and a database server is provided. The client device may issue read and write queries to the programmable logic device. The programmable logic device may serve as a cache. For read queries, confidential data that is stored locally on the programmable device or retrieved from the database server may be encrypted before sending it back to the client device. Non-confidential data may be left unencrypted and can be sent back to the client device in unencrypted form. The programmable logic device may be partially reconfigured during runtime to update database securities settings without causing unnecessary downtime for the overall system.
-
2.发明授权公开(公告)号:US11082432B2
公开(公告)日:2021-08-03
申请号:US15831633
申请日:2017-12-05
Applicant: Intel Corporation
Inventor: Michael Kounavis , Amitabh Das , Sergej Deutsch , Karanvir S. Grewal , David M. Durham
Abstract: Before sending a message to a destination device, a source device automatically uses a pattern matching algorithm to analyze entropy characteristics of a plaintext version of the message. The pattern matching algorithm uses at least one pattern matching test to generate at least one entropy metric for the message. The source device automatically determines whether the message has sufficiently low entropy, based on results of the pattern matching algorithm. In response to a determination that the message does not have sufficiently low entropy, the source device automatically generates integrity metadata for the message and sends the integrity metadata to the destination device. However, in response to a determination that the message has sufficiently low entropy, the source device sends the message to the destination device without sending any integrity metadata for the message to the destination device. Other embodiments are described and claimed.
-
公开(公告)号:US10929527B2
公开(公告)日:2021-02-23
申请号:US15848962
申请日:2017-12-20
Applicant: INTEL CORPORATION
Inventor: Michael Kounavis , David Durham , Sergej Deutsch , Saeedeh Komijani , Amitabh Das
Abstract: Logic may implement implicit integrity techniques to maintain integrity of data. Logic may perform operations on data stored in main memory, cache, flash, data storage, or any other memory. Logic may perform more than one pattern check to determine repetitions of entities within the data. Logic may determine entropy index values and/or Boolean values and/or may compare the results to threshold values to determine if a data unit is valid. Logic may merge a tag with the data unit without expanding the data unit to create an encoded data unit. Logic may decode and process the encoded data unit to determine the data unit and the tag. Logic may determine value histograms for two or more entities, determine a sum of repetitions of the two or more entities, and compare the sum to a threshold value. Logic may determine that a data unit is valid or is corrupted.
-
公开(公告)号:US20160372913A1
公开(公告)日:2016-12-22
申请号:US14746514
申请日:2015-06-22
Applicant: Intel Corporation
Inventor: Seyed-Abdollah Aftabjahani , Amitabh Das
IPC: H02H3/20
CPC classification number: G11C5/00 , G06F21/81 , H01L27/0251 , H02H3/20 , H02H3/202
Abstract: An embodiment includes an apparatus comprising: power supply pins to couple to a power supply; a protection block, including a first transistor, to: (a) determine whether voltage from the power supply pins meets a predetermined condition, and (b) in response to determining whether the predetermined condition is met, communicate a first communication to at least one of first and second function blocks; and the first function block, coupled to the protection block and the power supply pins, including a second transistor and at least one fuse that corresponds to a security key; wherein the first transistor is at least one of: (a) connected in series with at least one other transistor, and (b) having a first gate oxide breakdown voltage that is greater than a second gate oxide breakdown voltage of the second transistor. Other embodiments are described herein.
Abstract translation: 实施例包括一种装置,包括:电源引脚以耦合到电源; 包括第一晶体管的保护块,以:(a)确定来自所述电源引脚的电压是否满足预定条件,以及(b)响应于确定是否满足所述预定条件,将第一通信传达到至少一个 的第一和第二功能块; 以及耦合到保护块和电源引脚的第一功能块,包括第二晶体管和对应于安全密钥的至少一个熔丝; 其中所述第一晶体管是以下至少一个:(a)与至少一个其它晶体管串联连接,以及(b)具有大于所述第二晶体管的第二栅极氧化物击穿电压的第一栅极氧化物击穿电压。 本文描述了其它实施例。
-
5.发明申请公开(公告)号:US20210266330A1
公开(公告)日:2021-08-26
申请号:US17319135
申请日:2021-05-13
Applicant: Intel Corporation
Inventor: Michael Kounavis , Amitabh Das , Sergej Deutsch , Karanvir S. Grewal , David M. Durham
Abstract: A data processing system includes technology to enable implicit integrity to be used for digital communications. That technology comprises a hardware processor and an implicit integrity engine (IIE) responsive to the processor. For instance, in response to the data processing system receiving a communication that contains a message, the IIE is to automatically analyze the communication to determine whether the message was sent with implicit integrity. If the message was sent with implicit integrity, the IIE is to automatically use a pattern matching algorithm to analyze entropy characteristics of a plaintext version of the message, and to automatically determine whether the message has low entropy, based on results of the pattern matching algorithm and a predetermined entropy threshold. If the message does not have low entropy, the IIE is to automatically determine that the message has been corrupted. Other embodiments are described and claimed.
-
Patent Agency Ranking
公开(公告)号:US20190042734A1
公开(公告)日:2019-02-07
申请号:US15848962
申请日:2017-12-20
Applicant: INTEL CORPORATION
Inventor: Michael Kounavis , David Durham , Sergej Deutsch , Saeedeh Komijani , Amitabh Das
Abstract: Logic may implement implicit integrity techniques to maintain integrity of data. Logic may perform operations on data stored in main memory, cache, flash, data storage, or any other memory. Logic may perform more than one pattern check to determine repetitions of entities within the data. Logic may determine entropy index values and/or Boolean values and/or may compare the results to threshold values to determine if a data unit is valid. Logic may merge a tag with the data unit without expanding the data unit to create an encoded data unit. Logic may decode and process the encoded data unit to determine the data unit and the tag. Logic may determine value histograms for two or more entities, determine a sum of repetitions of the two or more entities, and compare the sum to a threshold value. Logic may determine that a data unit is valid or is corrupted.
-
公开(公告)号:US11562063B2
公开(公告)日:2023-01-24
申请号:US17114246
申请日:2020-12-07
Applicant: INTEL CORPORATION
Inventor: Michael Lemay , David M. Durham , Michael E. Kounavis , Barry E. Huntley , Vedvyas Shanbhogue , Jason W. Brandt , Josh Triplett , Gilbert Neiger , Karanvir Grewal , Baiju Patel , Ye Zhuang , Jr-Shian Tsai , Vadim Sukhomlinov , Ravi Sahita , Mingwei Zhang , James C. Farwell , Amitabh Das , Krishna Bhuyan
Abstract: Disclosed embodiments relate to encoded inline capabilities. In one example, a system includes a trusted execution environment (TEE) to partition an address space within a memory into a plurality of compartments each associated with code to execute a function, the TEE further to assign a message object in a heap to each compartment, receive a request from a first compartment to send a message block to a specified destination compartment, respond to the request by authenticating the request, generating a corresponding encoded capability, conveying the encoded capability to the destination compartment, and scheduling the destination compartment to respond to the request, and subsequently, respond to a check capability request from the destination compartment by checking the encoded capability and, when the check passes, providing a memory address to access the message block, and, otherwise, generating a fault, wherein each compartment is isolated from other compartments.
-
8.发明申请公开(公告)号:US20190044954A1
公开(公告)日:2019-02-07
申请号:US15831633
申请日:2017-12-05
Applicant: Intel Corporation
Inventor: Michael Kounavis , Amitabh Das , Sergej Deutsch , Karanvir S. Grewal , David M. Durham
Abstract: Before sending a message to a destination device, a source device automatically uses a pattern matching algorithm to analyze entropy characteristics of a plaintext version of the message. The pattern matching algorithm uses at least one pattern matching test to generate at least one entropy metric for the message. The source device automatically determines whether the message has sufficiently low entropy, based on results of the pattern matching algorithm. In response to a determination that the message does not have sufficiently low entropy, the source device automatically generates integrity metadata for the message and sends the integrity metadata to the destination device. However, in response to a determination that the message has sufficiently low entropy, the source device sends the message to the destination device without sending any integrity metadata for the message to the destination device. Other embodiments are described and claimed.
-
9.发明授权公开(公告)号:US11496486B2
公开(公告)日:2022-11-08
申请号:US17319135
申请日:2021-05-13
Applicant: Intel Corporation
Inventor: Michael Kounavis , Amitabh Das , Sergej Deutsch , Karanvir S. Grewal , David M. Durham
Abstract: A data processing system includes technology to enable implicit integrity to be used for digital communications. That technology comprises a hardware processor and an implicit integrity engine (IIE) responsive to the processor. For instance, in response to the data processing system receiving a communication that contains a message, the IIE is to automatically analyze the communication to determine whether the message was sent with implicit integrity. If the message was sent with implicit integrity, the IIE is to automatically use a pattern matching algorithm to analyze entropy characteristics of a plaintext version of the message, and to automatically determine whether the message has low entropy, based on results of the pattern matching algorithm and a predetermined entropy threshold. If the message does not have low entropy, the IIE is to automatically determine that the message has been corrupted. Other embodiments are described and claimed.
-
公开(公告)号:US11475145B2
公开(公告)日:2022-10-18
申请号:US16221298
申请日:2018-12-14
Applicant: Intel Corporation
Inventor: Kekai Hu , Amitabh Das
IPC: G06F21/60 , G06F16/2455 , H04L9/12 , G06F21/76 , H04L9/32
Abstract: A programmable logic device that is interposed between a client device and a database server is provided. The client device may issue read and write queries to the programmable logic device. The programmable logic device may serve as a cache. For read queries, confidential data that is stored locally on the programmable device or retrieved from the database server may be encrypted before sending it back to the client device. Non-confidential data may be left unencrypted and can be sent back to the client device in unencrypted form. The programmable logic device may be partially reconfigured during runtime to update database securities settings without causing unnecessary downtime for the overall system.
-
-
-
-
-
-
-
-
-
Search Results
12
records
(took 0.015 seconds)
