Patents by Inventor Adrian R. Pearson
Adrian R. Pearson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11651092Abstract: Various embodiments are generally directed to an apparatus, method and other techniques to determine a secure memory region for a transaction, the secure memory region associated with a security association context to perform one or more of an encryption/decryption operation and an authentication operation for the transaction, perform one or more of the encryption/decryption operation and the authentication operation for the transaction based on the security association context, and cause communication of the transaction.Type: GrantFiled: April 22, 2021Date of Patent: May 16, 2023Assignee: INTEL CORPORATIONInventors: Brian S. Hausauer, Lokpraveen B. Mosur, Tony Hurson, Patrick Fleming, Adrian R. Pearson
-
Publication number: 20210264042Abstract: Various embodiments are generally directed to an apparatus, method and other techniques to determine a secure memory region for a transaction, the secure memory region associated with a security association context to perform one or more of an encryption/decryption operation and an authentication operation for the transaction, perform one or more of the encryption/decryption operation and the authentication operation for the transaction based on the security association context, and cause communication of the transaction.Type: ApplicationFiled: April 22, 2021Publication date: August 26, 2021Applicant: INTEL CORPORATIONInventors: BRIAN S. HAUSAUER, Lokpraveen B. Mosur, Tony Hurson, Patrick Fleming, Adrian R. Pearson
-
Patent number: 11042657Abstract: Various embodiments are generally directed to an apparatus, method and other techniques to de determine a secure memory region for a transaction, the secure memory region associated with a security association context to perform one or more of an encryption/decryption operation and an authentication operation for the transaction, perform one or more of the encryption/decryption operation and the authentication operation for the transaction based on the security association context, and cause communication of the transaction.Type: GrantFiled: September 30, 2017Date of Patent: June 22, 2021Assignee: INTEL CORPORATIONInventors: Brian S. Hausauer, Lokpraveen B. Mosur, Tony Hurson, Patrick Fleming, Adrian R. Pearson
-
Patent number: 10911250Abstract: Various embodiments are directed to a system for accessing a self-encrypting drive (SED) based on a blind challenge authentication response mechanism (BCRAM). An SED may be authenticated within a system, for example, upon resuming from a sleep state, based on a challenge generated within the SED, signed using a private key by a trusted execution environment (TEE) and authenticated using a corresponding public key within the SED.Type: GrantFiled: January 15, 2018Date of Patent: February 2, 2021Assignee: INTEL CORPORATIONInventors: Adrian R. Pearson, Jason R. Cox, James Chu
-
Patent number: 10592477Abstract: Systems, apparatuses and methods may provide for technology that digitally signs a hash table and a data payload, wherein the data payload is partitioned into a plurality of storage blocks and the hash table specifies how to index into and individually authenticate the plurality of storage blocks. Additionally, a write of the digitally signed hash table and data payload may be initiated to an aggregate storage array. In one example, the aggregate storage array authenticates the digital signature of the hash table and the data payload and conducts a write of the data payload to a plurality of drives in the aggregate storage array in accordance with the hash table.Type: GrantFiled: June 29, 2017Date of Patent: March 17, 2020Assignee: Intel CorporationInventors: Adrian R. Pearson, Jawad B. Khan
-
Patent number: 10482278Abstract: A system for securing electronic devices includes a storage device including a storage device controller processor, at least one non-transitory machine readable storage medium in firmware of the storage device communicatively coupled to the storage device controller processor, and a monitor application comprising computer-executable instructions on the medium. The instructions are readable by the storage device controller processor. The monitor application is configured to provision one or more read-only areas of the storage device, provision a candidate copy area of the storage device, reduce a maximum capacity available for user data on the storage device by a size of the read-only areas and the candidate copy area, and secure access to the read-only areas of the storage device.Type: GrantFiled: March 8, 2019Date of Patent: November 19, 2019Assignee: McAfee, LLCInventors: Adrian R. Pearson, Sergiu D. Ghetie, Thomas R. Bowen, Gamil A. Cain, Jason Cox, Faraz A. Siddiqi, Neeraj S. Upasani
-
Patent number: 10355858Abstract: Provided are an apparatus, system, and method authenticating a system to access diagnostic interface in a storage device. The storage device includes a computer readable storage medium implemented to store data and a controller. The controller receives a request from the computer system to initiate a cryptographic nonce to access diagnostic interface in the storage device. The controller generates a nonce and returns to the computer system. Upon receiving an unlock request from the computer system to access the diagnostic interface including a signed nonce comprising at least the nonce encrypted with a private key by the authorized unlock system, the controller uses a public key that is a cryptographic pair with the private key to decrypt the signed nonce to determine whether to grant the computer system access to the diagnostic interface in the storage device.Type: GrantFiled: March 30, 2016Date of Patent: July 16, 2019Assignee: INTEL CORPORATIONInventors: Brandon Collier, Thomas R. Bowen, Adrian R. Pearson, Jason R. Cox
-
Publication number: 20190205560Abstract: A system for securing electronic devices includes a storage device including a storage device controller processor, at least one non-transitory machine readable storage medium in firmware of the storage device communicatively coupled to the storage device controller processor, and aa monitor application comprising computer-executable instructions on the medium. The instructions are readable by the storage device controller processor. The monitor application is configured to provision one or more read-only areas of the storage device, provision a candidate copy area of the storage device, reduce a maximum capacity available for user data on the storage device by a size of the read-only areas and the candidate copy area, and secure access to the read-only areas of the storage device.Type: ApplicationFiled: March 8, 2019Publication date: July 4, 2019Inventors: Adrian R. Pearson, Sergiu D. Ghetie, Thomas R. Bowen, Gamil A. Cain, Jason Cox, Faraz A. Siddiqi, Neeraj S. Upasani
-
Publication number: 20190102568Abstract: Various embodiments are generally directed to an apparatus, method and other techniques to de determine a secure memory region for a transaction, the secure memory region associated with a security association context to perform one or more of an encryption/decryption operation and an authentication operation for the transaction, perform one or more of the encryption/decryption operation and the authentication operation for the transaction based on the security association context, and cause communication of the transaction.Type: ApplicationFiled: September 30, 2017Publication date: April 4, 2019Inventors: BRIAN S. HAUSAUER, LOKPRAVEEN B. MOSUR, TONY HURSON, PATRICK FLEMING, ADRIAN R. PEARSON
-
Patent number: 10229281Abstract: A system for securing electronic devices includes a storage device including a storage device controller processor, at least one non-transitory machine readable storage medium in firmware of the storage device communicatively coupled to the storage device controller processor, and a monitor application comprising computer-executable instructions on the medium. The instructions are readable by the storage device controller processor. The monitor application is configured to provision one or more read-only areas of the storage device, provision a candidate copy area of the storage device, reduce a maximum capacity available for user data on the storage device by a size of the read-only areas and the candidate copy area, and secure access to the read-only areas of the storage device.Type: GrantFiled: April 1, 2016Date of Patent: March 12, 2019Assignee: McAfee, LLCInventors: Adrian R. Pearson, Sergiu D. Ghetie, Thomas R. Bowen, Gamil A. Cain, Jason Cox, Faraz A. Siddiqi, Neeraj S. Upasani
-
Publication number: 20190005063Abstract: Systems, apparatuses and methods may provide for technology that digitally signs a hash table and a data payload, wherein the data payload is partitioned into a plurality of storage blocks and the hash table specifies how to index into and individually authenticate the plurality of storage blocks. Additionally, a write of the digitally signed hash table and data payload may be initiated to an aggregate storage array. In one example, the aggregate storage array authenticates the digital signature of the hash table and the data payload and conducts a write of the data payload to a plurality of drives in the aggregate storage array in accordance with the hash table.Type: ApplicationFiled: June 29, 2017Publication date: January 3, 2019Inventors: Adrian R. Pearson, Jawad B. Khan
-
Publication number: 20180176024Abstract: Various embodiments are directed to a system for accessing a self-encrypting drive (SED) based on a blind challenge authentication response mechanism (BCRAM). An SED may be authenticated within a system, for example, upon resuming from a sleep state, based on a challenge generated within the SED, signed using a private key by a trusted execution environment (TEE) and authenticated using a corresponding public key within the SED.Type: ApplicationFiled: January 15, 2018Publication date: June 21, 2018Applicant: INTEL CORPORATIONInventors: ADRIAN R. PEARSON, JASON R. COX, JAMES CHU
-
Patent number: 9871663Abstract: Various embodiments are directed to a system for accessing a self-encrypting drive (SED) based on a blind challenge authentication response mechanism (BCRAM). An SED may be authenticated within a system, for example, upon resuming from a sleep state, based on a challenge generated within the SED, signed using a private key by a trusted execution environment (TEE) and authenticated using a corresponding public key within the SED.Type: GrantFiled: March 25, 2015Date of Patent: January 16, 2018Assignee: INTEL CORPORATIONInventors: Adrian R. Pearson, Jason R. Cox, James Chu
-
Publication number: 20170288867Abstract: Provided are an apparatus, system, and method authenticating a system to access diagnostic interface in a storage device. The storage device includes a computer readable storage medium implemented to store data and a controller. The controller receives a request from the computer system to initiate a cryptographic nonce to access diagnostic interface in the storage device. The controller generates a nonce and returns to the computer system. Upon receiving an unlock request from the computer system to access the diagnostic interface including a signed nonce comprising at least the nonce encrypted with a private key by the authorized unlock system, the controller uses a public key that is a cryptographic pair with the private key to decrypt the signed nonce to determine whether to grant the computer system access to the diagnostic interface in the storage device.Type: ApplicationFiled: March 30, 2016Publication date: October 5, 2017Inventors: Brandon COLLIER, Thomas R. BOWEN, Adrian R. PEARSON, Jason R. COX
-
Publication number: 20170235958Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to initialize a platform. An example disclosed apparatus includes a boot loader manager to prevent operating system loading in response to detecting a power-on condition, a context manager to retrieve first context information associated with the platform, and a policy manager to identify a first operating system based on the first context information, the policy manager to authorize the boot loader manager to load the first operating system.Type: ApplicationFiled: February 27, 2017Publication date: August 17, 2017Inventors: Hormuzd M. Khosravi, Adrian R. Pearson, Ned M. Smith, Abhilasha Bhargav-Spantzel
-
Publication number: 20170111388Abstract: A system for securing electronic devices includes a processor, a storage medium communicatively coupled to the processor, and a secured storage communicatively coupled to the client. The system further includes a client application including computer-executable instructions on the medium. The instructions are readable by the processor. The application is configured to manage a trusted image of software of a client in a secured storage and, upon a signal indicating malware on the client, restore the trusted image to the client independent of an operating system and user processes of the client.Type: ApplicationFiled: April 1, 2016Publication date: April 20, 2017Inventors: Kunal Mehta, Dmitri Rubakha, Carl D. Woodward, Steven L. Grobman, Adrian R. Pearson, Faraz A. Siddiqi
-
Publication number: 20170103225Abstract: A system for securing electronic devices includes a storage device including a storage device controller processor, at least one non-transitory machine readable storage medium in firmware of the storage device communicatively coupled to the storage device controller processor, and a monitor application comprising computer-executable instructions on the medium. The instructions are readable by the storage device controller processor. The monitor application is configured to provision one or more read-only areas of the storage device, provision a candidate copy area of the storage device, reduce a maximum capacity available for user data on the storage device by a size of the read-only areas and the candidate copy area, and secure access to the read-only areas of the storage device.Type: ApplicationFiled: April 1, 2016Publication date: April 13, 2017Inventors: Adrian R. Pearson, Sergiu D. Ghetie, Thomas R. Bowen, Gamil A. Cain, Jason Cox, Faraz A. Siddiqi, Neeraj S. Upasani
-
Patent number: 9619242Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to initialize a platform. An example disclosed apparatus includes a boot loader manager to prevent operating system loading in response to detecting a power-on condition, a context manager to retrieve first context information associated with the platform, and a policy manager to identify a first operating system based on the first context information, the policy manager to authorize the boot loader manager to load the first operating system.Type: GrantFiled: December 23, 2014Date of Patent: April 11, 2017Assignee: Intel CorporationInventors: Hormuzd M. Khosravi, Adrian R. Pearson, Ned M. Smith, Abhilasha Bhargav-Spantzel
-
Patent number: 9542114Abstract: A disclosed example involves managing power states, signing a suspend-to-RAM (STR) data structure by: generating a header key, a scatter/gather table key and a dynamic random access memory (DRAM) key using a root key generated by the secure processor. Generating a header signature using the header key, the header signature based on a table header and a random or pseudo-random value. Generating a scatter/gather table signature using the scatter/gather table key, the scatter/gather table signature based on a scatter/gather table header and a random or pseudo-random value. Generating a DRAM signature using the DRAM key and a value from a region of DRAM. Storing the header signature, the scatter/gather table signature and the DRAM signature in the STR data structure. Resume the processor system from the low-power mode when the data structure is valid based on a comparison of a first signature and a second signature.Type: GrantFiled: June 20, 2016Date of Patent: January 10, 2017Assignee: Intel CorporationInventors: Adrian R. Pearson, Christopher Andrew Thornburg, Steven J. Brown, Peter R. Munguia
-
Patent number: 9472302Abstract: In accordance with some embodiments, fuse information may be written into a fuse array in a way that provides sufficient redundancy, making it harder for malicious parties to attack the fuse array.Type: GrantFiled: March 7, 2013Date of Patent: October 18, 2016Assignee: Intel CorporationInventors: Jason G. Sandri, Steve J. Brown, Peter R. Munguia, Monib Ahmed, Adrian R. Pearson