Patents by Inventor Anand Rajan

Anand Rajan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10554634
    Abstract: Techniques for sharing private data objects in a trusted execution environment using a distributed ledger are described. The techniques described herein may enable sharing of data objects, referred to herein as private data objects (PDOs), between individuals and organizations with access and update policies mediated by execution of code (referred to herein as a “smart contract”) carried with the PDO in a secure enclave. A distributed ledger may serve as a “public commit log” to ensure that there is a single, authoritative instance of the object and provide a means of guaranteeing atomicity of updates across interacting objects.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: February 4, 2020
    Assignee: INTEL CORPORATION
    Inventors: Mic Bowman, Andrea Miele, James P. Held, Anand Rajan
  • Patent number: 10284368
    Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processor. In one embodiments, a key provisioner/tester apparatus may include a memory device to receive a unique hardware key generated by a first logic of a processor. The key provisioner/tester apparatus may further include a cipher device to permanently store an encrypted first key in nonvolatile memory of the processor, detect whether the stored encrypted first key is valid, and to isolate at least one of the first logic and the nonvolatile memory of the processor from all sources that are exterior to the processor in response to detecting that the stored encrypted first key is valid.
    Type: Grant
    Filed: January 5, 2017
    Date of Patent: May 7, 2019
    Assignee: Intel Corporation
    Inventors: Jiangtao Li, Anand Rajan, Roel Maes, Sanu K Mathew, Ram Krishnamurthy, Ernie Brickell
  • Publication number: 20190058696
    Abstract: Techniques for sharing private data objects in a trusted execution environment using a distributed ledger are described. The techniques described herein may enable sharing of data objects, referred to herein as private data objects (PDOs), between individuals and organizations with access and update policies mediated by execution of code (referred to herein as a “smart contract”) carried with the PDO in a secure enclave. A distributed ledger may serve as a “public commit log” to ensure that there is a single, authoritative instance of the object and provide a means of guaranteeing atomicity of updates across interacting objects.
    Type: Application
    Filed: September 29, 2017
    Publication date: February 21, 2019
    Applicant: INTEL CORPORATION
    Inventors: Mic Bowman, Andrea Miele, James P. Held, Anand Rajan
  • Patent number: 9911107
    Abstract: Generally, this disclosure describes a method and system for automated check-out and drop-off return of products using a mobile device. A method may include purchasing at least one product of a plurality of products wherein each product is located at a respective associated product location in a store that sells the plurality of products and a point of sale of each purchased product corresponds to the respective associated product location.
    Type: Grant
    Filed: February 27, 2012
    Date of Patent: March 6, 2018
    Assignee: INTEL CORPORATION
    Inventors: Hong Li, Eddie Balthasar, Taeho Kgil, Anand Rajan, Mark H. Price
  • Publication number: 20170288869
    Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processor/apparatus. In one embodiment, the apparatus includes a physically unclonable functions (PUF) circuit to generate a hardware key based on at least one manufacturing variation of the apparatus and a nonvolatile memory coupled to the PUF circuit, the nonvolatile memory to store an encrypted key, the encrypted key comprising a first key encrypted using the hardware key. The apparatus further includes a hardware cipher component coupled to the nonvolatile memory and the PUF circuit, the hardware cipher component to decrypt the encrypted key stored in the nonvolatile memory with at least the hardware key to generate a decrypted copy of the first key and fixed logic circuitry coupled to the PUF circuit and the hardware cipher component, the fixed logic circuitry to verify that the decrypted copy of the first key is valid.
    Type: Application
    Filed: June 20, 2017
    Publication date: October 5, 2017
    Inventors: Jiangtao Li, Anand Rajan, Roel Maes, Sanu K. Mathew, Ram Krishnamurthy, Ernie Brickell
  • Patent number: 9769129
    Abstract: An apparatus for sharing information between entities includes a processor and a trusted execution module executing on the processor. The trusted execution module is configured to receive first confidential information from a first client device associated with a first entity, seal the first confidential information within a trusted execution environment, receive second confidential information from a second client device associated with a second entity, seal the second confidential information within the trusted execution environment, and execute code within the trusted execution environment. The code is configured to compute a confidential result based upon the first confidential information and the second confidential information.
    Type: Grant
    Filed: October 26, 2015
    Date of Patent: September 19, 2017
    Assignee: Intel Corporation
    Inventors: Vinay Phegade, Anand Rajan, Simon Johnson, Vincent Scarlata, Carlos Rozas, Nikhil Deshpande
  • Publication number: 20170126405
    Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processor. In one embodiments, a key provisioner/tester apparatus may include a memory device to receive a unique hardware key generated by a first logic of a processor. The key provisioner/tester apparatus may further include a cipher device to permanently store an encrypted first key in nonvolatile memory of the processor, detect whether the stored encrypted first key is valid, and to isolate at least one of the first logic and the nonvolatile memory of the processor from all sources that are exterior to the processor in response to detecting that the stored encrypted first key is valid.
    Type: Application
    Filed: January 5, 2017
    Publication date: May 4, 2017
    Inventors: Jiangtao Li, Anand Rajan, Roel Maes, Sanu K Mathew, Ram Krishnamurthy, Ernie Brickell
  • Patent number: 9544141
    Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processors. A processor may include physically unclonable functions component, which may generate a unique hardware key based at least on at least one physical characteristic of the processor. The hardware key may be employed in encrypting a key such as a secret key. The encrypted key may be stored in a memory of the processor. The encrypted key may be validated. The integrity of the key may be protected by communicatively isolating at least one component of the processor.
    Type: Grant
    Filed: December 29, 2011
    Date of Patent: January 10, 2017
    Assignee: Intel Corporation
    Inventors: Jiangtao Li, Anand Rajan, Roel Maes, Sanu K Mathew, Ram Krishnamurthy, Ernie Brickell
  • Publication number: 20160379207
    Abstract: An apparatus for aggregating secured credentials is described herein. The apparatus includes a processor and a memory. The memory includes code causing the processor to provision a plurality of secured credentials on the apparatus. The code causes the processor to isolate the secured credentials from each other in the memory. The code also causes the processor to emulate a selected secured credential from the secured credentials for a transaction.
    Type: Application
    Filed: June 25, 2015
    Publication date: December 29, 2016
    Applicant: INTEL CORPORATION
    Inventors: Patrick Koeberl, Nikhil M. Deshpande, Anand Rajan
  • Patent number: 9390291
    Abstract: A processor of an aspect includes root key generation logic to generate a root key. The root key generation logic includes a source of static and entropic bits. The processor also includes key derivation logic coupled with the root key generation logic. The key derivation logic is to derive one or more keys from the root key. The processor also includes cryptographic primitive logic coupled with the root key generation logic. The cryptographic primitive logic is to perform cryptographic operations. The processor also includes a security boundary containing the root key generation logic, the key derivation logic, and the cryptographic primitive logic. Other processors, methods, and systems are also disclosed.
    Type: Grant
    Filed: December 29, 2012
    Date of Patent: July 12, 2016
    Assignee: Intel Corporation
    Inventors: George W. Cox, David Johnston, Jiangtao Li, Anand Rajan
  • Patent number: 9262256
    Abstract: Dark-bit masking technologies for physically unclonable function (PUF) components are described. A computing system includes a processor core and a secure key manager component coupled to the processor core. The secure key manager includes the PUF component, and a dark-bit masking circuit coupled to the PUF component. The dark-bit masking circuit is to measure a PUF value of the PUF component multiple times during a dark-bit window to detect whether the PUF value of the PUF component is a dark bit. The dark bit indicates that the PUF value of the PUF component is unstable during the dark-bit window. The dark-bit masking circuit is to output the PUF value as an output PUF bit of the PUF component when the PUF value is not the dark bit and set the output PUF bit to be a specified value when the PUF value of the PUF component is the dark bit.
    Type: Grant
    Filed: December 24, 2013
    Date of Patent: February 16, 2016
    Assignee: Intel Corporation
    Inventors: Sanu K. Mathew, Sudhir K. Satpathy, Patrick Koeberl, Jiangtao Li, Ram K. Krishnamurthy, Anand Rajan
  • Publication number: 20160044005
    Abstract: An apparatus for sharing information between entities includes a processor and a trusted execution module executing on the processor. The trusted execution module is configured to receive first confidential information from a first client device associated with a first entity, seal the first confidential information within a trusted execution environment, receive second confidential information from a second client device associated with a second entity, seal the second confidential information within the trusted execution environment, and execute code within the trusted execution environment. The code is configured to compute a confidential result based upon the first confidential information and the second confidential information.
    Type: Application
    Filed: October 26, 2015
    Publication date: February 11, 2016
    Applicant: INTEL CORPORATION
    Inventors: VINAY PHEGADE, ANAND RAJAN, Simon Johnson, Vincent Scarlata, Carlos Rozas, Nikhil Deshpande
  • Patent number: 9171163
    Abstract: An apparatus for sharing information between entities includes a processor and a trusted execution module executing on the processor. The trusted execution module is configured to receive first confidential information from a first client device associated with a first entity, seal the first confidential information within a trusted execution environment, receive second confidential information from a second client device associated with a second entity, seal the second confidential information within the trusted execution environment, and execute code within the trusted execution environment. The code is configured to compute a confidential result based upon the first confidential information and the second confidential information.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: October 27, 2015
    Assignee: Intel Corporation
    Inventors: Vinay Phegade, Anand Rajan, Simon Johnson, Vincent Scarlata, Carlos Rozas, Nikhil Deshpande
  • Publication number: 20150178143
    Abstract: Dark-bit masking technologies for physically unclonable function (PUF) components are described. A computing system includes a processor core and a secure key manager component coupled to the processor core. The secure key manager includes the PUF component, and a dark-bit masking circuit coupled to the PUF component. The dark-bit masking circuit is to measure a PUF value of the PUF component multiple times during a dark-bit window to detect whether the PUF value of the PUF component is a dark bit. The dark bit indicates that the PUF value of the PUF component is unstable during the dark-bit window. The dark-bit masking circuit is to output the PUF value as an output PUF bit of the PUF component when the PUF value is not the dark bit and set the output PUF bit to be a specified value when the PUF value of the PUF component is the dark bit.
    Type: Application
    Filed: December 24, 2013
    Publication date: June 25, 2015
    Inventors: Sanu K. Mathew, Sudhir K. Satpathy, Patrick Koeberl, Jiangtao Li, Ram K. Krishnamurthy, Anand Rajan
  • Publication number: 20150112838
    Abstract: Systems, devices, and methods used to provide real-time product information for retail products and services are generally disclosed herein. One example embodiment includes a referral application operating on a smartphone, configured to correlate data from multiple sources and provide context-aware recommendations and information relevant to a product or service being evaluated by a consumer in the physical shopping environment (such as a retail store). For example, the data may be obtained from a retailer's product information database, a retailer's competitor information database, an advertiser information database, an Internet-hosted service, a social network, or similar internal or external information sources. The real-time product information may be correlated, aggregated, and displayed to the user to either facilitate the retail purchase in the store, or encourage another online or retail purchase.
    Type: Application
    Filed: December 19, 2011
    Publication date: April 23, 2015
    Inventors: Hong Li, Eddie Balthasar, Rita H Wouhaybi, Taeho Kgil, Mark Price, Anand Rajan
  • Patent number: 8928347
    Abstract: An integrated circuit substrate of an aspect includes a plurality of exposed electrical contacts. The integrated circuit substrate also includes an inaccessible set of Physically Unclonable Function (PUF) cells to generate an inaccessible set of PUF bits that are not accessible through the exposed electrical contacts. The integrated circuit substrate also includes an accessible set of PUF cells to generate an accessible set of PUF bits that are accessible through the exposed electrical contacts. Other apparatus, methods, and systems are also disclosed.
    Type: Grant
    Filed: September 28, 2012
    Date of Patent: January 6, 2015
    Assignee: Intel Corporation
    Inventors: Kevin C. Gotze, Gregory M. Iovino, Jiangtao Li, David Johnston, Sanu K. Mathew, George W. Cox, Anand Rajan
  • Publication number: 20140316919
    Abstract: Generally, this disclosure describes a method and system for automated check-out and drop-off return of products using a mobile device. A method may include purchasing at least one product of a plurality of products wherein each product is located at a respective associated product location in a store that sells the plurality of products and a point of sale of each purchased product corresponds to the respective associated product location.
    Type: Application
    Filed: February 27, 2012
    Publication date: October 23, 2014
    Inventors: Hong Li, Eddie Balthasar, Taeho Kgil, Anand Rajan, Mark H. Price
  • Publication number: 20140283098
    Abstract: An apparatus for sharing information between entities includes a processor and a trusted execution module executing on the processor. The trusted execution module is configured to receive first confidential information from a first client device associated with a first entity, seal the first confidential information within a trusted execution environment, receive second confidential information from a second client device associated with a second entity, seal the second confidential information within the trusted execution environment, and execute code within the trusted execution environment. The code is configured to compute a confidential result based upon the first confidential information and the second confidential information.
    Type: Application
    Filed: March 15, 2013
    Publication date: September 18, 2014
    Inventors: Vinay Phegade, Anand Rajan, Simon Johnson, Vincent Scarlata, Carlos Rozas, Nikhil Deshpande
  • Publication number: 20140201540
    Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processors. A processor may include physically unclonable functions component, which may generate a unique hardware key based at least on at least one physical characteristic of the processor. The hardware key may be employed in encrypting a key such as a secret key. The encrypted key may be stored in a memory of the processor. The encrypted key may be validated. The integrity of the key may be protected by communicatively isolating at least one component of the processor.
    Type: Application
    Filed: December 29, 2011
    Publication date: July 17, 2014
    Inventors: Jiangtao Li, Anand Rajan, Roel Maes, Sanu K Mathew, Ram Krishnamurthy, Ernie Brickell
  • Publication number: 20140189365
    Abstract: A processor of an aspect includes root key generation logic to generate a root key. The root key generation logic includes a source of static and entropic bits. The processor also includes key derivation logic coupled with the root key generation logic. The key derivation logic is to derive one or more keys from the root key. The processor also includes cryptographic primitive logic coupled with the root key generation logic. The cryptographic primitive logic is to perform cryptographic operations. The processor also includes a security boundary containing the root key generation logic, the key derivation logic, and the cryptographic primitive logic. Other processors, methods, and systems are also disclosed.
    Type: Application
    Filed: December 29, 2012
    Publication date: July 3, 2014
    Inventors: George W. Cox, David Johnston, Jiangtao Li, Anand Rajan