Patents by Inventor Gustavo Federico PETRI
Gustavo Federico PETRI has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230418930Abstract: Aspects of the present disclosure relate to an apparatus comprising TEE circuitry configured to maintain a list of trusted devices, and interface circuitry to provide communication between the TEE of the apparatus and TEE circuitry of a device communicatively coupled to the apparatus. The TEE circuitry of the apparatus is configured to perform, with the TEE circuitry of the device, a remote attestation in respect of the TEE circuitry of the device. Responsive to a positive outcome of the remote attestation, the device is added to the list of trusted devices. The TEE of the apparatus receives, from the TEE circuitry of the device, an indication of one or more further devices which are trusted by the device, and adds said one or more further devices to the list of trusted devices.Type: ApplicationFiled: June 22, 2022Publication date: December 28, 2023Inventors: Gustavo Federico PETRI, Dominic Phillip MULLIGAN, Derek Del MILLER, Hugo John Martin VINCENT
-
Patent number: 11836260Abstract: A data processing system is provided, which comprises receiving circuitry for receiving, from a requester, a request to use decrypted data obtained by decrypting encrypted data. Trusted execution circuitry provides a trusted execution environment. The trusted execution circuitry is configured to: securely store a policy, acquire a key within the trusted execution environment, where the key is associated with the decrypted or encrypted data, and respond to the request based on the policy and one or more characteristics of the requester.Type: GrantFiled: November 25, 2020Date of Patent: December 5, 2023Assignee: ARM LIMITEDInventors: Gustavo Federico Petri, Guilhem Floréal Bryant, Dominic Phillip Mulligan, Anthony Charles Joseph Fox
-
Publication number: 20230385207Abstract: Examples of the present disclosure relate to an apparatus comprising interface circuitry to interface with one or more peripheral devices, processing circuitry to execute software to communicate with a given peripheral device of the one or more peripheral devices, trusted execution environment circuitry communicatively coupled to the interface circuitry and the processing circuitry. The trusted execution circuitry is configured to: receive a transmission from one of the processing circuitry and the given peripheral device to the other one of the processing circuitry and the given peripheral device; and apply a control policy in respect of the received transmission and, based on the control policy, determine whether to forward the received transmission to said other one of the processing circuitry and the given peripheral device.Type: ApplicationFiled: August 26, 2021Publication date: November 30, 2023Inventors: Gustavo Federico PETRI, Guilhem Floréal BRYANT, Nicholas Costas SPINALE, Dominic Phillip MULLIGAN
-
Publication number: 20230300175Abstract: There is provided a network node coordinator system. Communication circuitry communicates, via a network, with one or more network nodes. Receive circuitry receives a global policy that describes a security policy to be applied across the network. Policy processing circuitry specialises the global policy and produces, for each of the one or more network nodes, an associated local policy specific to that network node. Transmit circuitry transmits, to each of the one or more network nodes, the associated local policy specific to that network node.Type: ApplicationFiled: August 6, 2021Publication date: September 21, 2023Inventors: Gustavo Federico PETRI, Anthony Charles Joseph FOX, Basma EL GAABOURI
-
Patent number: 11658944Abstract: Aspects of the present disclosure relate to an apparatus comprising first interface circuitry to communicate with a first computing device and second interface circuitry to communicate with a second computing device. The first interface circuitry is configured to receive a handshake message from the first computing device. The second interface circuitry is configured to transmit the handshake message to the second computing device and to receive a handshake response message from the second computing device. The first interface circuitry is configured to transmit the handshake response message to the first computing device, whereby to establish a communication session between the first computing device and the second computing device.Type: GrantFiled: March 13, 2020Date of Patent: May 23, 2023Assignee: ARM IP LIMITEDInventors: Gustavo Federico Petri, Guilhem Floréal Bryant, Dominic Phillip Mulligan, Brendan James Moran
-
Patent number: 11513962Abstract: An apparatus comprises a write buffer to buffer store requests issued by the processing circuitry, prior to the store data being written to at least one cache. Draining circuitry detects a draining trigger event having potential to cause loss of state stored in the at least one cache. In response to the draining trigger event, the draining circuitry performs a draining operation to identify whether the write buffer buffers any committed store requests requiring persistence, and when the write buffer buffers at least one committed store request requiring persistence, to cause the store data associated with the at least one committed store request to be written to persistent memory. This helps to eliminate barrier instructions from software, simplifying persistent programming and improving performance.Type: GrantFiled: October 13, 2020Date of Patent: November 29, 2022Assignee: Arm LimitedInventors: Wei Wang, Prakash S. Ramrakhyani, Gustavo Federico Petri
-
Patent number: 11483299Abstract: Systems, methods, and hardware devices for routing traffic between first and second electronic devices are arranged such that anonymities of the first and second electronic devices are maintained. This includes coupling the first and second electronic devices to a network having a plurality of routers, each of which includes a trusted execution environment (TEE) circuit. Each TEE includes a secure routing protocol, a routing table, and an attestation circuitry. Cryptographically secured channels are formed between pairs of the routers that terminate at the TEE. Each of routers executes an attestation procedure, and an ad hoc path is generated within the network based upon the secure routing protocol, the routing table, and the attestation procedure, wherein the ad hoc path includes a subset of the plurality of routers of the network. Traffic is routed between the first electronic device and the second electronic device via the ad hoc path.Type: GrantFiled: October 21, 2020Date of Patent: October 25, 2022Assignee: Arm LimitedInventors: Gustavo Federico Petri, Guilhem Floreal Bryant, Nicholas Costas Spinale
-
Publication number: 20220164458Abstract: A data processing system is provided, which comprises receiving circuitry for receiving, from a requester, a request to use decrypted data obtained by decrypting encrypted data. Trusted execution circuitry provides a trusted execution environment. The trusted execution circuitry is configured to: securely store a policy, acquire a key within the trusted execution environment, where the key is associated with the decrypted or encrypted data, and respond to the request based on the policy and one or more characteristics of the requester.Type: ApplicationFiled: November 25, 2020Publication date: May 26, 2022Inventors: Gustavo Federico PETRI, Guilhem Floréal BRYANT, Dominic Phillip MULLIGAN, Anthony Charles Joseph FOX
-
Publication number: 20220124074Abstract: Systems, methods, and hardware devices for routing traffic between first and second electronic devices are arranged such that anonymities of the first and second electronic devices are maintained. This includes coupling the first and second electronic devices to a network having a plurality of routers, each of which includes a trusted execution environment (TEE) circuit. Each TEE includes a secure routing protocol, a routing table, and an attestation circuitry. Cryptographically secured channels are formed between pairs of the routers that terminate at the TEE. Each of routers executes an attestation procedure, and an ad hoc path is generated within the network based upon the secure routing protocol, the routing table, and the attestation procedure, wherein the ad hoc path includes a subset of the plurality of routers of the network. Traffic is routed between the first electronic device and the second electronic device via the ad hoc path.Type: ApplicationFiled: October 21, 2020Publication date: April 21, 2022Applicant: Arm LimitedInventors: Gustavo Federico Petri, Guilhem Floreal Bryant, Nicholas Costas Spinale
-
Publication number: 20220114102Abstract: An apparatus comprises a write buffer to buffer store requests issued by the processing circuitry, prior to the store data being written to at least one cache. Draining circuitry detects a draining trigger event having potential to cause loss of state stored in the at least one cache. In response to the draining trigger event, the draining circuitry performs a draining operation to identify whether the write buffer buffers any committed store requests requiring persistence, and when the write buffer buffers at least one committed store request requiring persistence, to cause the store data associated with the at least one committed store request to be written to persistent memory. This helps to eliminate barrier instructions from software, simplifying persistent programming and improving performance.Type: ApplicationFiled: October 13, 2020Publication date: April 14, 2022Inventors: Wei WANG, Prakash S. RAMRAKHYANI, Gustavo Federico PETRI
-
Publication number: 20210288944Abstract: Aspects of the present disclosure relate to an apparatus comprising first interface circuitry to communicate with a first computing device and second interface circuitry to communicate with a second computing device. The first interface circuitry is configured to receive a handshake message from the first computing device. The second interface circuitry is configured to transmit the handshake message to the second computing device and to receive a handshake response message from the second computing device. The first interface circuitry is configured to transmit the handshake response message to the first computing device, whereby to establish a communication session between the first computing device and the second computing device.Type: ApplicationFiled: March 13, 2020Publication date: September 16, 2021Inventors: Gustavo Federico PETRI, Guilhem Floréal BRYANT, Dominic Phillip MULLIGAN, Brendan James MORAN