Patents by Inventor Howard C. Herbert
Howard C. Herbert has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11765239Abstract: Technologies disclosed herein provide a method for receiving at a device from a remote server, a request for state information from a first processor of the device, obtaining the state information from one or more registers of the first processor based on a request structure indicated by a first instruction of a software program executing on the device, and generating a response structure based, at least in part, on the obtained state information. The method further includes using a cryptographic algorithm and a shared key established between the device and the remote server to generate a signature based, at least in part, on the response structure, and communicating the response structure and the signature to the remote server. In more specific embodiments, both the response structure and the request structure each include a same nonce value.Type: GrantFiled: February 2, 2022Date of Patent: September 19, 2023Assignee: Intel CorporationInventors: Prashant Dewan, Siddhartha Chhabra, Uttam K. Sengupta, Howard C. Herbert
-
Publication number: 20220159081Abstract: Technologies disclosed herein provide a method for receiving at a device from a remote server, a request for state information from a first processor of the device, obtaining the state information from one or more registers of the first processor based on a request structure indicated by a first instruction of a software program executing on the device, and generating a response structure based, at least in part, on the obtained state information. The method further includes using a cryptographic algorithm and a shared key established between the device and the remote server to generate a signature based, at least in part, on the response structure, and communicating the response structure and the signature to the remote server. In more specific embodiments, both the response structure and the request structure each include a same nonce value.Type: ApplicationFiled: February 2, 2022Publication date: May 19, 2022Applicant: Intel CorporationInventors: Prashant Dewan, Siddhartha Chhabra, Uttam K. Sengupta, Howard C. Herbert
-
Patent number: 11258861Abstract: Technologies disclosed herein provide a method for receiving at a device from a remote server, a request for state information from a first processor of the device, obtaining the state information from one or more registers of the first processor based on a request structure indicated by a first instruction of a software program executing on the device, and generating a response structure based, at least in part, on the obtained state information. The method further includes using a cryptographic algorithm and a shared key established between the device and the remote server to generate a signature based, at least in part, on the response structure, and communicating the response structure and the signature to the remote server. In more specific embodiments, both the response structure and the request structure each include a same nonce value.Type: GrantFiled: June 29, 2018Date of Patent: February 22, 2022Assignee: Intel CorporationInventors: Prashant Dewan, Siddhartha Chhabra, Uttam K. Sengupta, Howard C. Herbert
-
Patent number: 10885202Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.Type: GrantFiled: September 6, 2018Date of Patent: January 5, 2021Assignee: Intel CorporationInventors: Francis X. McKeen, Carlos V. Rozas, Uday R. Savagaonkar, Simon P. Johnson, Vincent Scarlata, Michael A. Goldsmith, Ernie Brickell, Jiang Tao Li, Howard C. Herbert, Prashant Dewan, Stephen J. Tolopka, Gilbert Neiger, David Durham, Gary Graunke, Bernard Lint, Don A. Van Dyke, Joseph Cihula, Stalinselvaraj Jeyasingh, Stephen R. Van Doren, Dion Rodgers, John Garney, Asher Altman
-
Patent number: 10754703Abstract: In an example, there is disclosed a computing apparatus, having a computing resource; a bespoke sensor for measuring at least one parameter of usage of the computing resource; and one or more logic elements providing a trusted compute meter (TCM) agent to: receive an external workload; provision a workload enclave; execute the external workload within the TCM enclave; and measure resource usage of the external workload via the bespoke sensor. There is also disclosed a computer-readable medium having stored thereon executable instructions for providing a TCM agent, and a method of providing a TCM agent.Type: GrantFiled: December 22, 2015Date of Patent: August 25, 2020Assignee: McAfee, LLCInventors: Howard C. Herbert, Jennifer Eligius Mankin, Simon Hunt, Venkata Ramanan Sambandam, Mark E. Scott-Nash, Katalin Klara Bartfai-Walcott, Rameshkumar Illikkal
-
Publication number: 20190158461Abstract: A custody transfer of a device can include sending a start of transfer request to an attestation device over a short range wireless communication channel, a nonce is received from the attestation device in association with the start of transfer request, and the nonce is signed at the particular gateway device. The signed nonce is sent to the attestation device, a transfer confirmation message is received from the attestation device, and a transfer message is sent to a management system to report a transfer in custody of the attestation device involving the particular gateway device and another gateway device.Type: ApplicationFiled: January 14, 2019Publication date: May 23, 2019Applicant: McAfee, LLCInventors: Jesse Randall Walker, Howard C. Herbert, Kirk D. Brannock, Geoffrey H. Cooper, David A. deVries, David M. Amols, Sven Schrecker, Stephen H. Price
-
Publication number: 20190087586Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.Type: ApplicationFiled: September 6, 2018Publication date: March 21, 2019Inventors: Francis X. McKEEN, Carlos V. ROZAS, Uday R. SAVAGAONKAR, Simon P. JOHNSON, Vincent SCARLATA, Michael A. GOLDSMITH, Ernie BRICKELL, Jiang Tao LI, Howard C. HERBERT, Prashant DEWAN, Stephen J. TOLOPKA, Gilbert NEIGER, David DURHAM, Gary GRAUNKE, Bernard LINT, Don A. VAN DYKE, Joseph CIHULA, Stalinselvaraj JEYASINGH, Stephen R. VAN DOREN, Dion RODGERS, John GARNEY, Asher ALTMAN
-
Publication number: 20190045016Abstract: Technologies disclosed herein provide a method for receiving at a device from a remote server, a request for state information from a first processor of the device, obtaining the state information from one or more registers of the first processor based on a request structure indicated by a first instruction of a software program executing on the device, and generating a response structure based, at least in part, on the obtained state information. The method further includes using a cryptographic algorithm and a shared key established between the device and the remote server to generate a signature based, at least in part, on the response structure, and communicating the response structure and the signature to the remote server. In more specific embodiments, both the response structure and the request structure each include a same nonce value.Type: ApplicationFiled: June 29, 2018Publication date: February 7, 2019Applicant: Intel CorporationInventors: Prashant Dewan, Siddhartha Chhabra, Uttam K. Sengupta, Howard C. Herbert
-
Patent number: 10193858Abstract: A custody transfer of a device can include sending a start of transfer request to an attestation device over a short range wireless communication channel, a nonce is received from the attestation device in association with the start of transfer request, and the nonce is signed at the particular gateway device. The signed nonce is sent to the attestation device, a transfer confirmation message is received from the attestation device, and a transfer message is sent to a management system to report a transfer in custody of the attestation device involving the particular gateway device and another gateway device.Type: GrantFiled: December 22, 2015Date of Patent: January 29, 2019Assignee: McAfee, LLCInventors: Jesse Randall Walker, Howard C. Herbert, Kirk D. Brannock, Geoffrey H. Cooper, David A. deVries, David M. Amols, Sven Schrecker, Stephen H. Price
-
Patent number: 10102380Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.Type: GrantFiled: March 13, 2013Date of Patent: October 16, 2018Assignee: Intel CorporationInventors: Francis X. McKeen, Carlos V. Rozas, Uday R. Savagaonkar, Simon P. Johnson, Vincent Scarlata, Michael A. Goldsmith, Ernie Brickell, Jiang Tao Li, Howard C. Herbert, Prashant Dewan, Stephen J. Tolopka, Gilbert Neiger, David Durham, Gary Graunke, Bernard Lint, Don A. Van Dyke, Joseph Cihula, Stalinselvaraj Jeyasingh, Stephen R. Van Doren, Dion Rodgers, John Garney, Asher Altman
-
Patent number: 10104122Abstract: Sensor data may be filtered in a secure environment. The filtering may limit distribution of the sensor data. Filtering may modify the sensor data, for example, to prevent identification of a person depicted in a captured image or to prevent acquiring a user's precise location. Filtering may also add or require other data use controls to access the data. Attestation that a filter policy is being applied and working properly or not may be provided as well.Type: GrantFiled: August 13, 2015Date of Patent: October 16, 2018Assignee: Intel CorporationInventors: Scott H. Robinson, Jason Martin, Howard C. Herbert, Michael LeMay, Karanvir Ken S. Grewal, Keith L. Shippy, Geoffrey Strongin
-
Patent number: 10044696Abstract: An apparatus is provided that includes at least one processor device, an energy storage module to power the apparatus, memory to store a secret such that powering down and restarting the apparatus causes the secret to be lost, logic executable by the at least one processor device to generate attestation data using the secret that data abstracts the secret, and a communications interface to send the attestation data to another device.Type: GrantFiled: December 22, 2015Date of Patent: August 7, 2018Assignee: McAfee, LLCInventors: Jesse Randall Walker, Howard C. Herbert, Kirk D. Brannock, Stephen H. Price, Geoffrey H. Cooper, David A. deVries, David M. Amols, Sven Schrecker
-
Patent number: 10009328Abstract: In one embodiment, a system including one or more hardware processors is: to receive a user request to access a website; sign a nonce with at least some of the plurality of group private keys, the at least some of the plurality of group private keys corresponding to personalization attributes of the website; and send the signed nonce to a web server to enable personalized interaction with the web server. Other embodiments are described and claimed.Type: GrantFiled: December 7, 2015Date of Patent: June 26, 2018Assignee: McAfee, LLCInventors: Ned M. Smith, Sven Schrecker, Howard C. Herbert
-
Publication number: 20180096412Abstract: In some embodiments, the disclosed subject matter involves a digital brokerage service to match data, services and compute capacity of subscribers and publishers in a trusted execution environment (TEE). In an embodiment, data is generated by an Internet of Things IoT device. Publishers register available resources with the digital brokerage service, including TEE capabilities. Subscribers request data or services with a quality of service or service level agreement requirements and define required TEE capabilities. Other embodiments are described and claimed.Type: ApplicationFiled: September 30, 2016Publication date: April 5, 2018Inventors: Mark E. Scott-Nash, Howard C. Herbert
-
Patent number: 9740882Abstract: Technologies for sensor privacy on a computing device include receiving, by a sensor controller of the computing device, sensor data from a sensor of the computing device; determining a sensor mode for the sensor; and sending privacy data in place of the sensor data in response to a determination that the sensor mode for the sensor is set to a private mode. The technologies may also include receiving, by a security engine of the computing device, a sensor mode change command from a user of the computing device via a trusted input/output path of the computing device; and sending a mode command to the sensor controller to set the sensor mode of the sensor based on the sensor mode change command, wherein the sending the mode command comprises sending the mode command over a private bus established between the security engine and the sensor controller. Other embodiments are described herein.Type: GrantFiled: September 10, 2014Date of Patent: August 22, 2017Assignee: Intel CorporationInventors: Mark E. Scott-Nash, Scott H. Robinson, Howard C. Herbert, Geoffrey S. Strongin, Stephen J. Allen, Tobias M. Kohlenberg, Uttam K. Sengupta
-
Publication number: 20170180314Abstract: A custody transfer of a device can include sending a start of transfer request to an attestation device over a short range wireless communication channel, a nonce is received from the attestation device in association with the start of transfer request, and the nonce is signed at the particular gateway device. The signed nonce is sent to the attestation device, a transfer confirmation message is received from the attestation device, and a transfer message is sent to a management system to report a transfer in custody of the attestation device involving the particular gateway device and another gateway device.Type: ApplicationFiled: December 22, 2015Publication date: June 22, 2017Inventors: Jesse Randall Walker, Howard C. Herbert, Kirk D. Brannock, Geoffrey H. Cooper, David A. deVries, David M. Amols, Sven Schrecker, Stephen H. Price
-
Publication number: 20170177417Abstract: In an example, there is disclosed a computing apparatus, having a computing resource; a bespoke sensor for measuring at least one parameter of usage of the computing resource; and one or more logic elements providing a trusted compute meter (TCM) agent to: receive an external workload; provision a workload enclave; execute the external workload within the TCM enclave; and measure resource usage of the external workload via the bespoke sensor. There is also disclosed a computer-readable medium having stored thereon executable instructions for providing a TCM agent, and a method of providing a TCM agent.Type: ApplicationFiled: December 22, 2015Publication date: June 22, 2017Applicant: McAfee, Inc.Inventors: Howard C. Herbert, Jennifer Eligius Mankin, Simon Hunt, Venkata Ramanan Sambandam, Mark E. Scott-Nash, Katalin Klara Bartfai-Walcott, Rameshkumar Illikkal
-
Publication number: 20170180341Abstract: An apparatus is provided that includes at least one processor device, an energy storage module to power the apparatus, memory to store a secret such that powering down and restarting the apparatus causes the secret to be lost, logic executable by the at least one processor device to generate attestation data using the secret that data abstracts the secret, and a communications interface to send the attestation data to another device.Type: ApplicationFiled: December 22, 2015Publication date: June 22, 2017Applicant: McAfee, Inc.Inventors: Jesse Randall Walker, Howard C. Herbert, Kirk D. Brannock, Stephen H. Price, Geoffrey H. Cooper, David A. deVries, David M. Amols, Sven Schrecker
-
Publication number: 20170163616Abstract: In one embodiment, a system including one or more hardware processors is: to receive a user request to access a website; sign a nonce with at least some of the plurality of group private keys, the at least some of the plurality of group private keys corresponding to personalization attributes of the website; and send the signed nonce to a web server to enable personalized interaction with the web server. Other embodiments are described and claimed.Type: ApplicationFiled: December 7, 2015Publication date: June 8, 2017Inventors: Ned M. Smith, Sven Schrecker, Howard C. Herbert
-
Publication number: 20160364787Abstract: In one embodiment, a method includes: receiving, in a device, a first message to request transfer of ownership of the device from a current owner to a new owner, the device having a storage to store a first title including a device identifier for the device and an owner identifier for the current owner, the storage to further store a first root authorization key associated with the current owner; sending a second message from the device to the new owner, the second message including a hash value of the first title; and receiving a third message, in the device, the third message including a second title for the device, the second title generated by the new owner and including a new owner identifier, the second title comprising a concatenation of the first title, to enable ownership of the device to be transferred to the new owner.Type: ApplicationFiled: September 25, 2015Publication date: December 15, 2016Inventors: Jesse Walker, Ned M. Smith, Howard C. Herbert, Manoj R. Sastry