Patents by Inventor Ioannis T. Schoinas

Ioannis T. Schoinas has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9535860
    Abstract: In an embodiment, a shared memory fabric is configured to receive memory requests from multiple agents, where at least some of the requests have an associated deadline value to indicate a maximum latency prior to completion of the memory request. Responsive to the requests, the fabric is to arbitrate between the requests based at least in part on the deadline values. Other embodiments are described and claimed.
    Type: Grant
    Filed: January 17, 2013
    Date of Patent: January 3, 2017
    Assignee: Intel Corporation
    Inventors: Daniel F. Cutter, Blaise Fanning, Ramadass Nagarajan, Jose S. Niell, Debra Bernstein, Deepak Limaye, Ioannis T. Schoinas, Ravishankar Iyer
  • Patent number: 9525555
    Abstract: In one embodiment, a processor has at least one core to execute instructions, a security engine coupled to the at least one core, a first storage to store a first immutable key associated with a vendor of the processor, and a second storage to store a second immutable key associated with an original equipment manufacturer (OEM) of the system. A first portion of firmware is to be verified based at least in part on the first immutable key and a second portion of firmware is to be verified based at least in part on the second immutable key, the first portion of firmware associated with the vendor and the second portion of firmware associated with the OEM. Other embodiments are described and claimed.
    Type: Grant
    Filed: December 18, 2014
    Date of Patent: December 20, 2016
    Assignee: Intel Corporation
    Inventors: Prashant Dewan, Kapil Sood, Kumar N. Dwarakanath, Ioannis T. Schoinas, William A. Stevens, Jr., Ned M. Smith
  • Publication number: 20160357700
    Abstract: In one embodiment, a system includes: a first root space associated with a first root space identifier and including at least one first host processor and a first agent, the at least one first host processor and the first agent associated with the first root space identifier; a second root space associated with a second root space identifier and including at least one second host processor and a second agent, the at least one second host processor and the second agent associated with the second root space identifier; and a shared fabric to couple the first root space and the second root space, the shared fabric to route a transaction to the first root space or the second root space based at least in part on a root space field of the transaction. Other embodiments are described and claimed.
    Type: Application
    Filed: October 12, 2015
    Publication date: December 8, 2016
    Inventors: Michael T. Klinglesmith, Chang Yong Kang, Robert DeGruijl, Ioannis T. Schoinas, Darren Abramson, Khee Wooi Lee
  • Patent number: 9507952
    Abstract: In one embodiment of the present invention, a method includes verifying a master processor of a system; validating a trusted agent with the master processor if the master processor is verified; and launching the trusted agent on a plurality of processors of the system if the trusted agent is validated. After execution of such a trusted agent, a secure kernel may then be launched, in certain embodiments. The system may be a multiprocessor server system having a partially or fully connected topology with arbitrary point-to-point interconnects, for example.
    Type: Grant
    Filed: November 11, 2015
    Date of Patent: November 29, 2016
    Assignee: Intel Corporation
    Inventors: John H. Wilson, Ioannis T. Schoinas, Mazin S. Yousif, Linda J. Rankin, David W. Grawrock, Robert J. Greiner, James A. Sutton, Kushagra Vaid, Willard M. Wiseman
  • Publication number: 20160255008
    Abstract: A separable Transport Layer is described in the context of cache coherent multiple component micro-electronic systems. In one example, a packet is received from a source component, the packet containing a Protocol Layer. A Transport Layer is attached to the packet and the packet is sent across a component communications interface to a second component, the packet containing the Transport Layer and the Protocol Layer.
    Type: Application
    Filed: March 4, 2016
    Publication date: September 1, 2016
    Applicant: Intel Corporation
    Inventors: Ioannis T. Schoinas, Doddaballapur N. Jayasimha
  • Publication number: 20160182238
    Abstract: In one embodiment, a processor has at least one core to execute instructions, a security engine coupled to the at least one core, a first storage to store a first immutable key associated with a vendor of the processor, and a second storage to store a second immutable key associated with an original equipment manufacturer (OEM) of the system. A first portion of firmware is to be verified based at least in part on the first immutable key and a second portion of firmware is to be verified based at least in part on the second immutable key, the first portion of firmware associated with the vendor and the second portion of firmware associated with the OEM. Other embodiments are described and claimed.
    Type: Application
    Filed: December 18, 2014
    Publication date: June 23, 2016
    Inventors: Prashant Dewan, Kapil Sood, Kumar N. Dwarakanath, Ioannis T. Schoinas, William A. Stevens, JR., Ned M. Smith
  • Patent number: 9304964
    Abstract: A separable Transport Layer is described in the context of cache coherent multiple component micro-electronic systems. In one example, a packet is received from a source component, the packet containing a Protocol Layer. A Transport Layer is attached to the packet and the packet is sent across a component communications interface to a second component, the packet containing the Transport Layer and the Protocol Layer.
    Type: Grant
    Filed: June 30, 2006
    Date of Patent: April 5, 2016
    Assignee: Intel Corporation
    Inventors: Ioannis T. Schoinas, Doddaballapur Narasimha-Murthy Jayasimha
  • Publication number: 20160063261
    Abstract: In one embodiment of the present invention, a method includes verifying a master processor of a system; validating a trusted agent with the master processor if the master processor is verified; and launching the trusted agent on a plurality of processors of the system if the trusted agent is validated. After execution of such a trusted agent, a secure kernel may then be launched, in certain embodiments. The system may be a multiprocessor server system having a partially or fully connected topology with arbitrary point-to-point interconnects, for example.
    Type: Application
    Filed: November 11, 2015
    Publication date: March 3, 2016
    Inventors: John H. Wilson, Ioannis T. Schoinas, Mazin S. Yousif, Linda J. Rankin, David W. Grawrock, Robert J. Greiner, James A. Sutton, Kushagra Vaid, Willard M. Wiseman
  • Patent number: 9213865
    Abstract: In one embodiment of the present invention, a method includes verifying a master processor of a system; validating a trusted agent with the master processor if the master processor is verified; and launching the trusted agent on a plurality of processors of the system if the trusted agent is validated. After execution of such a trusted agent, a secure kernel may then be launched, in certain embodiments. The system may be a multiprocessor server system having a partially or fully connected topology with arbitrary point-to-point interconnects, for example.
    Type: Grant
    Filed: October 3, 2014
    Date of Patent: December 15, 2015
    Assignee: Intel Corporation
    Inventors: John H. Wilson, Ioannis T. Schoinas, Mazin S. Yousif, Linda J. Rankin, David W. Grawrock, Robert J. Greiner, James A. Sutton, Kushagra Vaid, Willard M. Wiseman
  • Publication number: 20150331043
    Abstract: A system on chip (SOC) includes a policy generator to identify lifecycle data that identifies a lifecycle of the SOC and identify authentication data that identifies a particular user that is to debug the SoC. A particular policy is determined based on the lifecycle and identification of the particular user, and policy data is sent to at least one block of the SoC, the policy data identifying the particular policy. Debug access at the block is based on the particular policy.
    Type: Application
    Filed: May 15, 2014
    Publication date: November 19, 2015
    Inventors: Manoj R. Sastry, Enrico D. Carrieri, Michael Neve de Mevergnies, Ioannis T. Schoinas, Michael J. Wiznerowicz
  • Patent number: 9112867
    Abstract: A method and system for enforcing access control to system resources and assets. Security attributes associated with devices that initiate transactions in the system are automatically generated and forwarded with transaction messages. The security attributes convey access privileges assigned to each initiator. One or more security enforcement mechanisms are implemented in the system to evaluate the security attributes against access policy requirements to access various system assets and resources, such as memory, registers, address ranges, etc. If the privileges identified by the security attributes indicate the access request is permitted, the transaction is allowed to proceed. The security attributes of the initiator scheme provides a modular, consistent secure access enforcement scheme across system designs.
    Type: Grant
    Filed: June 13, 2014
    Date of Patent: August 18, 2015
    Assignee: Intel Corporation
    Inventors: Manoj R. Sastry, Ioannis T. Schoinas, Daniel M. Cermak
  • Patent number: 8996883
    Abstract: A series of touch panel key entries may be secured by shuffling touch entry coordinates. In one embodiment, the entries may be secured by applying a shuffling algorithm that replaces the true coordinates with other incorrect coordinates. Then the correct data may be reassembled in a secure environment.
    Type: Grant
    Filed: November 30, 2011
    Date of Patent: March 31, 2015
    Assignee: Intel Corporation
    Inventors: Steven L. Grobman, Ioannis T. Schoinas
  • Patent number: 8990506
    Abstract: In one embodiment, the present invention includes a cache memory including cache lines that each have a tag field including a state portion to store a cache coherency state of data stored in the line and a weight portion to store a weight corresponding to a relative importance of the data. In various implementations, the weight can be based on the cache coherency state and a recency of usage of the data. Other embodiments are described and claimed.
    Type: Grant
    Filed: December 16, 2009
    Date of Patent: March 24, 2015
    Assignee: Intel Corporation
    Inventors: Naveen Cherukuri, Dennis W. Brzezinski, Ioannis T. Schoinas, Anahita Shayesteh, Akhilesh Kumar, Mani Azimi
  • Publication number: 20150059007
    Abstract: In one embodiment of the present invention, a method includes verifying a master processor of a system; validating a trusted agent with the master processor if the master processor is verified; and launching the trusted agent on a plurality of processors of the system if the trusted agent is validated. After execution of such a trusted agent, a secure kernel may then be launched, in certain embodiments. The system may be a multiprocessor server system having a partially or fully connected topology with arbitrary point-to-point interconnects, for example.
    Type: Application
    Filed: October 3, 2014
    Publication date: February 26, 2015
    Inventors: John H. Wilson, Ioannis T. Schoinas, Mazin S. Yousif, Linda J. Rankin, David W. Grawrock, Robert J. Greiner, James A. Sutton, Kushagra Vaid, Willard M. Wiseman
  • Patent number: 8959576
    Abstract: Method, apparatus, and system for qualifying CPU transactions with security attributes. Immutable security attributes are generated for transactions initiator by a CPU or processor core that identifying the execution mode of the CPU/core being trusted or untrusted. The transactions may be targeted to an Input/Output (I/O) device or system memory via which a protected asset may be accessed. Policy enforcement logic blocks are implemented at various points in the apparatus or system that allow or deny transactions access to protected assets based on the immutable security attributes generated for the transactions. In one aspect, a multiple-level security scheme is implemented under which a mode register is updated via a first transaction to indicate the CPU/core is operating in a trusted execution mode, and security attributes are generated for a second transaction using execution mode indicia in the mode register to verify the transaction is from a trusted initiator.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: February 17, 2015
    Assignee: Intel Corporation
    Inventors: Manoj R. Sastry, Ioannis T. Schoinas, Daniel M. Cermak
  • Patent number: 8874906
    Abstract: In one embodiment of the present invention, a method includes verifying a master processor of a system; validating a trusted agent with the master processor if the master processor is verified; and launching the trusted agent on a plurality of processors of the system if the trusted agent is validated. After execution of such a trusted agent, a secure kernel may then be launched, in certain embodiments. The system may be a multiprocessor server system having a partially or fully connected topology with arbitrary point-to-point interconnects, for example.
    Type: Grant
    Filed: May 20, 2013
    Date of Patent: October 28, 2014
    Assignee: Intel Corporation
    Inventors: John H. Wilson, Ioannis T. Schoinas, Mazin S. Yousif, Linda J. Rankin, David W. Grawrock, Robert J. Greiner, James A. Sutton, Kushagra Vaid, Williard M. Wiseman
  • Publication number: 20140298408
    Abstract: A method and system for enforcing access control to system resources and assets. Security attributes associated with devices that initiate transactions in the system are automatically generated and forwarded with transaction messages. The security attributes convey access privileges assigned to each initiator. One or more security enforcement mechanisms are implemented in the system to evaluate the security attributes against access policy requirements to access various system assets and resources, such as memory, registers, address ranges, etc. If the privileges identified by the security attributes indicate the access request is permitted, the transaction is allowed to proceed. The security attributes of the initiator scheme provides a modular, consistent secure access enforcement scheme across system designs.
    Type: Application
    Filed: June 13, 2014
    Publication date: October 2, 2014
    Inventors: Manoj R. Sastry, Ioannis T. Schoinas, Daniel M. Cermak
  • Publication number: 20140282819
    Abstract: Method, apparatus, and system for qualifying CPU transactions with security attributes. Immutable security attributes are generated for transactions initiator by a CPU or processor core that identifying the execution mode of the CPU/core being trusted or untrusted. The transactions may be targeted to an Input/Output (I/O) device or system memory via which a protected asset may be accessed. Policy enforcement logic blocks are implemented at various points in the apparatus or system that allow or deny transactions access to protected assets based on the immutable security attributes generated for the transactions. In one aspect, a multiple-level security scheme is implemented under which a mode register is updated via a first transaction to indicate the CPU/core is operating in a trusted execution mode, and security attributes are generated for a second transaction using execution mode indicia in the mode register to verify the transaction is from a trusted initiator.
    Type: Application
    Filed: March 14, 2013
    Publication date: September 18, 2014
    Inventors: Manoj R. Sastry, Ioannis T. Schoinas, Daniel M. Cermak
  • Publication number: 20140240326
    Abstract: In an embodiment, a shared memory fabric is configured to receive memory requests from multiple agents, where at least some of the requests have an associated order identifier and a deadline value to indicate a maximum latency prior to completion of the memory request. Responsive to the requests, the fabric is to arbitrate between the requests based at least in part on the deadline values. Other embodiments are described and claimed.
    Type: Application
    Filed: February 28, 2013
    Publication date: August 28, 2014
    Inventors: Daniel F. Cutter, Blaise Fanning, Ramadass Nagarajan, Ravishankar Iyer, Quang T. Le, Ravi Kolagotla, Ioannis T. Schoinas, Jose S. Niell
  • Patent number: 8789170
    Abstract: A method and system for enforcing access control to system resources and assets. Security attributes associated with devices that initiate transactions in the system are automatically generated and forwarded with transaction messages. The security attributes convey access privileges assigned to each initiator. One or more security enforcement mechanisms are implemented in the system to evaluate the security attributes against access policy requirements to access various system assets and resources, such as memory, registers, address ranges, etc. If the privileges identified by the security attributes indicate the access request is permitted, the transaction is allowed to proceed. The security attributes of the initiator scheme provides a modular, consistent secure access enforcement scheme across system designs.
    Type: Grant
    Filed: September 24, 2010
    Date of Patent: July 22, 2014
    Assignee: Intel Corporation
    Inventors: Manoj R. Sastry, Ioannis T. Schoinas, Daniel M. Cermak