Patents by Inventor Jiewen Yao

Jiewen Yao has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10885199
    Abstract: A pre-boot initialization technique for a computing system allows for encrypting both a manufacturer and original equipment manufacturer firmware routines, as well as handing off data between the manufacturer and original equipment manufacturer firmware routines encrypted with a key provisioned in field programmable fuses with an original equipment manufacturer key. By encrypting the firmware routines and handoff data, security of the pre-boot initialization process is enhanced. Original equipment manufacturer updatable product data may also be encrypted with the original equipment manufacturer key. Additional security may be provided by using trusted input/output capabilities of a trusted execution environment to display information to and receive information from a user. Furthermore, multiple secure phases of configuration may be achieved using wireless credentials exchange components.
    Type: Grant
    Filed: September 26, 2016
    Date of Patent: January 5, 2021
    Assignee: McAfee, LLC
    Inventors: Jiewen Yao, Rangasai V. Chaganty, Xiang Ma, Ravi Poovalur Rangarajan, Rajesh Poornachandran, Nivedita Aggarwal, Giri P. Mudusuru, Vincent J. Zimmer, Satya P. Yarlagadda, Amy Chan, Sudeep Das
  • Publication number: 20200387611
    Abstract: Malicious attacks have moved from higher level virus attacks on software and data files operating on a device, to subverting the firmware underlying the device, where the firmware will compromise operation of the device even after attempts to remove the virus, unwanted programs, or other activity due to the subversion. If the firmware is compromised then even a clean reinstall of all software and/or services on the device may only result in a clean device that is then subsequently compromised again. Although device manufacturers may update a firmware to remove the vulnerability, there remains a problem in getting users to actually perform the update. To facilitate device security, a database or databases of firmware may be maintained where their status of vulnerable (bad) or not (good) is maintained and various options are presented for scanning firmware for vulnerabilities, out of band or manually, and pulling/pushing updates as desired to automatically update a device or prompt a user for updating.
    Type: Application
    Filed: December 22, 2017
    Publication date: December 10, 2020
    Inventors: Jiewen YAO, Vincent J. ZIMMER
  • Publication number: 20200310788
    Abstract: An embodiment of a semiconductor package apparatus may include technology to determine version information for a new firmware component, read dependency information corresponding to the firmware component, and determine if dependency is satisfied between the new firmware component and one or more other firmware components based on the version information and the dependency information of the new firmware component. Other embodiments are disclosed and claimed.
    Type: Application
    Filed: September 27, 2017
    Publication date: October 1, 2020
    Applicant: Intel Corporation
    Inventors: Vincent Zimmer, Jiewen Yao
  • Patent number: 10772885
    Abstract: The disclosure generally relates to methods of treating an ocular disease, comprising administering an effective amount of a pharmaceutical composition to an eye of a subject in need thereof, wherein the pharmaceutical composition comprises nintedanib, or its salt, derivative, analog or polymorph, or combination thereof. The disclosure also relates to pharmaceutical composition or formulation, which can be used for treating ocular diseases. In another aspect, the disclosure provides method of making the pharmaceutical composition or formulation.
    Type: Grant
    Filed: May 19, 2017
    Date of Patent: September 15, 2020
    Assignee: REYOUNG (SUZHOU) BIOLOGY SCIENCE & TECHNOLOGY CO., LTD.
    Inventors: Shuhua Guo, Jiewen Zhong, Xinting Yuan, Zongren Yao
  • Patent number: 10747884
    Abstract: Techniques for providing and maintaining protection of firmware routines that form part of a chain of trust through successive processing environments. An apparatus may include a first processor component (550); a volatile storage (562) coupled to the first processor component; an enclave component to, in a pre-OS operating environment, generate a secure enclave within a portion of the volatile storage to restrict access to a secured firmware loaded into the secure enclave; a first firmware driver (646) to, in the pre-OS operating environment, provide a first API to enable unsecured firmware to call a support routine of the secured firmware from outside the secure enclave; and a second firmware driver (647) to, in an OS operating environment that replaces the pre-OS operating environment, provide a second API to enable an OS of the OS operating environment to call the support routine from outside the secure enclave.
    Type: Grant
    Filed: December 24, 2015
    Date of Patent: August 18, 2020
    Assignee: INTEL CORPORATION
    Inventors: Jiewen Yao, Vincent J. Zimmer, Wei Li, Rajesh Poornachandran, Giri P. Mudusuru
  • Patent number: 10664573
    Abstract: Apparatuses, methods and storage media associated with managing a computing platform in view of an expiration date are described herein. In embodiments, an apparatus may include a computing platform that includes one or more processors to execute applications; and a trusted execution environment that includes a tamper-proof storage to store an expiration date of the computing platform, and a firmware module to be operated in a secure system management mode to regulate operation of the computing platform in view of at least whether a current date is earlier than the expiration date. Other embodiments may be described or claimed.
    Type: Grant
    Filed: June 17, 2015
    Date of Patent: May 26, 2020
    Assignee: Intel Corporation
    Inventors: Jiewen Yao, Vincent J. Zimmer, Rajesh Poornachandran
  • Patent number: 10635607
    Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to improve boot efficiency. An example apparatus includes a firmware support package (FSP) configuration engine to retrieve an FSP reset (FSP-R) component from a platform memory, a firmware interface table (FIT) manager to assign an entry to a FIT for the FSP-R component and assign respective entries to the FIT for auxiliary FSP components, and an FSP configuration engine to transfer platform control to the FSP-R component to control execution of the auxiliary FSP components in response to a platform reset vector.
    Type: Grant
    Filed: June 30, 2016
    Date of Patent: April 28, 2020
    Assignee: Intel Corporation
    Inventors: Rangasai V. Chaganty, Vincent Zimmer, Satya P. Yarlagadda, Giri P. Mudusuru, Jiewen Yao, Xiang Ma, Ravi Rangarajan
  • Publication number: 20190370470
    Abstract: A pre-boot initialization technique for a computing system allows for encrypting both a manufacturer and original equipment manufacturer firmware routines, as well as handing off data between the manufacturer and original equipment manufacturer firmware routines encrypted with a key provisioned in field programmable fuses with an original equipment manufacturer key. By encrypting the firmware routines and handoff data, security of the pre-boot initialization process is enhanced. Original equipment manufacturer updatable product data may also be encrypted with the original equipment manufacturer key. Additional security may be provided by using trusted input/output capabilities of a trusted execution environment to display information to and receive information from a user. Furthermore, multiple secure phases of configuration may be achieved using wireless credentials exchange components.
    Type: Application
    Filed: September 26, 2016
    Publication date: December 5, 2019
    Inventors: Jiewen Yao, Rangasai V. Chaganty, Xiang Ma, Ravi Poovalur Rangarajan, Rajesh Poornachandran, Nivedita Aggarwal, Giri P. Mudusuru, Vincent J. Zimmer, Satya P. Yarlagadda, Amy Chan, Sudeep Das
  • Patent number: 10474473
    Abstract: A method for booting a data processing system (DPS) involves, during a boot process of the DPS, using a preliminary bootcode module from a low-speed nonvolatile memory (NVM) in the DPS to load a main bootcode module from a high-speed NVM in the DPS into a volatile random access memory (RAM) in the DPS, wherein the high-speed NVM supports a read speed that is faster than a maximum read speed of the low-speed NVM. The method also involves, during the boot process, after loading the main bootcode module from the high-speed NVM into the RAM, using the main bootcode module to boot the DPS to an operating system (OS). The method may also involve using the preliminary bootcode module to automatically determine whether the main bootcode module from the high-speed NVM has good integrity. Other embodiments are described and claimed.
    Type: Grant
    Filed: April 11, 2017
    Date of Patent: November 12, 2019
    Assignee: Intel Corporation
    Inventors: Michael A. Rothman, Vincent J. Zimmer, Giri P. Mudusuru, Jiewen Yao, Jie Lin
  • Publication number: 20190286450
    Abstract: The present disclosure is directed to controlled customization of silicon initialization. A device may comprise, for example, a boot module including a memory on which boot code is stored, the boot code including at least an initial boot block (IBB) module that is not customizable and a global platform database (GPD) module including customizable data. The IBB module may include a pointer indicating GPD module location. The customizable data may comprise configurable parameters and simple configuration language (SCL) to cause the device to execute at least one logical operation during execution of the boot code. The GPD module may further comprise a pointer indicating SCL location. The boot code may be executed upon activation of the device, which may cause the IBB module to load an interpreter for executing the SCL. The interpreter may also verify access request operations in the SCL are valid before executing the access request operations.
    Type: Application
    Filed: June 4, 2019
    Publication date: September 19, 2019
    Applicant: Intel Corporation
    Inventors: JIEWEN YAO, VINCENT ZIMMER, NICHOLAS ADAMS, WILLARD WISEMAN, GIRI MUDUSURU, NUO ZHANG
  • Patent number: 10394295
    Abstract: Apparatuses, methods and storage medium associated with streamlined physical reset are described herein. In embodiments, an apparatus for computing, including streamlined physical reset, may comprise one or more processor cores; memory having a plurality of memory locations; and a basic input/output system (BIOS) to provide basic input/output system services, wherein the BIOS stays within a range of memory locations during each initialization of the BIOS, including an initialization of the BIOS that is part of a physical reset of the apparatus, to streamline the physical reset. Other embodiments may be described and/or claimed.
    Type: Grant
    Filed: May 17, 2017
    Date of Patent: August 27, 2019
    Assignee: Intel Corporation
    Inventors: Michael A. Rothman, Vincent J. Zimmer, Jiewen Yao
  • Patent number: 10372491
    Abstract: Methods, apparatuses and storage medium associated with migration between processors by a computing device are disclosed. In various embodiments, a portable electronic device having an internal processor and internal memory may be attached to a dock. The dock may include another processor as well other memory. The attachment of the dock to the portable electronic device may cause an interrupt. In response to this interrupt, a state associated with the internal processor may be copied to the other memory of the dock. Instructions for the computing device may then be executed using the other processor of the dock. Other embodiments may be disclosed or claimed.
    Type: Grant
    Filed: March 23, 2015
    Date of Patent: August 6, 2019
    Assignee: Intel Corporation
    Inventors: Vincent J. Zimmer, Jiewen Yao, Sarathy Jayakumar, Robert C. Swanson, Rajesh Poornachandran, Gopinatth Selvaraje, Mingqiu Sun, John S. Howard, Eugene Gorbatov
  • Publication number: 20190224194
    Abstract: The disclosure generally relates to methods of treating an ocular disease, comprising administering an effective amount of a pharmaceutical composition to an eye of a subject in need thereof, wherein the pharmaceutical composition comprises nintedanib, or its salt, derivative, analog or polymorph, or combination thereof. The disclosure also relates to pharmaceutical composition or formulation, which can be used for treating ocular diseases. In another aspect, the disclosure provides method of making the pharmaceutical composition or formulation.
    Type: Application
    Filed: May 19, 2017
    Publication date: July 25, 2019
    Applicant: REYOUNG (SUZHOU) BIOLOGY SCIENCE & TECHNOLOGY CO., LTD.
    Inventors: Shuhua GUO, Jiewen ZHONG, Xinting YUAN, Zongren YAO
  • Patent number: 10310865
    Abstract: The present disclosure is directed to controlled customization of silicon initialization. A device may comprise, for example, a boot module including a memory on which boot code is stored, the boot code including at least an initial boot block (IBB) module that is not customizable and a global platform database (GPD) module including customizable data. The IBB module may include a pointer indicating GPD module location. The customizable data may comprise configurable parameters and simple configuration language (SCL) to cause the device to execute at least one logical operation during execution of the boot code. The GPD module may further comprise a pointer indicating SCL location. The boot code may be executed upon activation of the device, which may cause the IBB module to load an interpreter for executing the SCL. The interpreter may also verify access request operations in the SCL are valid before executing the access request operations.
    Type: Grant
    Filed: December 27, 2013
    Date of Patent: June 4, 2019
    Assignee: Intel Corporation
    Inventors: Jiewen Yao, Vincent Zimmer, Nicholas Adams, Willard Wiseman, Giri Mudusuru, Nuo Zhang
  • Publication number: 20190156015
    Abstract: In one embodiment, a processor comprises a plurality of system resources accessible to processes executed at a first privilege level but generally not accessible to processes executing at a second privilege level; a memory to store an access control policy; and an execution unit to: execute a system management interrupt (SMI) handler at the second privilege level; and execute a policy manager at the first privilege level, the policy manager to detect a request from the SMI handler to access a first system resource of the plurality of system resources; and access the first system resource on behalf of the SMI handler in response to a determination that the access control policy allows the SMI handler to access the first system resource.
    Type: Application
    Filed: December 29, 2018
    Publication date: May 23, 2019
    Inventors: Kirk D. Brannock, Jiewen Yao
  • Patent number: 10205750
    Abstract: A system, device, and method for providing policy-based secure cloud booting include a mobile computing device and a web server. The mobile computing device determines a remote boot address specifying the location of a boot resource on the web server. The mobile computing device opens a secure connection to the web server and maps the boot resource to a local firmware protocol. The mobile computing device executes the boot resource as a firmware image using the local firmware protocol. The boot resource may be a compact disc or DVD image mapped through a block I/O protocol. The boot resource may be a remote file system mapped through a file system protocol. The remote boot address may be configured using a manageability engine capable of out-of-band communication. The remote boot address may be determined based on the context of the mobile computing device, including location. Other embodiments are described and claimed.
    Type: Grant
    Filed: March 13, 2013
    Date of Patent: February 12, 2019
    Assignee: Intel Corporation
    Inventors: Brian Cockrell, Jacob J. Gauthier, Jiewen Yao, Vincent J. Zimmer, Elmer A. Amaya
  • Patent number: 10169047
    Abstract: Computing devices, computer-readable storage media, and methods associated with providing an operating system (OS)-absent firmware sensor layer to support a boot process are disclosed. A computing device may include a processor and firmware to be operated on the processor. The firmware may include one or more modules and a sensor layer. The sensor layer may be configured to receive, in the OS-absent environment, sensor data produced by a plurality of sensors. The sensor layer may be further configured to selectively provide the sensor data to the one or more modules via an interface of the sensor layer that abstracts the plurality of sensors.
    Type: Grant
    Filed: June 24, 2014
    Date of Patent: January 1, 2019
    Assignee: Intel Corporation
    Inventors: Ulf R. Hanebutte, Jiewen Yao, Vincent J. Zimmer
  • Publication number: 20180341774
    Abstract: Techniques for providing and maintaining protection of firmware routines that form part of a chain of trust through successive processing environments. An apparatus may include a first processor component (550); a volatile storage (562) coupled to the first processor component; an enclave component to, in a pre-OS operating environment, generate a secure enclave within a portion of the volatile storage to restrict access to a secured firmware loaded into the secure enclave; a first firmware driver (646) to, in the pre-OS operating environment, provide a first API to enable unsecured firmware to call a support routine of the secured firmware from outside the secure enclave; and a second firmware driver (647) to, in an OS operating environment that replaces the pre-OS operating environment, provide a second API to enable an OS of the OS operating environment to call the support routine from outside the secure enclave.
    Type: Application
    Filed: December 24, 2015
    Publication date: November 29, 2018
    Applicant: INTEL CORPORATION
    Inventors: Jiewen YAO, Vincent J. ZIMMER, Wei LI, Rajesh POORNACHANDRAN, Giri P. MUDUSURU
  • Publication number: 20180335816
    Abstract: Apparatuses, methods and storage medium associated with streamlined physical reset are described herein. In embodiments, an apparatus for computing, including streamlined physical reset, may comprise one or more processor cores; memory having a plurality of memory locations; and a basic input/output system (BIOS) to provide basic input/output system services, wherein the BIOS stays within a range of memory locations during each initialization of the BIOS, including an initialization of the BIOS that is part of a physical reset of the apparatus, to streamline the physical reset. Other embodiments may be described and/or claimed.
    Type: Application
    Filed: May 17, 2017
    Publication date: November 22, 2018
    Inventors: Michael A. Rothman, Vincent J. Zimmer, Jiewen Yao
  • Publication number: 20180293080
    Abstract: A method for booting a data processing system (DPS) involves, during a boot process of the DPS, using a preliminary bootcode module from a low-speed nonvolatile memory (NVM) in the DPS to load a main bootcode module from a high-speed NVM in the DPS into a volatile random access memory (RAM) in the DPS, wherein the high-speed NVM supports a read speed that is faster than a maximum read speed of the low-speed NVM. The method also involves, during the boot process, after loading the main bootcode module from the high-speed NVM into the RAM, using the main bootcode module to boot the DPS to an operating system (OS). The method may also involve using the preliminary bootcode module to automatically determine whether the main bootcode module from the high-speed NVM has good integrity. Other embodiments are described and claimed.
    Type: Application
    Filed: April 11, 2017
    Publication date: October 11, 2018
    Applicant: Intel Corporation
    Inventors: Michael A. Rothman, Vincent J. Zimmer, Giri P. Mudusuru, Jiewen Yao, Jie Lin