Abstract: Embodiments are directed to protection of communications between a trusted execution environment and a hardware accelerator utilizing enhanced end-to-end encryption and inter-context security. An embodiment of an apparatus includes one or more processors having one or more trusted execution environments (TEEs) including a first TEE to include a first trusted application; an interface with a hardware accelerator, the hardware accelerator including trusted embedded software or firmware; and a computer memory to store an untrusted kernel mode driver for the hardware accelerator, the one or more processors to establish an encrypted tunnel between the first trusted application in the first TEE and the trusted software or firmware, generate a call for a first command from the first trusted application, generate an integrity tag for the first command, and transfer command parameters for the first command and the integrity tag to the kernel mode driver to generate the first command.

Abstract: Embodiments are directed to protection of privacy and data on smart edge devices. An embodiment of an apparatus includes a sensor to produce a stream of sensor data; an analytics mechanism; and a trusted execution environment (TEE) including multiple keys for data security, the apparatus to exchange keys with a host server to establish one or more secure communication channels between the apparatus and a TEE on a host server, process the stream of sensor data utilizing the analytics mechanism to generate metadata, perform encryption and integrity protection of the metadata utilizing a key from the TEE for the sensor, sign the metadata utilizing a private key for the analytics mechanism, and transfer the encrypted and integrity protected metadata and the signature to the host server via the one or more secure communication channels in a manner that prevents privileged users on the host from accessing the data.

Abstract: Embodiments are directed to protection of communications between a trusted execution environment and a hardware accelerator utilizing enhanced end-to-end encryption and inter-context security. An embodiment of an apparatus includes one or more processors having one or more trusted execution environments (TEEs) including a first TEE to include a first trusted application; an interface with a hardware accelerator, the hardware accelerator including trusted embedded software or firmware; and a computer memory to store an untrusted kernel mode driver for the hardware accelerator, the one or more processors to establish an encrypted tunnel between the first trusted application in the first TEE and the trusted software or firmware, generate a call for a first command from the first trusted application, generate an integrity tag for the first command, and transfer command parameters for the first command and the integrity tag to the kernel mode driver to generate the first command.

Abstract: Embodiments are directed to protection of privacy and data on smart edge devices. An embodiment of an apparatus includes a sensor to produce a stream of sensor data; an analytics mechanism; and a trusted execution environment (TEE) including multiple keys for data security, the apparatus to exchange keys with a host server to establish one or more secure communication channels between the apparatus and a TEE on a host server, process the stream of sensor data utilizing the analytics mechanism to generate metadata, perform encryption and integrity protection of the metadata utilizing a key from the TEE for the sensor, sign the metadata utilizing a private key for the analytics mechanism, and transfer the encrypted and integrity protected metadata and the signature to the host server via the one or more secure communication channels in a manner that prevents privileged users on the host from accessing the data.

Abstract: Embodiments are directed to protection of communications between a trusted execution environment and a hardware accelerator utilizing enhanced end-to-end encryption and inter-context security. An embodiment of an apparatus includes one or more processors having one or more trusted execution environments (TEEs) including a first TEE to include a first trusted application; an interface with a hardware accelerator, the hardware accelerator including trusted embedded software or firmware; and a computer memory to store an untrusted kernel mode driver for the hardware accelerator, the one or more processors to establish an encrypted tunnel between the first trusted application in the first TEE and the trusted software or firmware, generate a call for a first command from the first trusted application, generate an integrity tag for the first command, and transfer command parameters for the first command and the integrity tag to the kernel mode driver to generate the first command.

Abstract: An accelerator includes a memory, a compute zone to receive an encrypted workload downloaded from a tenant application running in a virtual machine on a host computing system attached to the accelerator, and a processor subsystem to execute a cryptographic key exchange protocol with the tenant application to derive a session key for the compute zone and to program the session key into the compute zone. The compute zone is to decrypt the encrypted workload using the session key, receive an encrypted data stream from the tenant application, decrypt the encrypted data stream using the session key, and process the decrypted data stream by executing the workload to produce metadata.

Abstract: Embodiments are directed to protection of privacy and data on smart edge devices. An embodiment of an apparatus includes a sensor to produce a stream of sensor data; an analytics mechanism; and a trusted execution environment (TEE) including multiple keys for data security, the apparatus to exchange keys with a host server to establish one or more secure communication channels between the apparatus and a TEE on a host server, process the stream of sensor data utilizing the analytics mechanism to generate metadata, perform encryption and integrity protection of the metadata utilizing a key from the TEE for the sensor, sign the metadata utilizing a private key for the analytics mechanism, and transfer the encrypted and integrity protected metadata and the signature to the host server via the one or more secure communication channels in a manner that prevents privileged users on the host from accessing the data.

Abstract: The present invention discloses a secure ML pipeline to improve the robustness of ML models against poisoning attacks and utilizing data provenance as a tool. Two components are added to the ML pipeline, a data quality pre-processor, which filters out untrusted training data based on provenance derived features and an audit post-processor, which localizes the malicious source based on training dataset analysis using data provenance.

Abstract: Various systems and methods for implementing tiered access to regions of interest in video frames are described herein. A system for implementing tiered access to regions of interest in video frames, comprising: a memory device to store a mapping table, the mapping table to store a correspondence between a protection level and a consumer; video processing circuitry to: compress a video stream using a lossless video compression standard, the video stream comprising a plurality of frames, each frame comprising a plurality of image blocks; and encrypt each block in each frame of the video stream using an encryption key; and inference circuitry to: use an object detection and classification process on the video stream to identify an object in the video stream; access a policy store to determine a corresponding protection level for the object; and store the corresponding protection level in lossless video compression metadata.

Abstract: Embodiments are directed to protection of communications between a trusted execution environment and a hardware accelerator utilizing enhanced end-to-end encryption and inter-context security. An embodiment of an apparatus includes one or more processors having one or more trusted execution environments (TEEs) including a first TEE to include a first trusted application; an interface with a hardware accelerator, the hardware accelerator including trusted embedded software or firmware; and a computer memory to store an untrusted kernel mode driver for the hardware accelerator, the one or more processors to establish an encrypted tunnel between the first trusted application in the first TEE and the trusted software or firmware, generate a call for a first command from the first trusted application, generate an integrity tag for the first command, and transfer command parameters for the first command and the integrity tag to the kernel mode driver to generate the first command.

Abstract: Embodiments are directed to protection of privacy and data on smart edge devices. An embodiment of an apparatus includes a sensor to produce a stream of sensor data; an analytics mechanism; and a trusted execution environment (TEE) including multiple keys for data security, the apparatus to exchange keys with a host server to establish one or more secure communication channels between the apparatus and a TEE on a host server, process the stream of sensor data utilizing the analytics mechanism to generate metadata, perform encryption and integrity protection of the metadata utilizing a key from the TEE for the sensor, sign the metadata utilizing a private key for the analytics mechanism, and transfer the encrypted and integrity protected metadata and the signature to the host server via the one or more secure communication channels in a manner that prevents privileged users on the host from accessing the data.

Abstract: A method and apparatus for integrating a personal information device (PID) on a mobile computer that includes activating a first mode to display data originating with the PID in a first display area of a display. The mobile computer switches to a second mode to display data associated with the second mode in a second display area of the display.

Abstract: The present invention discloses a method comprising: calculating an X separation distance between a left eye and a right eye, said X separation distance corresponding to an interpupilary distance in a horizontal direction; and transforming geometry and texture only once for said left eye and said right eye.

Abstract: The present invention discloses a method comprising: calculating an X separation distance between a left eye and a right eye, said X separation distance corresponding to an interpupilary distance in a horizontal direction; and transforming geometry and texture only once for said left eye and said right eye.

Abstract: A display that includes energy sensors within the display itself is disclosed. An Organic Light Emitting Diode (OLED) can be made to operate both as a light emitter and as an energy detector. When forward biased with an appropriate driving signal, the OLED emits light via electroluminescence, which can be used to make a portion of an image on the display. In another mode, the OLED can detect energy by converting incoming photons or energy into an electrical signal by the photoelectric effect. By operating OLEDs in the display in both emissive and sensing modes, energy that shines on the display, such as from an outside source can be detected at the same time an image is shown. Additionally, a display including OLEDs can detect light energy generated by the display itself.

Abstract: An image capture system comprises an image input and processing unit. The image input obtains image information which is then passed to the processing unit. The processing unit is coupled to the image input for determining image metrics on the image information. The processing unit initiates a capture sequence when the image metrics meet a predetermined condition. The capture sequence may store one or more images, or it may indicate that one or more images have been detected. In one embodiment, the image input is a CMOS or CCD sensor.

Abstract: The present invention discloses a method comprising: calculating an X separation distance between a left eye and a right eye, said X separation distance corresponding to an interpupilary distance in a horizontal direction; and transforming geometry and texture only once for said left eye and said right eye.

Abstract: A method and apparatus for integrating a personal information device (PID) on a mobile computer that includes activating a first mode to display data originating with the PID in a first display area of a display. The mobile computer switches to a second mode to display data associated with the second mode in a second display area of the display.

Abstract: A method for storing a first frame into a system, wherein the system includes i) a first chip, ii) a display controller, and iii) a copy device, and wherein the first chip includes a first memory. The method includes: reading, using the display controller, a first frame from a second memory, wherein the second memory is external to the first chip; and while the first frame is being read from the second memory by the display controller, using the copy device to copy the first frame from the second memory to the first memory. Subsequent to the copy device copying the first frame from the second memory to the first memory, the first frame is stored in both the first memory and the second memory.

Abstract: A method and apparatus for integrating a personal information device (PID) on a mobile computer that includes activating a first mode to display data originating with the PID in a first display area of a display. The mobile computer switches to a second mode to display data associated with the second mode in a second display area of the display.