Patents by Inventor Ned M. Smith

Ned M. Smith has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10790995
    Abstract: Systems and methods of oracle authentication in a network using a plurality of memory physical unclonable functions (PUFs). Method starts with oracle receiving initialization vector including initial seed value from client device. Oracle generates template that includes a PUF array. Oracle computes template using a superset of combinations of PUFs included in the oracle and transmits template to client device. Oracle generates first seed value, first key, and first authentication nonce, using pseudorandom number generator and the initial seed value. When oracle has first data to be sent to the client device, oracle generates first token using PUF array and first authentication nonce. Oracle generates first message by encrypting first data and first token using first key. The oracle transmits first message to the client device. Other embodiments are also disclosed.
    Type: Grant
    Filed: June 28, 2018
    Date of Patent: September 29, 2020
    Assignee: Intel Corporation
    Inventors: Ned M. Smith, Rajesh Poornachandran
  • Patent number: 10790978
    Abstract: Technologies for secure collective authorization include multiple computing devices in communication over a network. A computing device may perform a join protocol with a group leader to receive a group private key that is associated with an interface implemented by the computing device. The interface may be an instance of an object model implemented by the computing device or membership of the computing device in a subsystem. The computing device receives a request for attestation to the interface, selects the group private key for the interface, and sends an attestation in response to the request. Another computing device may receive the attestation and verify the attestation with a group public key corresponding to the group private key. The group private key may be an enhanced privacy identifier (EPID) private key, and the group public key may be an EPID public key. Other embodiments are described and claimed.
    Type: Grant
    Filed: September 21, 2016
    Date of Patent: September 29, 2020
    Assignee: Intel Corporation
    Inventors: Ned M. Smith, Omer Ben-Shalom, Alex Nayshtut
  • Publication number: 20200305042
    Abstract: To address technical problems facing producer and consumer mobility in cellular ICN/NDN networks, a technical solution includes leveraging device tracking during handover in the cellular system to optimize cache replacement and route updates during handover. This solution also improves performance by advance caching and route update during mobility handling, which reduces or eliminates interest packet flooding and latency for upcoming potential content request and retrieval. This solution also improves performance by operating based on the observed popularity of the content, and based on the mobility patterns of the consumer and producer.
    Type: Application
    Filed: June 28, 2019
    Publication date: September 24, 2020
    Inventors: S. M. Iftekharul Alam, Gabriel Arrobo Vidal, Ravikumar Balakrishnan, Kuilin Clark Chen, Zongrui Ding, Venkatesan Nallampatti Ekambaram, Maruti Gupta Hyde, Satish Chandra Jha, Stepan Karpenko, Kathiravetpillai Sivanesan, Maria Ramirez Loaiza, Ned M. Smith, Srikathyayani Srikanteswara, Yi Zhang
  • Patent number: 10768863
    Abstract: Techniques related to preventing unauthorized access to a computing device are disclosed. The techniques include a machine-readable medium, on which are stored instructions, comprising instructions that when executed cause a device to identify a host hardware configuration, obtain a policy based on the host hardware configuration, monitor two or more memory transactions based on the policy, identify, based on the memory transactions, a memory transaction pattern, wherein the memory transaction pattern is associated with an attempt to obtain unauthorized access to the device, and take one or more actions to interfere with attempts to obtain unauthorized access to the device based on the policy.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: September 8, 2020
    Assignee: Intel Corporation
    Inventors: Rajesh Poornachandran, Vincent J. Zimmer, Ned M. Smith, Nadhiya Chandramohan
  • Patent number: 10771421
    Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to facilitate information exchange using publish-subscribe with blockchain. An example apparatus includes a broker including a processor and a distributed ledger module. The example distributed ledger module stores a message to be relayed by the broker from a publisher to a subscriber. The example processor is to at least compute, triggered by receipt of the message by the broker, a proof-of-work (PoW) function. The example processor is to at least verify the computation of the PoW function. The example processor is to at least transmit, upon verifying the computation of the PoW function, the message to the subscriber. The example processor is to at least process feedback received by the broker to update the PoW function.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: September 8, 2020
    Assignee: Intel Corporation
    Inventors: Ned M. Smith, Michael Nolan, Davide Carboni
  • Patent number: 10764058
    Abstract: A system includes processing circuitry; and a memory device including instructions embodied thereon, wherein the instructions, which when executed by the processing circuitry, configure the processing circuitry to perform operations comprising: accessing input data, at an aggregator node, the input data including sensor data from a plurality of sensor nodes, each sensor data having a respective signature; validating the sensor data by using respective cryptographic hash functions on the sensor data and evaluating the respective result using the respective signature; performing an aggregation function on the sensor data to produce aggregate data; executing a hash function on the aggregate data to produce a hash value for the aggregate data bundling the sensor data, respective signatures of the sensor data, aggregate data, and hash value for the aggregate data in a data structure; and exposing the data structure to subscriber nodes on the IoT network.
    Type: Grant
    Filed: June 29, 2018
    Date of Patent: September 1, 2020
    Assignee: Intel Corporation
    Inventors: Thiago Macieira, Ned M. Smith, Joseph Morrow
  • Publication number: 20200275273
    Abstract: Various systems and methods for establishing network connectivity and onboarding for Internet of Things (IoT) devices and trusted platforms, including in Open Connectivity Foundation (OCF) specification device deployments, are discussed. In an example, a zero touch owner transfer method includes operations of: receiving a first request from a new device for network access to begin an onboarding procedure with a network platform; transmitting credentials of a first network to the new device, the first network used to access a rendezvous server and obtain onboarding information associated with the network platform; receiving a second request from the new device for network access to continue the onboarding procedure; and transmitting credentials of a second network to the new device, as the new device uses the second network to access the onboarding server of the network platform and perform or complete the onboarding procedure with the network platform.
    Type: Application
    Filed: September 28, 2018
    Publication date: August 27, 2020
    Inventors: Ned M. Smith, Mats Gustav Agerstam, Nathan Heldt-Sheller, Abhilasha Bhargav-Spantzel
  • Publication number: 20200274864
    Abstract: In an embodiment a single user authentication event, performed between a trusted path hardware module and a service provider via an out of band communication, can enable a user to transparently access multiple service providers using strong credentials that are specific to each service provider. The authentication event may be based on multifactor authentication that is indicative of a user's actual physical presence. Thus, for example, a user would not need to enter a different retinal scan to gain access to each of the service providers. Other embodiments are described herein.
    Type: Application
    Filed: May 12, 2020
    Publication date: August 27, 2020
    Inventors: Abdul M. Bailey, Ned M. Smith, Atul Gupta
  • Publication number: 20200274934
    Abstract: Various systems and methods of establishing and utilizing device management (DM) services in Internet of Things (IoT) networks and similar distributed network architectures, are described. In an example, RESTful messaging within IoT operational and resource models are used to establish, instantiate, and operate DM services having various roles within an IoT framework abstraction.
    Type: Application
    Filed: September 21, 2018
    Publication date: August 27, 2020
    Inventor: Ned M. Smith
  • Publication number: 20200274849
    Abstract: Systems and techniques to enable message routing among multiple devices and device domains, via end-to-end tunneling techniques, are disclosed. In an example, techniques and device configurations involving the use of RESTful protocols that communicate OSCORE (Object Security for Constrained RESTful Environments) payloads over OSCORE tunnels, involve receiving an OSCORE message having an encrypted COSE (Concise Binary Object Representation (CBOR) Object Signing and Encryption) object payload and inserting the OSCORE message into an OSCORE tunnel message to implement a tunneled communication with a receiving device. Here, the tunnel message includes the OSCORE message within an envelope encrypted COSE object payload. The OSCORE tunnel message may then be transmitted to the receiving device. Further techniques and device configurations for the receipt, processing, conversion, and decryption of such tunneled messages are also disclosed.
    Type: Application
    Filed: September 28, 2018
    Publication date: August 27, 2020
    Inventor: Ned M. Smith
  • Patent number: 10757757
    Abstract: Various systems and methods for enhancing a distributed computing environment with multiple edge hosts and user devices, including in multi-access edge computing (MEC) network platforms and settings, are described herein. A device of a lifecycle management (LCM) proxy apparatus obtains a request, from a device application, for an application multiple context of an application. The application multiple context for the application is determined. The request from the device application for the application multiple context for the application is authorized. A device application identifier based on the request is added to the application multiple context. A created response for the device application based on the authorization of the request is transmitted to the device application. The response includes an identifier of the application multiple context.
    Type: Grant
    Filed: December 28, 2018
    Date of Patent: August 25, 2020
    Assignee: Intel Corporation
    Inventors: Dario Sabella, Ned M. Smith, Neal Oliver, Kshitij Arun Doshi, Suraj Prabhakaran, Francesc Guim Bernat, Miltiadis Filippou
  • Publication number: 20200267135
    Abstract: In one embodiment, an apparatus comprises a processor to execute instructions and having at least a first logic to execute in a trusted execution environment, a secure storage to store a platform group credential, and a first logical device comprising at least one hardware logic. The platform group credential may be dynamically provisioned into the apparatus and corresponding to an enhanced privacy identifier associated with the apparatus. The first logical device may have a first platform group private key dynamically provisioned into the first logical device and corresponding to an enhanced privacy identifier associated with the first logical device, to bind the first logical device to the apparatus. Other embodiments are described and claimed.
    Type: Application
    Filed: February 20, 2020
    Publication date: August 20, 2020
    Inventors: Ned M. Smith, Sven Schrecker
  • Publication number: 20200259835
    Abstract: Disclosed examples include during basic discovery, provide information from a local device to a first remote trusted device, the information to indicate the local device supports trusted discovery and to establish the local device as a second remote trusted device; during the trusted discovery, access, by the local device, a trusted discovery message received from the first remote trusted device; in response to verifying security credentials identified in the trusted discovery message for the first remote trusted device: add the first remote trusted device to a trusted network including the local device; and index, by the local device, a first service hosted by the first remote trusted device in a registry, the registry to identify second services available to the local device and corresponding locations of the second services.
    Type: Application
    Filed: April 29, 2020
    Publication date: August 13, 2020
    Inventors: Ned M. Smith, Venkata Ramanan Sambandam
  • Patent number: 10742624
    Abstract: There is disclosed in one example a sentinel device, including: a hardware platform including at least a processor and configured to provide a trusted execution environment (TEE); and a security engine operable to instruct the hardware platform to: determine that an internet of things (IoT) device in a first realm R1 requires a secure communication channel with a second device in a second realm R2; query a key server for a service appliance key for the secure communication channel; establish a secure communication channel with the endpoint device using the service appliance key and the TEE; and provide a security service function within R1 including brokering communication via the secure communication channel between the IoT device and the second device.
    Type: Grant
    Filed: February 12, 2019
    Date of Patent: August 11, 2020
    Assignee: McAfee, LLC.
    Inventors: Ned M. Smith, Simon Hunt, Venkata Ramanan Sambandam
  • Publication number: 20200250343
    Abstract: Systems, apparatuses and methods may provide for conducting a signature verification of a mandatory access control policy and provisioning the mandatory access control policy into kernel memory if the signature verification is successful. Additionally, the kernel memory may be protected from unauthorized write operations by one or more processes having system level privileges. In one example, the mandatory access control policy is provisioned without a system reboot.
    Type: Application
    Filed: December 27, 2019
    Publication date: August 6, 2020
    Applicant: Intel Corporation
    Inventors: Ned M. Smith, Manohar R. Castelino, Harshawardhan Vipat
  • Publication number: 20200250003
    Abstract: In one embodiment, an apparatus comprises a processor to: identify a workload comprising a plurality of tasks; generate a workload graph based on the workload, wherein the workload graph comprises information associated with the plurality of tasks; identify a device connectivity graph, wherein the device connectivity graph comprises device connectivity information associated with a plurality of processing devices; identify a privacy policy associated with the workload; identify privacy level information associated with the plurality of processing devices; identify a privacy constraint based on the privacy policy and the privacy level information; and determine a workload schedule, wherein the workload schedule comprises a mapping of the workload onto the plurality of processing devices, and wherein the workload schedule is determined based on the privacy constraint, the workload graph, and the device connectivity graph.
    Type: Application
    Filed: June 29, 2018
    Publication date: August 6, 2020
    Applicant: Intel Corporation
    Inventors: Shao-Wen Yang, Yen-Kuang Chen, Ragaad Mohammed Irsehid Altarawneh, Juan Pablo Munoz Chiabrando, Siew Wen Chin, Kushal Datta, Subramanya R. Dulloor, Julio C. Zamora Esquivel, Omar Ulises Florez Choque, Vishakha Gupta, Scott D. Hahn, Rameshkumar Illikkal, Nilesh Kumar Jain, Siti Khairuni Amalina Kamarol, Anil S. Keshavamurthy, Heng Kar Lau, Jonathan A. Lefman, Yiting Liao, Michael G. Millsap, Ibrahima J. Ndiour, Luis Carlos Maria Remis, Addicam V. Sanjay, Usman Sarwar, Eve M. Schooler, Ned M. Smith, Vallabhajosyula S. Somayazulu, Christina R. Strong, Omesh Tickoo, Srenivas Varadarajan, Jesús A. Cruz Vargas, Hassnaa Moustafa, Arun Raghunath, Katalin Klara Bartfai-Walcott, Maruti Gupta Hyde, Deepak S. Vembar, Jessica McCarthy
  • Publication number: 20200244728
    Abstract: Techniques are provided for optimizing the operations of an ICN, particularly for an ICN with clustered nodes. A cluster head node may function as an orchestrator and a coordinator for efficient caching, routing, and computing and for co-existence of ICN and IP nodes in the network. A content store of an ICN router may include an indication of the time after which data expires and the new data is to be swapped in place of the expired data after that point in time. Digital rights management (DRM) enforcement is provided by managing access to a DRM engine in at least one of the ICN nodes in a cluster. Congestion control is provided by minimizing the number of ICN scoped interest requests and thereby minimizing the potentially high volume of data responses. These techniques optimize interest packet forwarding and processing through collaboration with neighboring ICN nodes.
    Type: Application
    Filed: June 27, 2019
    Publication date: July 30, 2020
    Inventors: Satish Chandra Jha, Kathiravetpillai Sivanesan, Ned M. Smith, Srikathyayani Srikanteswara, Eve M. Schooler, Jeffrey Christopher Sedayao, Stepan Karpenko, Venkatesan Nallampatti Ekambaram, S. M. Iftekharul Alam, Kuilin Clark Chen, Yi Zhang, Gabriel Arrobo Vidal, Jessica C. McCarthy, Maruti Gupta Hyde, Hassnaa Moustafa
  • Publication number: 20200233717
    Abstract: Technologies for hybrid acceleration of code include a computing device (100) having a processor (120), a field-programmable gate array (FPGA) (130), and an application-specific integrated circuit (ASIC) (132). The computing device (100) offloads a service request, such as a cryptographic request or a packet processing request, to the FPGA (130). The FPGA (130) performs one or more algorithmic tasks of an algorithm to perform the service request. The FPGA (130) determines one or more primitive tasks associated with an algorithm task and encapsulates each primitive task in a buffer that is accessible by the ASIC (132). The ASIC (132) performs the primitive tasks in response to encapsulation in the buffer, and the FPGA (130) returns results of the algorithm. The primitive operations may include cryptographic primitives such as modular exponentiation, modular multiplicative inverse, and modular multiplication.
    Type: Application
    Filed: March 28, 2017
    Publication date: July 23, 2020
    Inventors: Ned M. SMITH, Changzheng WEI, Songwu SHEN, Ziye YANG, Junyuan WANG, Weigang LI, Wenqian YU
  • Patent number: 10719744
    Abstract: In one embodiment, an apparatus comprises a memory and a processor. The memory stores visual data captured by one or more sensors. The processor detects one or more first objects in the visual data based on a machine learning model and one or more first reference templates. The processor further determines, based on an object ontology, that the visual data is expected to contain a second object, wherein the object ontology indicates that the second object is related to the one or more first objects. The processor further detects the second object in the visual data based on the machine learning model and a second reference template. The processor further determines, based on an inference rule, that the visual data is expected to contain a third object. The processor further detects the third object in the visual data based on the machine learning model and a third reference template.
    Type: Grant
    Filed: September 25, 2018
    Date of Patent: July 21, 2020
    Assignee: Intel Corporation
    Inventors: Ned M. Smith, Katalin Klara Bartfai-Walcott, Eve M. Schooler, Shao-Wen Yang
  • Patent number: 10708247
    Abstract: Technologies for providing secure utilization of tenant keys include a compute device. The compute device includes circuitry configured to obtain a tenant key. The circuitry is also configured to receive encrypted data associated with a tenant. The encrypted data defines an encrypted image that is executable by the compute device to perform a workload on behalf of the tenant in a virtualized environment. Further, the circuitry is configured to utilize the tenant key to decrypt the encrypted data and execute the workload without exposing the tenant key to a memory that is accessible to another workload associated with another tenant.
    Type: Grant
    Filed: September 27, 2018
    Date of Patent: July 7, 2020
    Assignee: Intel Corporation
    Inventors: Kapil Sood, Seosamh O'Riordain, Ned M. Smith, Tarun Viswanathan