Patents by Inventor Steven B. McGowan
Steven B. McGowan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11741230Abstract: Technologies for trusted I/O attestation and verification include a computing device with a cryptographic engine and one or more I/O controllers. The computing device collects hardware attestation information associated with statically attached hardware I/O components that are associated with a trusted I/O usage protected by the cryptographic engine. The computing device verifies the hardware attestation information and securely enumerates one or more dynamically attached hardware components in response to verification. The computing device collects software attestation information for trusted software components loaded during secure enumeration. The computing device verifies the software attestation information. The computing device may collect firmware attestation information for firmware loaded in the I/O controllers and verify the firmware attestation information.Type: GrantFiled: October 22, 2021Date of Patent: August 29, 2023Assignee: INTEL CORPORATIONInventors: Pradeep M. Pappachan, Reshma Lal, Bin Xing, Siddhartha Chhabra, Vincent R. Scarlata, Steven B. McGowan
-
Patent number: 11561765Abstract: An apparatus for managing input/output (I/O) data may include a streaming I/O controller to receive data from a load/store domain component and output the data as first streaming data of a first data type comprising a first data movement type and first data format type. The apparatus may also include at least one accelerator coupled to the streaming I/O controller to receive the first streaming data, transform the first streaming data to second streaming data having a second data type different than the first data type, and output the second streaming data. In addition, the apparatus may include a streaming interconnect to conduct the second data to a peer device configured to receive data of the second data type.Type: GrantFiled: July 23, 2021Date of Patent: January 24, 2023Assignee: Intel CorporationInventors: John Howard, Steven B. McGowan, Krzysztof Perycz
-
Publication number: 20220050662Abstract: An apparatus for managing input/output (I/O) data may include a streaming I/O controller to receive data from a load/store domain component and output the data as first streaming data of a first data type comprising a first data movement type and first data format type. The apparatus may also include at least one accelerator coupled to the streaming I/O controller to receive the first streaming data, transform the first streaming data to second streaming data having a second data type different than the first data type, and output the second streaming data. In addition, the apparatus may include a streaming interconnect to conduct the second data to a peer device configured to receive data of the second data type.Type: ApplicationFiled: July 23, 2021Publication date: February 17, 2022Inventors: John Howard, Steven B. McGowan, Krzysztof Perycz
-
Publication number: 20220035923Abstract: Technologies for trusted I/O attestation and verification include a computing device with a cryptographic engine and one or more I/O controllers. The computing device collects hardware attestation information associated with statically attached hardware I/O components that are associated with a trusted I/O usage protected by the cryptographic engine. The computing device verifies the hardware attestation information and securely enumerates one or more dynamically attached hardware components in response to verification. The computing device collects software attestation information for trusted software components loaded during secure enumeration. The computing device verifies the software attestation information. The computing device may collect firmware attestation information for firmware loaded in the I/O controllers and verify the firmware attestation information.Type: ApplicationFiled: October 22, 2021Publication date: February 3, 2022Applicant: Intel CorporationInventors: Pradeep M. Pappachan, Reshma Lal, Bin Xing, Siddhartha Chhabra, Vincent R. Scarlata, Steven B. McGowan
-
Patent number: 11157623Abstract: Technologies for trusted I/O attestation and verification include a computing device with a cryptographic engine and one or more I/O controllers. The computing device collects hardware attestation information associated with statically attached hardware I/O components that are associated with a trusted I/O usage protected by the cryptographic engine. The computing device verifies the hardware attestation information and securely enumerates one or more dynamically attached hardware components in response to verification. The computing device collects software attestation information for trusted software components loaded during secure enumeration. The computing device verifies the software attestation information. The computing device may collect firmware attestation information for firmware loaded in the I/O controllers and verify the firmware attestation information.Type: GrantFiled: February 20, 2019Date of Patent: October 26, 2021Assignee: INTEL CORPORATIONInventors: Pradeep M. Pappachan, Reshma Lal, Bin Xing, Siddhartha Chhabra, Vincent R. Scarlata, Steven B. McGowan
-
Patent number: 11074042Abstract: An apparatus for managing input/output (I/O) data may include a streaming I/O controller to receive data from a load/store domain component and output the data as first streaming data of a first data type comprising a first data movement type and first data format type. The apparatus may also include at least one accelerator coupled to the streaming I/O controller to receive the first streaming data, transform the first streaming data to second streaming data having a second data type different than the first data type, and output the second streaming data. In addition, the apparatus may include a streaming interconnect to conduct the second data to a peer device configured to receive data of the second data type.Type: GrantFiled: March 16, 2020Date of Patent: July 27, 2021Assignee: Intel CorporationInventors: John Howard, Steven B. McGowan, Krzysztof Perycz
-
Patent number: 10943012Abstract: Technologies for trusted I/O attestation and verification include a computing device with a cryptographic engine and one or more I/O controllers. The computing device collects hardware attestation information associated with statically attached hardware I/O components that are associated with a trusted I/O usage protected by the cryptographic engine. The computing device verifies the hardware attestation information and securely enumerates one or more dynamically attached hardware components in response to verification. The computing device collects software attestation information for trusted software components loaded during secure enumeration. The computing device verifies the software attestation information. The computing device may collect firmware attestation information for firmware loaded in the I/O controllers and verify the firmware attestation information.Type: GrantFiled: January 29, 2019Date of Patent: March 9, 2021Assignee: INTEL CORPORATIONInventors: Pradeep M. Pappachan, Reshma Lal, Bin Xing, Siddhartha Chhabra, Vincent R. Scarlata, Steven B. McGowan
-
Publication number: 20200218505Abstract: An apparatus for managing input/output (I/O) data may include a streaming I/O controller to receive data from a load/store domain component and output the data as first streaming data of a first data type comprising a first data movement type and first data format type. The apparatus may also include at least one accelerator coupled to the streaming I/O controller to receive the first streaming data, transform the first streaming data to second streaming data having a second data type different than the first data type, and output the second streaming data. In addition, the apparatus may include a streaming interconnect to conduct the second data to a peer device configured to receive data of the second data type.Type: ApplicationFiled: March 16, 2020Publication date: July 9, 2020Applicant: INTEL CORPORATIONInventors: John Howard, Steven B. McGowan, Krzysztof Perycz
-
Patent number: 10691404Abstract: Technologies for cryptographic protection of I/O audio data include a computing device with a cryptographic engine and an audio controller. A trusted software component may request an untrusted audio driver to establish an audio session with the audio controller that is associated with an audio codec. The trusted software component may verify that a stream identifier associated with the audio session received from the audio driver matches a stream identifier received from the codec. The trusted software may program the cryptographic engine with a DMA channel identifier associated with the codec, and the audio controller may assert the channel identifier in each DMA transaction associated with the audio session. The cryptographic engine cryptographically protects audio data associated with the audio session. The audio controller may lock the controller topology after establishing the audio session, to prevent re-routing of audio during a trusted audio session. Other embodiments are described and claimed.Type: GrantFiled: March 1, 2019Date of Patent: June 23, 2020Assignee: Intel CorporationInventors: Sudha Krishnakumar, Reshma Lal, Pradeep M. Pappachan, Kar Leong Wong, Steven B. McGowan, Adeel A. Aslam
-
Patent number: 10592205Abstract: An apparatus for managing input/output (I/O) data may include a streaming I/O controller to receive data from a load/store domain component and output the data as first streaming data of a first data type comprising a first data movement type and first data format type. The apparatus may also include at least one accelerator coupled to the streaming I/O controller to receive the first streaming data, transform the first streaming data to second streaming data having a second data type different than the first data type, and output the second streaming data. In addition, the apparatus may include a streaming interconnect to conduct the second data to a peer device configured to receive data of the second data type.Type: GrantFiled: November 7, 2018Date of Patent: March 17, 2020Assignee: INTEL CORPORATIONInventors: John Howard, Steven B. McGowan, Krzysztof Perycz
-
Patent number: 10552619Abstract: Technologies for trusted I/O (TIO) include a computing device with a cryptographic engine and one or more I/O controllers. The computing device executes a TIO core service that has a cryptographic engine programming privileged granted by an operating system. The TIO core service receives a request from an application to protect a DMA channel. The TIO core service requests the operating system to protect the DMA channel, and the operating system verifies the cryptographic engine programming privilege of the TIO core service in response. The operating system programs the cryptographic engine to protect the DMA channel in response to verifying the cryptographic engine programming privilege of the TIO core service. If a privileged delegate determines that a user has confirmed termination of protection of the DMA channel, the TIO core service may unprotect the DMA channel. Other embodiments are described and claimed.Type: GrantFiled: December 18, 2015Date of Patent: February 4, 2020Assignee: Intel CorporationInventors: Bin Xing, Pradeep M. Pappachan, Siddhartha Chhabra, Reshma Lal, Steven B. McGowan
-
Publication number: 20190278911Abstract: Technologies for trusted I/O attestation and verification include a computing device with a cryptographic engine and one or more I/O controllers. The computing device collects hardware attestation information associated with statically attached hardware I/O components that are associated with a trusted I/O usage protected by the cryptographic engine. The computing device verifies the hardware attestation information and securely enumerates one or more dynamically attached hardware components in response to verification. The computing device collects software attestation information for trusted software components loaded during secure enumeration. The computing device verifies the software attestation information. The computing device may collect firmware attestation information for firmware loaded in the I/O controllers and verify the firmware attestation information.Type: ApplicationFiled: February 20, 2019Publication date: September 12, 2019Applicant: Intel CorporationInventors: Pradeep M. Pappachan, Reshma Lal, Bin Xing, Siddhartha Chhabra, Vincent R. Scarlata, Steven B. McGowan
-
Patent number: 10372656Abstract: In one embodiment, an apparatus includes a wireless controller, which may include a byte stream parser to receive a stream of data from one or more wireless devices and parse the stream of data to identify a first data packet associated with a first channel identifier associated with a trusted application, and a cryptographic engine coupled to the byte stream parser to encrypt a payload portion of the first data packet in response to the identification of the first data packet associated with the first channel identifier. Other embodiments are described and claimed.Type: GrantFiled: November 21, 2016Date of Patent: August 6, 2019Assignee: Intel CorporationInventors: Srikanth Varadarajan, Reshma Lal, Steven B. McGowan, Hakan Magnus Eriksson, Travis W. Peters
-
Publication number: 20190205087Abstract: Technologies for cryptographic protection of I/O audio data include a computing device with a cryptographic engine and an audio controller. A trusted software component may request an untrusted audio driver to establish an audio session with the audio controller that is associated with an audio codec. The trusted software component may verify that a stream identifier associated with the audio session received from the audio driver matches a stream identifier received from the codec. The trusted software may program the cryptographic engine with a DMA channel identifier associated with the codec, and the audio controller may assert the channel identifier in each DMA transaction associated with the audio session. The cryptographic engine cryptographically protects audio data associated with the audio session. The audio controller may lock the controller topology after establishing the audio session, to prevent re-routing of audio during a trusted audio session. Other embodiments are described and claimed.Type: ApplicationFiled: March 1, 2019Publication date: July 4, 2019Inventors: Sudha Krishnakumar, Reshma Lal, Pradeep M. Pappachan, Kar Leong Wong, Steven B. McGowan, Adeel A. Aslam
-
Patent number: 10303900Abstract: Technologies for secure programming of a cryptographic engine include a computing device with a cryptographic engine and one or more I/O controllers. The computing device establishes, an invoking secure enclave using secure enclave support of a processor. The invoking enclave configures channel programming information, including a channel key, and invokes a processor instruction with the channel programming information as a parameter. The processor generates wrapped programming information including an encrypted channel key and a message authentication code. The encrypted channel key is protected with a key known only to the processor. The invoking enclave provides the wrapped programming information to untrusted software, which invokes a processor instruction with the wrapped programming information as a parameter. The processor unwraps and verifies the wrapped programming information and then programs the cryptographic engine.Type: GrantFiled: December 22, 2015Date of Patent: May 28, 2019Assignee: Intel CorporationInventors: Siddhartha Chhabra, Gideon Gerzon, Reshma Lal, Bin Xing, Pradeep M. Pappachan, Steven B. McGowan
-
Publication number: 20190156038Abstract: Technologies for trusted I/O attestation and verification include a computing device with a cryptographic engine and one or more I/O controllers. The computing device collects hardware attestation information associated with statically attached hardware I/O components that are associated with a trusted I/O usage protected by the cryptographic engine. The computing device verifies the hardware attestation information and securely enumerates one or more dynamically attached hardware components in response to verification. The computing device collects software attestation information for trusted software components loaded during secure enumeration. The computing device verifies the software attestation information. The computing device may collect firmware attestation information for firmware loaded in the I/O controllers and verify the firmware attestation information.Type: ApplicationFiled: January 29, 2019Publication date: May 23, 2019Inventors: Pradeep M. Pappachan, Reshma Lal, Bin Xing, Siddhartha Chhabra, Vincent R. Scarlata, Steven B. McGowan
-
Patent number: 10261748Abstract: Technologies for cryptographic protection of I/O audio data include a computing device with a cryptographic engine and an audio controller. A trusted software component may request an untrusted audio driver to establish an audio session with the audio controller that is associated with an audio codec. The trusted software component may verify that a stream identifier associated with the audio session received from the audio driver matches a stream identifier received from the codec. The trusted software may program the cryptographic engine with a DMA channel identifier associated with the codec, and the audio controller may assert the channel identifier in each DMA transaction associated with the audio session. The cryptographic engine cryptographically protects audio data associated with the audio session. The audio controller may lock the controller topology after establishing the audio session, to prevent re-routing of audio during a trusted audio session. Other embodiments are described and claimed.Type: GrantFiled: December 18, 2015Date of Patent: April 16, 2019Assignee: Intel CorporationInventors: Sudha Krishnakumar, Reshma Lal, Pradeep M. Pappachan, Kar Leong Wong, Steven B. McGowan, Adeel A. Aslam
-
Patent number: 10248791Abstract: Technologies for trusted I/O attestation and verification include a computing device with a cryptographic engine and one or more I/O controllers. The computing device collects hardware attestation information associated with statically attached hardware I/O components that are associated with a trusted I/O usage protected by the cryptographic engine. The computing device verifies the hardware attestation information and securely enumerates one or more dynamically attached hardware components in response to verification. The computing device collects software attestation information for trusted software components loaded during secure enumeration. The computing device verifies the software attestation information. The computing device may collect firmware attestation information for firmware loaded in the I/O controllers and verify the firmware attestation information.Type: GrantFiled: December 18, 2015Date of Patent: April 2, 2019Assignee: Intel CorporationInventors: Pradeep M. Pappachan, Reshma Lal, Bin Xing, Siddhartha Chhabra, Vincent R. Scarlata, Steven B. McGowan
-
Publication number: 20190073194Abstract: An apparatus for managing input/output (I/O) data may include a streaming I/O controller to receive data from a load/store domain component and output the data as first streaming data of a first data type comprising a first data movement type and first data format type. The apparatus may also include at least one accelerator coupled to the streaming I/O controller to receive the first streaming data, transform the first streaming data to second streaming data having a second data type different than the first data type, and output the second streaming data. In addition, the apparatus may include a streaming interconnect to conduct the second data to a peer device configured to receive data of the second data type.Type: ApplicationFiled: November 7, 2018Publication date: March 7, 2019Applicant: INTEL CORPORATIONInventors: John HOWARD, Steven B. MCGOWAN, Krzysztof PERYCZ
-
Patent number: 10181946Abstract: Technologies for cryptographic protection of I/O data include a computing device with one or more I/O controllers. Each I/O controller may generate a direct memory access (DMA) transaction that includes a channel identifier that is indicative of the I/O controller and that is indicative of an I/O device coupled to the I/O controller. The computing device intercepts the DMA transaction and determines whether to protect the DMA transaction as a function of the channel identifier. If so, the computing device performs a cryptographic operation using an encryption key associated with the channel identifier. The computing device may include a cryptographic engine that intercepts the DMA transaction and determines whether to protect the DMA transaction by determining whether the channel identifier matches an entry in a channel identifier table of the cryptographic engine. Other embodiments are described and claimed.Type: GrantFiled: December 18, 2015Date of Patent: January 15, 2019Assignee: Intel CorporationInventors: Reshma Lal, Steven B. McGowan, Siddhartha Chhabra, Gideon Gerzon, Bin Xing, Pradeep M. Pappachan, Reouven Elbaz