Patents by Inventor Vadim Sukhomlinov

Vadim Sukhomlinov has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240333514
    Abstract: A method for authenticating a secure credential transfer to a device includes verifying user identity and device identity. In particular, the method includes verifying user identity by requesting and receiving a user identification input at a first client device and verifying device identity of a second client device by (i) determining a security status of the second client device from hardware of the second client device, (ii) invoking an identifier related to the security status of the second client device to an authentication server, and (iii) obtaining certification from the authentication server for the second client device based on the invoked identifier. After verifying the user identity and the device identity, the method includes establishing a secure channel between the first client device and the second client device for the secure credential transfer using one or more tokens generated by the authentication server.
    Type: Application
    Filed: June 10, 2024
    Publication date: October 3, 2024
    Inventors: Vadim Sukhomlinov, Alberto Martin, Andrey Pronin
  • Patent number: 12045308
    Abstract: Detailed are embodiments related to bit matrix multiplication in a processor. For example, in some embodiments a processor comprising: decode circuitry to decode an instruction have fields for an opcode, an identifier of a first source bit matrix, an identifier of a second source bit matrix, an identifier of a destination bit matrix, and an immediate; and execution circuitry to execute the decoded instruction to perform a multiplication of a matrix of S-bit elements of the identified first source bit matrix with S-bit elements of the identified second source bit matrix, wherein the multiplication and accumulation operations are selected by the operation selector and store a result of the matrix multiplication into the identified destination bit matrix, wherein S indicates a plural bit size is described.
    Type: Grant
    Filed: December 16, 2022
    Date of Patent: July 23, 2024
    Assignee: Intel Corporation
    Inventors: Dmitry Y. Babokin, Kshitij A. Doshi, Vadim Sukhomlinov
  • Patent number: 12041174
    Abstract: A method for authenticating a secure credential transfer to a device includes verifying user identity and device identity. In particular, the method includes verifying user identity by requesting and receiving a user identification input at a first client device and verifying device identity of a second client device by (i) determining a security status of the second client device from hardware of the second client device, (ii) invoking an identifier related to the security status of the second client device to an authentication server, and (iii) obtaining certification from the authentication server for the second client device based on the invoked identifier. After verifying the user identity and the device identity, the method includes establishing a secure channel between the first client device and the second client device for the secure credential transfer using one or more tokens generated by the authentication server.
    Type: Grant
    Filed: December 13, 2022
    Date of Patent: July 16, 2024
    Assignee: Google LLC
    Inventors: Vadim Sukhomlinov, Alberto Martin, Andrey Pronin
  • Patent number: 11922220
    Abstract: Embodiments of systems, apparatuses and methods provide enhanced function as a service (FaaS) to users, e.g., computer developers and cloud service providers (CSPs). A computing system configured to provide such enhanced FaaS service include one or more controls architectural subsystems, software and orchestration subsystems, network and storage subsystems, and security subsystems. The computing system executes functions in response to events triggered by the users in an execution environment provided by the architectural subsystems, which represent an abstraction of execution management and shield the users from the burden of managing the execution. The software and orchestration subsystems allocate computing resources for the function execution by intelligently spinning up and down containers for function code with decreased instantiation latency and increased execution scalability while maintaining secured execution.
    Type: Grant
    Filed: April 16, 2019
    Date of Patent: March 5, 2024
    Assignee: Intel Corporation
    Inventors: Mohammad R. Haghighat, Kshitij Doshi, Andrew J. Herdrich, Anup Mohan, Ravishankar R. Iyer, Mingqiu Sun, Krishna Bhuyan, Teck Joo Goh, Mohan J. Kumar, Michael Prinke, Michael Lemay, Leeor Peled, Jr-Shian Tsai, David M. Durham, Jeffrey D. Chamberlain, Vadim A. Sukhomlinov, Eric J. Dahlen, Sara Baghsorkhi, Harshad Sane, Areg Melik-Adamyan, Ravi Sahita, Dmitry Yurievich Babokin, Ian M. Steiner, Alexander Bachmutsky, Anil Rao, Mingwei Zhang, Nilesh K. Jain, Amin Firoozshahian, Baiju V. Patel, Wenyong Huang, Yeluri Raghuram
  • Patent number: 11748178
    Abstract: Examples described herein relate to requesting execution of a workload by a next function with data transport overhead tailored based on memory sharing capability with the next function. In some examples, data transport overhead is one or more of: sending a memory address pointer, virtual memory address pointer or sending data to the next function. In some examples, the memory sharing capability with the next function is based on one or more of: whether the next function shares an enclave with a sender function, the next function shares physical memory domain with a sender function, or the next function shares virtual memory domain with a sender function. In some examples, selection of the next function from among multiple instances of the next function based on one or more of: sharing of memory domain, throughput performance, latency, cost, load balancing, or service legal agreement (SLA) requirements.
    Type: Grant
    Filed: March 31, 2020
    Date of Patent: September 5, 2023
    Assignee: Intel Corporation
    Inventors: Alexander Bachmutsky, Raghu Kondapalli, Francesc Guim Bernat, Vadim Sukhomlinov
  • Publication number: 20230251915
    Abstract: A computing apparatus, including: a hardware computing platform; and logic to operate on the hardware computing platform, configured to: receive a microservice instance registration for a microservice accelerator, wherein the registration includes a microservice that the microservice accelerator is configured to provide, and a microservice connection capability indicating an ability of the microservice instance to communicate directly with other instances of the same or a different microservice; and log the registration in a microservice registration database.
    Type: Application
    Filed: March 27, 2023
    Publication date: August 10, 2023
    Applicant: Intel Corporation
    Inventors: Vadim Sukhomlinov, Kshitij A. Doshi
  • Publication number: 20230195835
    Abstract: Detailed are embodiments related to bit matrix multiplication in a processor. For example, in some embodiments a processor comprising: decode circuitry to decode an instruction have fields for an opcode, an identifier of a first source bit matrix, an identifier of a second source bit matrix, an identifier of a destination bit matrix, and an immediate; and execution circuitry to execute the decoded instruction to perform a multiplication of a matrix of S-bit elements of the identified first source bit matrix with S-bit elements of the identified second source bit matrix, wherein the multiplication and accumulation operations are selected by the operation selector and store a result of the matrix multiplication into the identified destination bit matrix, wherein S indicates a plural bit size is described.
    Type: Application
    Filed: December 16, 2022
    Publication date: June 22, 2023
    Inventors: Dmitry Y. Babokin, Kshitij A. Doshi, Vadim Sukhomlinov
  • Patent number: 11645127
    Abstract: A computing apparatus, including: a hardware computing platform; and logic to operate on the hardware computing platform, configured to: receive a microservice instance registration for a microservice accelerator, wherein the registration includes a microservice that the microservice accelerator is configured to provide, and a microservice connection capability indicating an ability of the microservice instance to communicate directly with other instances of the same or a different microservice; and log the registration in a microservice registration database.
    Type: Grant
    Filed: July 18, 2022
    Date of Patent: May 9, 2023
    Assignee: Intel Corporation
    Inventors: Vadim Sukhomlinov, Kshitij A. Doshi
  • Patent number: 11646980
    Abstract: Technologies for packet forwarding under ingress queue overflow conditions includes a computing device configured to receive a network packet from another computing device, determine whether a global packet buffer of the NIC is full, and determine, in response to a determination that the global packet buffer is full, whether to forward all the global packet buffer entries. The computing device is additionally configured to compare, in response to a determination not to forward all the global packet buffer entries, a selection filter to one or more characteristics of the received network packet and forward, in response to a determination that the selection filter matches the one or more characteristics of the received network packet, the received network packet to a predefined output. Other embodiments are described herein.
    Type: Grant
    Filed: March 30, 2018
    Date of Patent: May 9, 2023
    Assignee: Intel Corporation
    Inventors: Andrey Chilikin, Vadim Sukhomlinov
  • Patent number: 11640305
    Abstract: Examples are described that relate to waking up or invoking a function such as a processor-executed application or a hardware device. The application or a hardware device can specify which sources can cause wake-ups and which sources are not to cause wake-ups. A device or processor-executed software can monitor reads from or writes to a region of memory and cause the application or a hardware device to wake-up unless the wake-up is specified as inhibited. The updated region of memory can be precisely specified to allow a pinpoint retrieval of updated content instead of scanning a memory range for changes. In some cases, a write to a region of memory can include various parameters that are to be used by the woken-up application or a hardware device. Parameters can include a source of a wake-up, a timer to cap execution time, or any other information.
    Type: Grant
    Filed: July 26, 2019
    Date of Patent: May 2, 2023
    Assignee: Intel Corporation
    Inventors: Alexander Bachmutsky, Kshitij A. Doshi, Raghu Kondapalli, Vadim Sukhomlinov
  • Publication number: 20230106348
    Abstract: A method for authenticating a secure credential transfer to a device includes verifying user identity and device identity. In particular, the method includes verifying user identity by requesting and receiving a user identification input at a first client device and verifying device identity of a second client device by (i) determining a security status of the second client device from hardware of the second client device, (ii) invoking an identifier related to the security status of the second client device to an authentication server, and (iii) obtaining certification from the authentication server for the second client device based on the invoked identifier. After verifying the user identity and the device identity, the method includes establishing a secure channel between the first client device and the second client device for the secure credential transfer using one or more tokens generated by the authentication server.
    Type: Application
    Filed: December 13, 2022
    Publication date: April 6, 2023
    Inventors: Vadim Sukhomlinov, Alberto Martin, Andrey Pronin
  • Patent number: 11568022
    Abstract: Detailed are embodiments related to bit matrix multiplication in a processor. For example, in some embodiments a processor comprising: decode circuitry to decode an instruction have fields for an opcode, an identifier of a first source bit matrix, an identifier of a second source bit matrix, an identifier of a destination bit matrix, and an immediate; and execution circuitry to execute the decoded instruction to perform a multiplication of a matrix of S-bit elements of the identified first source bit matrix with S-bit elements of the identified second source bit matrix, wherein the multiplication and accumulation operations are selected by the operation selector and store a result of the matrix multiplication into the identified destination bit matrix, wherein S indicates a plural bit size is described.
    Type: Grant
    Filed: January 22, 2021
    Date of Patent: January 31, 2023
    Assignee: Intel Corporation
    Inventors: Dmitry Y. Babokin, Kshitij A. Doshi, Vadim Sukhomlinov
  • Patent number: 11562063
    Abstract: Disclosed embodiments relate to encoded inline capabilities. In one example, a system includes a trusted execution environment (TEE) to partition an address space within a memory into a plurality of compartments each associated with code to execute a function, the TEE further to assign a message object in a heap to each compartment, receive a request from a first compartment to send a message block to a specified destination compartment, respond to the request by authenticating the request, generating a corresponding encoded capability, conveying the encoded capability to the destination compartment, and scheduling the destination compartment to respond to the request, and subsequently, respond to a check capability request from the destination compartment by checking the encoded capability and, when the check passes, providing a memory address to access the message block, and, otherwise, generating a fault, wherein each compartment is isolated from other compartments.
    Type: Grant
    Filed: December 7, 2020
    Date of Patent: January 24, 2023
    Assignee: Intel Corporation
    Inventors: Michael Lemay, David M. Durham, Michael E. Kounavis, Barry E. Huntley, Vedvyas Shanbhogue, Jason W. Brandt, Josh Triplett, Gilbert Neiger, Karanvir Grewal, Baiju Patel, Ye Zhuang, Jr-Shian Tsai, Vadim Sukhomlinov, Ravi Sahita, Mingwei Zhang, James C. Farwell, Amitabh Das, Krishna Bhuyan
  • Patent number: 11552798
    Abstract: A method for authenticating a secure credential transfer to a device includes verifying user identity and device identity. In particular, the method includes verifying user identity by requesting and receiving a user identification input at a first client device and verifying device identity of a second client device by (i) determining a security status of the second client device from hardware of the second client device, (ii) invoking an identifier related to the security status of the second client device to an authentication server, and (iii) obtaining certification from the authentication server for the second client device based on the invoked identifier. After verifying the user identity and the device identity, the method includes establishing a secure channel between the first client device and the second client device for the secure credential transfer using one or more tokens generated by the authentication server.
    Type: Grant
    Filed: July 30, 2019
    Date of Patent: January 10, 2023
    Assignee: Waymo LLC
    Inventors: Vadim Sukhomlinov, Alberto Martin, Andrey Pronin
  • Publication number: 20220350679
    Abstract: A computing apparatus, including: a hardware computing platform; and logic to operate on the hardware computing platform, configured to: receive a microservice instance registration for a microservice accelerator, wherein the registration includes a microservice that the microservice accelerator is configured to provide, and a microservice connection capability indicating an ability of the microservice instance to communicate directly with other instances of the same or a different microservice; and log the registration in a microservice registration database.
    Type: Application
    Filed: July 18, 2022
    Publication date: November 3, 2022
    Applicant: Intel Corporation
    Inventors: Vadim Sukhomlinov, Kshitij A. Doshi
  • Patent number: 11483245
    Abstract: Technologies for filtering network traffic on ingress include a network interface controller (NIC) configured to parse a header of a network packet received by the NIC to extract data from a plurality of header fields of the header. The NIC is additionally configured to determine an input set based on the field vector, retrieve a matching list from a plurality of matching lists, and compare the input set to each of the plurality of rules to identify a matching rule of the plurality of rules that matches a corresponding portion of the input set. The NIC is further configured to perform an action on the network packet based on an actionable instruction associated with the one of the plurality of rules that matches the corresponding portion of the input set. Other embodiments are described herein.
    Type: Grant
    Filed: September 13, 2018
    Date of Patent: October 25, 2022
    Assignee: Intel Corporation
    Inventors: Andrey Chilikin, Ronen Aharon Hyatt, Vadim Sukhomlinov
  • Patent number: 11467888
    Abstract: A computing apparatus, including: a hardware computing platform; and logic to operate on the hardware computing platform, configured to: receive a microservice instance registration for a microservice accelerator, wherein the registration includes a microservice that the microservice accelerator is configured to provide, and a microservice connection capability indicating an ability of the microservice instance to communicate directly with other instances of the same or a different microservice; and log the registration in a microservice registration database.
    Type: Grant
    Filed: December 4, 2020
    Date of Patent: October 11, 2022
    Assignee: Intel Corporation
    Inventors: Vadim Sukhomlinov, Kshitij A. Doshi
  • Publication number: 20220294885
    Abstract: Technologies for network packet processing between cloud and telecommunications networks includes a network computing device which includes two application layer packet translators (ALPTs). The first ALPT is configured to receive a network packet from a computing device in a telecommunications network, identify a virtual network function (VNF) instance, and perform an application layer encapsulation of at least a portion of data of the received network packet as a parameter of a remote procedure call (RPC) associated with the identified VNF instance. The first ALPT is additionally configured to invoke the identified VNF instance using an API call corresponding to the RPC that includes the RPC parameter and the VNF instance is configured to transmit an RPC call response to the second ALPT. The second ALPT is configured to generate a new network packet as a function of the RPC call response and transmit the new network packet to another computing device in a cloud network.
    Type: Application
    Filed: June 1, 2022
    Publication date: September 15, 2022
    Inventors: Vadim Sukhomlinov, Kshitij Doshi, Areg MELIK-ADAMYAN
  • Patent number: 11388272
    Abstract: Technologies for network packet processing between cloud and telecommunications networks includes a network computing device which includes two application layer packet translators (ALPTs). The first ALPT is configured to receive a network packet from a computing device in a telecommunications network, identify a virtual network function (VNF) instance, and perform an application layer encapsulation of at least a portion of data of the received network packet as a parameter of a remote procedure call (RPC) associated with the identified VNF instance. The first ALPT is additionally configured to invoke the identified VNF instance using an API call corresponding to the RPC that includes the RPC parameter and the VNF instance is configured to transmit an RPC call response to the second ALPT. The second ALPT is configured to generate a new network packet as a function of the RPC call response and transmit the new network packet to another computing device in a cloud network.
    Type: Grant
    Filed: March 30, 2018
    Date of Patent: July 12, 2022
    Assignee: Intel Corporation
    Inventors: Vadim Sukhomlinov, Kshitij Doshi, Areg Melik-Adamyan
  • Patent number: 11354240
    Abstract: The present disclosure is directed to systems and methods that include cache operation storage circuitry that selectively enables/disables the Cache Line Flush (CLFLUSH) operation. The cache operation storage circuitry may also selectively replace the CLFLUSH operation with one or more replacement operations that provide similar functionality but beneficially and advantageously prevent an attacker from placing processor cache circuitry in a known state during a timing-based, side channel attack such as Spectre or Meltdown. The cache operation storage circuitry includes model specific registers (MSRs) that contain information used to determine whether to enable/disable CLFLUSH functionality. The cache operation storage circuitry may include model specific registers (MSRs) that contain information used to select appropriate replacement operations such as Cache Line Demote (CLDEMOTE) and/or Cache Line Write Back (CLWB) to selectively replace CLFLUSH operations.
    Type: Grant
    Filed: June 22, 2020
    Date of Patent: June 7, 2022
    Assignee: Intel Corporation
    Inventors: Vadim Sukhomlinov, Kshitij Doshi