| 发明名称 | Network access control for many-core systems | ||
| 摘要 | In a processor based system comprising a plurality of logical machines, selecting a logical machine of the system to serve as a host; the host communicating with a policy decision point (PDP) of a network to provision a data channel interconnecting the processor based system and the network and to provision a logical data channel interconnecting each logical machine of the system to the network. | ||
| 申请公布号 | US8930580(B2) | 申请公布日期 | 2015.01.06 |
| 申请号 | US201213472422 | 申请日期 | 2012.05.15 |
| 申请人 | Intel Corporation | 发明人 | Smith Ned;Walker Jesse;Sood Kapil |
| 分类号 | G06F15/16;H04L29/06;G06F9/455 | 主分类号 | G06F15/16 |
| 代理机构 | Blakely, Sokoloff, Taylor & Zafman LLP | 代理人 | Blakely, Sokoloff, Taylor & Zafman LLP |
| 主权项 | 1. In a computer hardware platform, a method comprising: selecting, from among a plurality of logical machines executing with the computer hardware platform, a logical machine to serve as a host; dynamically selecting a logical machine of the computer hardware platform to serve as a trusted platform module (TPM); the host receiving messages from the other logical machines of the plurality of logical machines; in response to receiving the messages, the host generating a cryptographic key based on a hash of a combination of messages received by the host, the combination including the messages received by the host from the other logical machines of the plurality of logical machines; storing the cryptographic key to the TPM, wherein the cryptographic key is available to all of the plurality of logical machines; and the host communicating with a policy decision point (PDP) of a network, the PDP distinct from and coupled to the computer hardware platform to provision to the computer hardware platform a data channel interconnecting the computer hardware platform and the network, including: the host authenticating itself to the PDP; andthe host negotiating the cryptographic key with the PDP to provision the data channel; wherein the host operates as a relaying intermediary for the plurality of logical machines, including the host forwarding messages between the PDP and the other logical machines, and wherein the data channel includes a different respective logical data channel for each of the plurality of logical machines, each logical channel interconnecting the respective logical machine of the logical channel to the network. | ||
| 地址 | Santa Clara CA US | ||