Matthew Joseph Wood
Physician in Beaverton, OR

7395246, Jul 1, 2008

Nov 28, 2001

09/998549

Ernie F. Brickell - Portland OR, US
Wesley Deklotz - Portland OR, US
Jeff U. Glover - Portland OR, US
Michael R. Premi - Portland OR, US
Matthew D. Wood - Hillsboro OR, US
Marion H. Shimoda - Aloha OR, US

Intel Corporation - Santa Clara CA

G06Q 99/00

705 76, 705 44, 705 18

The system includes receiving, from a delegator, a designation of a role and a delegate to assume the role, receiving, from a credential service provider, an indication that the designation is valid, issuing a delegation credential in response to receiving the indication, and issuing a confirmation to the delegator, which indicates that the delegation credential was issued.

7073195, Jul 4, 2006

Jan 28, 2002

10/055923

Ernie F. Brickell - Portland OR, US
Wesley Deklotz - Portland OR, US
Jeff U. Glover - Portland OR, US
Michael R. Premi - Portland OR, US
Matthew D. Wood - Hillsboro OR, US
Marion H. Shimoda - Aloha OR, US

Intel Corporation - Santa Clara CA

H04L 9/00, G06F 7/04, G06Q 99/00

726 5, 713156, 713175, 705 76

An arrangement is provided for controlled access to identification and status information or delegated credentials. A delegation, formed between a delegator and a delegate, is registered with a delegate credential service provider. The delegate requests a service from a relying party that then requests, based on the requested service and the delegation, delegated credential from the delegate credential service provider. The delegate credential service provider sends the delegated credential to the relying party. According to the received delegated credential, the relying party generates a service response and sends the response to the delegate.

6950523, Sep 27, 2005

Sep 29, 2000

09/672496

Ernie Brickell - Portland OR, US
Matthew D. Wood - Hillsboro OR, US

Intel Corporation - Santa Clara CA

H04L009/00

380286, 380281, 380277, 713194, 707 9

To protect a private cryptographic key, two values are derived. The two values together can reconstruct the key. One value is sent to a server and deleted from the local machine. The other value is held by the local machine. To use the key, the user will enter a password, which will be used to authenticate the user to the server, and retrieve the value from the server. The password is also used to unlock the value held by the local machine. The private cryptographic key is thus protected against brute force password attacks without changing the behavior of the user.

2006021, Sep 28, 2006

Mar 22, 2005

11/088548

Ernie Brickell - Portland OR, US
Matthew Wood - Hillsboro OR, US

H04L 9/32

726027000

Providing conditional access to a unique device identifier (ID) stored in a device in a processing system may be accomplished by determining if a platform state (such as firmware and/or data) is present in a non-volatile storage of the processing system; when the platform state is not present, loading the device ID into a volatile storage of the processing system, receiving a request from an external entity to obtain the device ID, sending the device ID to the external entity, and rejecting all subsequent requests to obtain the device ID; and when the platform state is present, rejecting all requests to obtain the device ID.

2006007, Apr 6, 2006

Mar 30, 2001

09/822548

Matthew Wood - Hillsboro OR, US
Gary Graunke - Hillsboro OR, US

H04L 9/00

380044000

A system, apparatus, and method are provided for enhancing entropy in a pseudo-random number generator (PRNG) using remote sources. According to one embodiment of the present invention, first, the PRNG's internal state is initialized. Local seeding information is then obtained from a local host. For added security, additional seeding information is obtained from one or more remote entropy servers operating independently to each maintain a constantly updated state pool. Finally, the PRNG is stirred based upon the local seeding information, and the additional seeding information.

7664269, Feb 16, 2010

Dec 15, 2004

11/013572

Matthew D. Wood - Hillsboro OR, US
Gary L. Graunke - Hillsboro OR, US

Intel Corporation - Santa Clara CA

H04L 9/08, H04L 9/30, H04K 1/00

380284, 380285, 380 28, 380 44

A system, apparatus, and method are provided for enhancing entropy in a pseudo-random number generator (PRNG) using remote sources. According to one embodiment of the present invention, first, the PRNG's internal state is initialized. Local seeding information is then obtained from a local host. For added security, additional seeding information is obtained from one or more remote entropy servers operating independently to each maintain a constantly updated state pool. Finally, the PRNG is stirred based upon the local seeding information, and the additional seeding information.

2011030, Dec 15, 2011

Aug 24, 2011

13/217151

Matthew D. Wood - Hillsboro OR, US
Ernie Brickell - Portland OR, US

H04L 9/32

713178

A manufacturing entity provides a blinded signature to a secure device and associates a time with the blinded signature. If a signing key is compromised, the manufacturing entity provides a time of the compromise and the time associated with the blinded signature to the replacement authority.

2012016, Jun 28, 2012

Dec 24, 2010

12/978457

Matthew D. Wood - Hillsboro OR, US
Ylian Saint-Hilaire - Hillsboro OR, US

H04L 9/00

713155, 713189

Methods and apparatus to provide secure application attestation using dynamic measurement kernels are described. In some embodiments, secure application attestation is provided by using dynamic measurement kernels. In various embodiments, P-MAPS (Processor-Measured Application Protection Service), Secure Enclaves (SE), and/or combinations thereof may be used to provide dynamic measurement kernels to support secure application attestation. Other embodiments are also described.