US 11,669,368 B2
Multi-tenant data protection in edge computing environments
Kshitij Arun Doshi, Tempe, AZ (US); Ned M. Smith, Beaverton, OR (US); Francesc Guim Bernat, Barcelona (ES); and Timothy Verrall, Pleasant Hill, CA (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Dec. 20, 2019, as Appl. No. 16/723,358.
Claims priority of provisional application 62/939,303, filed on Nov. 22, 2019.
Claims priority of provisional application 62/907,597, filed on Sep. 28, 2019.
Prior Publication US 2020/0134207 A1, Apr. 30, 2020
Int. Cl. G06F 9/50 (2006.01); G06F 9/38 (2018.01); G06F 9/54 (2006.01); H04L 9/40 (2022.01); H04L 9/08 (2006.01); H04L 9/06 (2006.01); H04L 41/0893 (2022.01); H04L 41/5009 (2022.01); H04L 41/5025 (2022.01); H04L 43/08 (2022.01); H04L 67/1008 (2022.01); G06F 21/60 (2013.01); H04L 41/0896 (2022.01); H04L 41/142 (2022.01); H04L 41/5051 (2022.01); H04L 67/141 (2022.01); H04L 41/14 (2022.01); H04L 47/70 (2022.01); H04L 67/12 (2022.01); G06F 8/41 (2018.01); G06F 9/445 (2018.01); G06F 11/34 (2006.01); G06F 16/18 (2019.01); H04L 9/00 (2022.01); G06F 12/14 (2006.01); G06F 9/455 (2018.01); G06F 16/23 (2019.01); G06F 11/10 (2006.01); H04L 9/32 (2006.01); H04L 67/10 (2022.01); G16Y 40/10 (2020.01); G06F 9/48 (2006.01)
CPC G06F 9/5016 (2013.01) [G06F 8/443 (2013.01); G06F 9/44594 (2013.01); G06F 9/505 (2013.01); G06F 9/5072 (2013.01); G06F 9/5077 (2013.01); G06F 9/544 (2013.01); G06F 11/3433 (2013.01); G06F 16/1865 (2019.01); G06F 21/602 (2013.01); H04L 9/008 (2013.01); H04L 9/0637 (2013.01); H04L 9/0822 (2013.01); H04L 9/0825 (2013.01); H04L 9/0866 (2013.01); H04L 41/0893 (2013.01); H04L 41/0896 (2013.01); H04L 41/142 (2013.01); H04L 41/145 (2013.01); H04L 41/5009 (2013.01); H04L 41/5025 (2013.01); H04L 41/5051 (2013.01); H04L 43/08 (2013.01); H04L 47/822 (2013.01); H04L 63/0407 (2013.01); H04L 63/0428 (2013.01); H04L 63/1408 (2013.01); H04L 63/20 (2013.01); H04L 67/1008 (2013.01); H04L 67/12 (2013.01); H04L 67/141 (2013.01); G06F 9/3836 (2013.01); G06F 9/45533 (2013.01); G06F 9/4881 (2013.01); G06F 9/5038 (2013.01); G06F 11/1004 (2013.01); G06F 12/1408 (2013.01); G06F 16/2322 (2019.01); G06F 2209/509 (2013.01); G16Y 40/10 (2020.01); H04L 9/3297 (2013.01); H04L 67/10 (2013.01)] 26 Claims
OG exemplary drawing
 
1. A system comprising:
memory; and
processing circuitry coupled to the memory, the processing circuitry configured to:
obtain a workflow execution plan, the workflow execution plan including workload metadata, the workload metadata defining a plurality of workloads associated with a plurality of edge service instances, the plurality of edge service instances executing on one or more edge computing devices within an edge computing system;
translate the workload metadata using a translation function to obtain workload configuration information for the plurality of workloads, the workload configuration information identifying a plurality of memory access configurations and service authorizations, the plurality of memory access configurations specifying a plurality of memory address ranges associated with access to the memory, and the service authorizations specifying at least one edge service instance of the plurality of edge service instances authorized to access one or more of the plurality of memory access configurations;
partition the memory into a plurality of shared memory regions associated with the plurality of memory address ranges using the plurality of memory access configurations, the plurality of shared memory regions of the memory configured for shared access among the plurality of edge service instances based at least on a mapping between the plurality of memory address ranges and identification information of the plurality of edge service instances; and
process a memory access request for accessing at least one of the plurality of shared memory regions based on the service authorizations, the memory access request received from an edge service instance of the plurality of edge service instances.