An electronic device is provided. The electronic device includes a user interface, a location sensor configured to sense a location of the electronic device, a processor electrically connected with the user interface and the location sensor, and a memory electrically connected with the processor and configured to store a first application program and a second application program. The memory is further configured to store instructions that, when executed, enable the processor to receive first location data with a first degree of accuracy regarding the location of the electronic device from the location sensor, process at least part of the first location data to generate second location data with a second degree of accuracy lower than the first degree of accuracy regarding the location of the electronic device, provide the at least part of the first location data to execute the first application program, and provide at least part of the second location data to execute the second application program.

Technologies for privacy-safe security policy evaluation are disclosed herein. An example apparatus includes at least one memory, and at least one processor to execute instructions to at least identify one or more non-sensitive parameters of a plurality of policy parameters and one or more sensitive parameters of the plurality of the policy parameters, the plurality of the policy parameters obtained from a computing device in response to a request from a cloud analytics server for the plurality of the policy parameters, encrypt the one or more sensitive parameters to generate encrypted parameter data in response to the identification of the one or more sensitive parameters, and transmit the encrypted parameter data to the cloud analytics server, the cloud analytics server to curry a security policy function based on one or more of the plurality of the policy parameters.

A method can be used to analyze a log of a device or a plurality of devices of a first entity. The method includes generating an encrypted log by encrypting the log at the first entity, generating an encrypted query by encrypting a query at the first entity, transferring the encrypted log and the encrypted query from the first entity to a second entity, analyzing the encrypted log on the second entity by using the encrypted query, generating an encrypted analysis result at the second entity, transferring the encrypted analysis result from the second entity to the first entity, decrypting the encrypted analysis result on the first entity, and verifying the decrypted analysis result at the first entity.

Technologies for privacy-safe security policy evaluation are disclosed herein. An example apparatus includes at least one processor, and memory including instructions that, when executed, cause the at least one processor to curry a security policy function to generate a privacy-safe curried function set, the security policy function to generate a security policy as a function of a plurality of policy parameters, the privacy-safe curried function set including a non-sensitive function that receives a non-sensitive parameter of the plurality of policy parameters as an argument, the privacy-safe curried function set further including a sensitive function that receives a sensitive parameter of the plurality of policy parameters as an argument; access unencrypted parameter data corresponding to the non-sensitive parameter of the plurality of policy parameters; evaluate the non-sensitive function of the privacy-safe curried function set to generate the sensitive function; and provide the sensitive function to a client computing device.

Access and management of a user's content may be facilitated by, in response to receiving a request for content related to a specified entity from the repository associated with at least the user's account, identifying, in a content of a file in the repository, an entity container of at least one entity container associated with the specified entity; and communicating the entity container that is associated with the specific entity to a source of the request.

A method of automatically augmenting content through augmentation services can include invoking a service to receive an entity determination based on the content and an entity container comprising an object of the content and one or more attributes of the object. The entity determination and corresponding entity container can be assigned as a marker to content being clipped. The marker can be used to enable access and actions that can be taken with respect to the clipping or the structured information augmenting the clipping.

A method and device for realizing a verification code are provided. In some embodiments, a character verification code is obtained and displayed when it is determined to perform identity verification. The character verification code has an incorrect character based on a priori knowledge. The user is prompted to input a correct character corresponding to the incorrect character in the character verification code. Verification information is received. It is determined that the verification is successful when the verification information corresponds to the correct character of the prior knowledge; otherwise, the verification failed.

Secure and efficient memory sharing for guests is disclosed. For example, a host has a host memory storing first and second guests whose memory access is managed by a hypervisor. A request to map an IOVA of the first guest to the second guest is received, where the IOVA is mapped to a GPA of the first guest, which is is mapped to an HPA of the host memory. The HPA is mapped to a second GPA of the second guest, where the hypervisor controls access permissions of the HPA. The second GPA is mapped in a second page table of the second guest to a GVA of the second guest, where a supervisor of the second guest controls access permissions of the second GPA. The hypervisor enables a program executing on the second guest to access contents of the HPA based on the access permissions of the HPA.

Technologies are provided for secure sanitization of a storage device. A storage device can be configured to support an operational mode, into which the storage device is placed by default, and in which requests to cryptographically erase the storage device are rejected. The storage device can support a separate sanitization mode in which a request to cryptographically erase the storage device will be processed. Access to the sanitization mode can be restricted to trusted sources (such as a boot firmware of a computer connected to the storage device). The storage device can be configured to reject a command to place the storage device in the sanitization mode, unless the command is received during an initialization of the storage device. In at least some embodiments, the storage device can reject data access commands while it is in the sanitization mode.

Secure and efficient memory sharing for guests is disclosed. For example, a host has a host memory storing first and second guests whose memory access is managed by a hypervisor. A request to map an IOVA of the first guest to the second guest is received, where the IOVA is mapped to a GPA of the first guest, which is is mapped to an HPA of the host memory. The HPA is mapped to a second GPA of the second guest, where the hypervisor controls access permissions of the HPA. The second GPA is mapped in a second page table of the second guest to a GVA of the second guest, where a supervisor of the second guest controls access permissions of the second GPA. The hypervisor enables a program executing on the second guest to access contents of the HPA based on the access permissions of the HPA.