According to one embodiment, a memory system includes a nonvolatile memory and a controller. The controller manages first account information to be used for authentication of a first account and second account information to be used for authentication of a second account. The controller receives third account information from a host device. When the third account information matches the first account information, the controller permits access to at least a partial storage area of the nonvolatile memory based on a request from the host device and transmits first data that includes the second account information to a first memory system.

A block storage service provides block-level storage to a plurality of distinct computing instances for a plurality of distinct users. For each of one or more of the plurality of distinct computing instances, information about data being stored in the block storage service is determined. Based on the information about the data being stored in the block storage service, a block storage transaction enhancement for the data being stored in the block storage service is determined. The block storage service performs the selected block storage transaction enhancement with respect to the data being stored in the block storage service.

Methods, systems, and computer-readable media for secure offline transmission of a plurality of data segments from a sending device to one or more receiving devices. The sending device and the one or more receiving devices may communicate via an offline local network. A secure, encrypted container may be created at the receiving device to temporarily cache the received data segments one at a time and the encrypted storage container prevents access by one or more applications of the receiving device to data stored therein based on storage instructions from the sending device. The encrypted container may be configured to store the data segments such that less than all of the data segments are stored at the receiving device at any one time.

This disclosure is directed to generating a set of data elements for more secure encryption or more resilient decryption associated with generating a target set of conditional data elements. The target set of conditional data elements may fulfill a condition. Public keys associated with an encrypted message may be associated with conditional data elements of the target set of conditional data elements. By performing at least one cycle of decryption associated with the public keys, an encrypted message may be decrypted.

The present disclosure provides a communication method, a related communication apparatus, and a storage medium. The communication method includes: generating a first key by using a random sequence; encrypting data by using the first key to generate encrypted data; writing the encrypted data into a memory; encrypting the random sequence and a storage address of the encrypted data in the memory by using a public key; and sending the encrypted storage address and the encrypted random sequence to a second node from a first node.

Aspects of the present disclosure relate to encrypted data processing (EDAP). A processor includes a register file configured to store ciphertext data, an instruction fetch and decode unit configured to fetch and decode instructions, and a functional unit configured to process the stored ciphertext data. The functional unit further includes a decryption module configured to decrypt ciphertext data from the register file to receive cleartext data using an encryption key stored within the functional unit. The functional unit further includes a local buffer configured to store the cleartext data. The functional unit further includes an arithmetic logical unit configured to generate cleartext computation results using the cleartext data The functional unit further includes an encryption module configured to encrypt the cleartext computation results to generate ciphertext computation results for storage back into the register file.

A storage system and method for host memory access are provided. In one embodiment, a storage system is provided comprising a memory and a controller. The controller is configured to receive a write command from the host that is recognized by the storage system as a read host memory command; in response to receiving the write command, send an identification of a location in the host memory to the host; and receive, from the host, data that is stored in the location in the host memory. Other embodiments are provided.

A data access manager is provided on a computing device to manage access to secure files stored in memory. The data access manager intercepts function calls from applications to the memory management unit and determines whether an application is allowed to access secure data stored in the memory of the computing device. When an initial request to map the data is received, the data access manager maps both secure data and clear data, obtaining pointers to both secure and clear data. When an application has permission to access the requested data, the data access manager returns the pointer to the clear data. When an application does not have permission to access the requested data, the data access manager returns the pointer to the secure data.

Systems, apparatuses, and methods to secure identity chaining between software/firmware components of trusted computing base. A memory device includes a secure memory region having access control based on cryptography. The secure memory region stores component information about a second component configured to be executed after a first component during booting. Prior to using a component identity of the second component to generate a compound identifier of the first component, health of the second component to be executed is verified based on the component information stored in the secure memory region.

An example authentication device disclosed herein is to access a message received via a wireless interface from an adapter, the message to indicate that a host device has connected to the adapter, the host device different from the authentication device. The disclosed example authentication device is also to determine whether to allow the host device to access a storage device. The disclosed example authentication device is further to transmit authentication data to the adapter via the wireless interface, the authentication data to specify whether the host device is allowed to access the storage device.