An example method for restricting read access to content in the component circuitry and securing data in the supply item is disclosed. The method identifies the status of a read command, and depending upon whether the status disabled or enabled, either blocks the accessing of encrypted data stored in the supply chip, or allows the accessing of the encrypted data stored in the supply chip.

Embodiments are directed to trusted local memory management in a virtualized GPU. An embodiment of an apparatus includes one or more processors including a trusted execution environment (TEE); a GPU including a trusted agent; and a memory, the memory including GPU local memory, the trusted agent to ensure proper allocation/deallocation of the local memory and verify translations between graphics physical addresses (PAs) and PAs for the apparatus, wherein the local memory is partitioned into protection regions including a protected region and an unprotected region, and wherein the protected region to store a memory permission table maintained by the trusted agent, the memory permission table to include any virtual function assigned to a trusted domain, a per process graphics translation table to translate between graphics virtual address (VA) to graphics guest PA (GPA), and a local memory translation table to translate between graphics GPAs and PAs for the local memory.

A method of error management includes, in response to a read request for first data from a first storage device of a plurality of storage devices under one or more common data protection schemes, receiving a read uncorrectable indication regarding the first data, obtaining uncorrected data and metadata of an LBA associated with the first data, and obtaining the same LBA from one or more other storage devices of the plurality. The method further includes comparing the uncorrected data with the data and metadata from the other storage devices, speculatively modifying the uncorrected data based, at least in part, on the other data to create a set of reconstructed first data codewords, and, in response to a determination that one of the reconstructed first data codewords has recovered the first data, issuing a write_raw command to rewrite the modified data and associated metadata to the first storage device.

Embodiments relate to a system, program product, and method for protecting cache access in a multi-tenant environment, and, more specifically, for allowing access to specified data, encrypted or unencrypted, in a shared cache to authorized tenants, while denying access to the data for unauthorized tenants. The system includes a server including one or more shared cache and a plurality of tenant devices coupled to the server. The server is configured to run one or more applications thereon, where each tenant has access to one or more authorized instances of the applications. The system also includes a cache proxy coupled to the tenant devices and the shared cache. The cache proxy facilitates enforcing one or more schemes to provide for separation of data for authorized tenants and their users using the shared cache from unauthorized tenants and users.

The present invention relates to a structure and a method for digital data memory card encryption. In a main body, a memory is provided in a memory card, and the memory itself is provided with a read controller that cooperates with a reader and a protection area, and is further divided into a hard disk partition table area and a file area. A portable storage identification (PSID) is written into any of the above-mentioned areas by using an application programming interface (API). Moreover, before the writing of the portable storage identification (PSID) by the application programming interface (API), a key instruction produced by means of an encryption and decryption logic is provided to the read controller by the application programming interface (API). The read controller first decrypts the key instruction, and transmits the result to the application programming interface (API) to further improve the security.

Aspects described herein may relate to systems and methods for automatically adjusting user device settings when a user attends an event or otherwise brings a user device into a context in which an automatic adjustment of settings is appropriate. By providing for automatic adjusting of user device settings, the systems and methods may achieve greater compliance with rules and other policies of airlines, performance venues, schools, and/or other entities associated with events and/or contexts in which user device settings should be adjusted. Aspects described herein may allow for automatic adjustment of user device settings without compromising a user's privacy, security, or control of a user device.

Described are implementations directed to protecting secret data against adversarial attacks by obfuscating the secret data during storage and communication. Obfuscation techniques include, among other things, splitting secret data into a plurality of portions, performing rotation of secret data, splitting secret data into a plurality of shares, modifying shares of secret data in view of the values of the shares, and various other protection mechanisms.

A secure processor and a semiconductor system including the same is provided. Provided is a system on chip comprising a secure processor, wherein the secure processor includes: a random access memory (RAM) including a RAM cache area storing a page and a timestamp table storing a timestamp, an encryption/decryption engine configured to encrypt the page by using the timestamp, and a direct memory access (DMA) module configured to transmit the encrypted page to a swap area of a first memory disposed outside the system on chip, wherein the first memory includes a tag table area storing a tag generated by the encryption/decryption engine encrypting the page and a timestamp backup area backing up the timestamp, and the swap area, the tag table area, and the time stamp backup area are backed up in a second memory disposed outside the system on chip.

The invention relates to a method for enrolling data in order to verify the authenticity of a security datum, the method comprising implementing by data processing means of a server the steps of: obtaining a reference security datum, generating a first encoded datum by applying to the reference security datum an obfuscated fuzzy Hamming distance encoding procedure, determining from the reference security datum, a plurality of derived data of the reference security datum, generating a first random datum, and determining a second encoded datum such that a variable point comparison predicate parameterized by the second encoded datum and the first random datum is true when said variable point has as coordinates said derived data, storing on a data storage means of the server at least said first and second encoded data. The invention also relates to a verification method and a server for this purpose.

Some embodiments of the invention provide a program for recovering access to a service associated with an account. The program provides a login credential to log into the account to receive the associated service. Next, the program receives an access continuation parameter (ACP) after logging into the account. The program then accesses the service and receives a rejection of a subsequent access to the service. The program then provides the ACP in lieu of the login credential to continue to receive the service.