Aspects of the disclosure relate generally to effortlessly switching between user accounts. For example, a user may access an application on their computing device. Within the application the user may have multiple user accounts. The application may display a plurality of indicators that signify each user account associated with that application. In this regard, the user may perform a swiping or tapping motion to select a particular user account to switch to. A transitional stage may take place that changes a first background and details associated with a first user account to a second background and details associated with a second user account. When the transition is complete, the user is able to access and perform functions associated with the second user account. The user may switch to another user account using a similar swiping or tapping motion.

According to some example embodiments, a method for providing security to a storage device includes receiving, by the storage device, a public key via a network; sending, by the storage device, the received public key and a proposed configuration corresponding to the storage device to a security manager that resides in a control plane of the network; determining, by the security manager, whether the public key received from the storage device matches a private key available to the security manager; downloading, by the security manager, the proposed configuration to the storage device; determining, by the security manager, if the proposed configuration is successfully downloaded to the storage device; operating the storage device according to the downloaded configuration; and granting, by the security manager, a request to lease the storage device operating in the downloaded configuration for a time interval.

A computer platform is disclosed. The computer platform comprises a central processing unit (CPU) including at least one socket having a plurality of tiles and control circuitry to partition the socket into a plurality of sub-sockets and assign a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources.

Disclosed herein are systems and method for performing secure computing while maintaining data confidentiality. In one exemplary aspect, a method receives, via an application, both data and a request to perform a secure operation on the data, wherein the secure operation is to be performed using a secure compute engine on a cloud platform such that the data is not viewable to a provider of the cloud platform. The method applies transformations to the data so that the data is not viewable to the provider. The method transmits the transformed data to the secure compute engine on the cloud platform to perform the secure operation on the transformed data, receives a result of the secure operation from the secure compute engine, and transmits the result to the application.

Disclosed herein are systems and method for performing secure computing while maintaining data confidentiality. In one exemplary aspect, a method receives, via an application, both data and a request to perform a secure operation on the data, wherein the secure operation is to be performed using a secure compute engine on a cloud platform such that the data is not viewable to a provider of the cloud platform. The method applies transformations to the data so that the data is not viewable to the provider. The method transmits the transformed data to the secure compute engine on the cloud platform to perform the secure operation on the transformed data, receives a result of the secure operation from the secure compute engine, and transmits the result to the application.

The terminal apparatus comprises a machine learning part that can execute a process of computing a first model update parameter of a first neural network using training data and a process of computing a second model update parameter of a second neural network using training data for a simulated attack; an encryption processing part that encrypts the first, the second model update parameter using a predetermined homomorphic encryption; a data transmission part that transmits the encrypted first, second model update parameters to a predetermined computation apparatus; and an update part that receives from the computation apparatus model update parameters of the first, the second neural networks computed using the first, the second model update parameters received from another terminal apparatus and updates the first, the second neural networks.

A method, apparatus, and computer program product are provided for using confidential computing to execute code on sensitive data in an encrypted area of an apparatus limiting access to data and code to only their respective owners. Methods may include: generating an outer enclave and at least one inner enclave within the outer enclave; providing an outer enclave key and an inner enclave key to a service provider; providing an inner enclave key to a data provider; receiving, from the data provider, a data retrieval location; processing data from the respective retrieval location at the data provider inner enclave using data provider code to generate data provider processed data; providing the data provider processed data to the service provider inner enclave; and processing the data provider processed data with service provider code to generate resultant data; decrypting the resultant data in the outer enclave.

A method, apparatus, and computer program product are provided for using confidential computing to execute code on sensitive data in an encrypted area of an apparatus limiting access to data and code to only their respective owners. Methods may include: generating an outer enclave and at least one inner enclave within the outer enclave; providing an outer enclave key and an inner enclave key to a service provider; providing an inner enclave key to a data provider; receiving, from the data provider, a data retrieval location; processing data from the respective retrieval location at the data provider inner enclave using data provider code to generate data provider processed data; providing the data provider processed data to the service provider inner enclave; and processing the data provider processed data with service provider code to generate resultant data; decrypting the resultant data in the outer enclave.

There is disclosed a circuit for monitoring the security of a processor, wherein the circuit is configured to access a memory configured to store execution context data of a software program executed by the processor; to determine one or more signatures from said execution context data; and to compare said signatures with predefined signatures to monitor the security of the processor (110). Developments describe that context data can comprise control flow data, that a signature can comprise a hash value or a similarity signature, or that the integrity of signatures can be verified for example by using a secret key (e.g. obtained by random, or by using a physically unclonable function). Further developments describe various controls or retroactions on the processor, as well as various countermeasures if cyber attacks are determined.

There is disclosed a circuit for monitoring the security of a processor, wherein the circuit is configured to access a memory configured to store execution context data of a software program executed by the processor; to determine one or more signatures from said execution context data; and to compare said signatures with predefined signatures to monitor the security of the processor (110). Developments describe that context data can comprise control flow data, that a signature can comprise a hash value or a similarity signature, or that the integrity of signatures can be verified for example by using a secret key (e.g. obtained by random, or by using a physically unclonable function). Further developments describe various controls or retroactions on the processor, as well as various countermeasures if cyber attacks are determined.