According to an embodiment provided herein, there is provided a system that binds a trusted output session to a trusted input session. The system includes a processor to execute an enclave application in an architecturally protected memory. The system includes at least one logic unit forming a trusted entity to, responsive to a request to set up a trusted I/O session, generate a unique session identifier logically associated with the trusted I/O session and set a trusted I/O session indicator to a first state. The system includes at least one logic unit forming a cryptographic module to, responsive to the request to set up the trusted I/O session, receive an encrypted encryption key and the unique session identifier from the enclave application; verify the unique session identifier; and responsive a successful verification, decrypt and save the decrypted encryption key in an encryption key register.

According to an embodiment provided herein, there is provided a system that binds a trusted output session to a trusted input session. The system includes a processor to execute an enclave application in an architecturally protected memory. The system includes at least one logic unit forming a trusted entity to, responsive to a request to set up a trusted I/O session, generate a unique session identifier logically associated with the trusted I/O session and set a trusted I/O session indicator to a first state. The system includes at least one logic unit forming a cryptographic module to, responsive to the request to set up the trusted I/O session, receive an encrypted encryption key and the unique session identifier from the enclave application; verify the unique session identifier; and responsive a successful verification, decrypt and save the decrypted encryption key in an encryption key register.

A technique for providing access to a first storage structure of a system includes exposing a first key of a plurality of first keys stored in a second storage structure in response to a select code based on a plurality of corresponding select records stored in one-time programmable storage elements of the second memory structure. The technique includes providing the first key as a current first key of a memory access controller. Only one of the plurality of first keys stored in the second storage structure may be exposed at a time and other first keys of the plurality of first keys stored in the second storage structure are inaccessible from the second storage structure at the time.

A technique for providing access to a first storage structure of a system includes exposing a first key of a plurality of first keys stored in a second storage structure in response to a select code based on a plurality of corresponding select records stored in one-time programmable storage elements of the second memory structure. The technique includes providing the first key as a current first key of a memory access controller. Only one of the plurality of first keys stored in the second storage structure may be exposed at a time and other first keys of the plurality of first keys stored in the second storage structure are inaccessible from the second storage structure at the time.

The present disclosure relates to systems, methods, and computer-readable media for establishing and managing a trusted connection between a peripheral device and a client device. For example, systems discussed herein include determining whether a peripheral device poses a security risk based on a combination of peripheral device data and a client profile including environmental data and historical usage data for the client device. Systems described herein may further grant a level of trust based on the determine security risk. The systems disclosed herein facilitate implementation of intelligent policies that are user friendly without exposing the client device to a variety of security threats.

The present disclosure relates to systems, methods, and computer-readable media for establishing and managing a trusted connection between a peripheral device and a client device. For example, systems discussed herein include determining whether a peripheral device poses a security risk based on a combination of peripheral device data and a client profile including environmental data and historical usage data for the client device. Systems described herein may further grant a level of trust based on the determine security risk. The systems disclosed herein facilitate implementation of intelligent policies that are user friendly without exposing the client device to a variety of security threats.

The disclosure describes a method of protecting a measurement system from unauthorized changes. The method comprises automatically reading out a plurality of information items from the measurement system, wherein the measurement system comprises a plurality of measurement system components and at least one local storage device, wherein the plurality of information items include at least one of identity of the measurement system components or at least one characteristic of the measurement system components; automatically combining the read out information items of each of the plurality of the measurement system components into a data collection and generating a summary data which represents the data collection; creating a signature based on the summary data; and storing the summary data and the signature in the at least one local storage device of the measurement system. This method provides more efficient and secure protection of measurement system and its components from an unauthorized change.

The disclosure describes a method of protecting a measurement system from unauthorized changes. The method comprises automatically reading out a plurality of information items from the measurement system, wherein the measurement system comprises a plurality of measurement system components and at least one local storage device, wherein the plurality of information items include at least one of identity of the measurement system components or at least one characteristic of the measurement system components; automatically combining the read out information items of each of the plurality of the measurement system components into a data collection and generating a summary data which represents the data collection; creating a signature based on the summary data; and storing the summary data and the signature in the at least one local storage device of the measurement system. This method provides more efficient and secure protection of measurement system and its components from an unauthorized change.

An input system is provided which is capable of mitigating certain inconveniences that may arise due to data processing performed by a host processor. The input system includes a first signal path, a second signal path, and a switch section. The first signal path is used for transmitting a signal from a sensor controller to a display controller through the host processor. The second signal path is used for transmitting a signal from the sensor controller to the display controller without passing the signal through the host processor. The switch section is configured to be able to switch between the first signal path and the second signal path.

According to one embodiment, an electronic device includes one or more connectors configured to connect external devices, and circuitry. The circuitry is configured to detect that the external devices are connected to the one or more connectors, and to authenticate access of a user based on an order in which the external devices are connected to the one or more connectors.