A microprocessor comprising a cryptographic engine and a controller. The controller is connected to the cryptographic engine and configured to receive a plurality of access requests from a plurality of execution environments, respectively and respond to one of the plurality of access requests and instruct the cryptographic engine to execute a cryptographic algorithm.

The techniques utilize an authentication process to authenticate the user to view protected data and an image monitoring process to monitor the field of view of the image detection component. When a user requests access to the protected data, the authentication process is activated. After a user is authenticated, the data may be displayed and an image monitoring process is activated and may use the image detection component to monitor the field of view to determine whether the user is actively viewing the data or that an additional person is in the field of view. When either event is detected, the protected data is concealed at the display of the user device.

Techniques are described herein that enable advanced gaming and virtual reality control using radar. These techniques enable small motions and displacements to be tracked, even in the millimeter or submillimeter scale, for user control actions even when those actions are optically occluded or obscured.

A computer program component configured to collect configuration item data from information technology resources of an air-gapped network for an information technology configuration management database is provided. Configuration item data collected from the information technology resources of the air-gapped network is obtained using the provided computer program component, wherein the obtained configuration item data is physically transferred between a device within the air-gapped network and a device outside the air-gapped network at least in part via a portable physical storage medium, and the collected configuration item data has been reviewed and filtered within the air-gapped network prior to being physically transferred via the portable physical storage medium. The obtained configuration item data is imported to the information technology configuration management database outside the air-gapped network. Information technology management services are provided for the air-gapped network using the imported configuration item data stored outside the air-gapped network.

A mobile device includes non-private memory that can store software programs and a private memory that can store copies of the software programs as well as exclusively store trusted programs that are not stored in the non-private memory. The mobile device includes a processor configured to execute the software programs of the non-private memory when the mobile device is in a non-private mode, execute a trusted program only when the mobile device is in a private mode, and enable switching between the non-private mode and the private mode in response to a reboot of the mobile device.

An electronic device includes at least one memory, a camera, and at least one processor, wherein the at least one processor is configured to: obtain raw image for an external object from the camera in a secure environment and store the obtained raw image in the at least one memory, to obtain first image from the raw image through first image processing and second image processing on the stored raw image in the secure environment, based on obtaining of a verification request from a normal environment: to obtain, in the secure environment, second image obtained from the raw image through the second image processing for the stored raw image in the normal environment, to obtain third image from the second image through the first image processing for the obtained second image in the secure environment, and to identify integrity of the second image based on the obtained first image and the obtained third image.

In some examples, an apparatus can include a memory resource and hardware logic to analyze a plurality of configuration settings associated with a non-volatile storage bit array controlling access to a hardware logic device. In response to detecting an inconsistency in the configuration settings during analysis, the hardware logic device can be placed in a most secure mode to resist a security threat.

Disclosed herein are systems, methods, and non-transitory computer-readable storage media for remotely initiating lost mode on a computing device. A request that lost mode be initiated can include a message and contact information provided by the requesting user. Once authenticated, a command to initiate lost mode is sent to the lost device. Initiating lost mode includes locking the lost device and suppressing select functionality. The message and contact information are displayed and the lost device is enabled to contact the requesting user using the contact information. The lost device can also collect and transmit location data to the requesting user. The location data can be presented on a map indicating the lost devices location and the time the lost device was at the location. The location data can be scheduled to be resent to the user based on numerous factors such as a set schedule, rules or heuristic.

Methods and systems are provided for supporting efficient and secure “Machine-to-Machine” (M2M) communications using a module, a server, and an application. A module can communicate with the server by accessing the Internet, and the module can include a sensor and/or an actuator. The module, server, and application can utilize public key infrastructure (PKI) such as public keys and private keys. The module can internally derive pairs of private/public keys using cryptographic algorithms and a first set of parameters. A server can authenticate the submission of derived public keys and an associated module identity. The server can use a first server private key and a second set of parameters to (i) send module data to the application and (ii) receive module instructions from the application. The server can use a second server private key and the first set of parameters to communicate with the module.

A differentiated identification system facilitates dynamically differentially morphed access for one or more requesters. The system receives an access request including at least one differentiable voucher from a requester and assesses the type of the received access request by considering the access request, the differentiable voucher and one or more semblances. The system then dynamically differentially morphs an access to one or more service or data based on the assessment of the access request type, enabling the system to provide the requester with dynamically differentially morphed access to the one or more service or data.