Systems and methods are provided that may be implemented by services executing on one or more remote servers and on an endpoint information handling system to remotely erase (i.e., clear or remove) biometric fingerprint credential data that is previously stored on non-volatile memory of a discrete “match-on chip” fingerprint reader (MOFR) of the endpoint information handling system, as well as to erase separate non-biometric OS user identifier (ID) fingerprint enrollment information stored on separate system non-volatile memory of the endpoint information handling system.

In one embodiment, a system includes a non-volatile memory that may serve as both the main memory system and the backing store (or persistent storage). In some embodiments, the non-volatile memory is divided into a main memory portion and a persistent portion. Data in the main memory operation may be encrypted using one or more first keys, and data in the persistent portion may be encrypted using one or more second keys, in an embodiment. The volatile behavior of main memory may be implemented by discarding the one or more first keys in a power down event or other event that indicates a loss of main memory data, while the one or more second keys may be retained. In one embodiment, the physical address space of the non-volatile memory may be a mapping from a second physical address space that is used within the system.

In general, the invention relates to providing computer implemented services using information handling systems. One or more embodiments of the invention includes receiving a request to decompose a composed information handling system, wherein the composed information handling system comprises a hardware resource, obtaining a cleaning requirement for the hardware resource, initiating, based on the cleaning requirement, a cleaning operation on the hardware resource, receive a confirmation that the cleaning operation is complete, and after receiving the confirmation, set a state of the hardware resource to allocatable.

Methods and systems for detecting a privacy violation in an image file. A policy to be used by a master imaging application is obtained and a file system is monitored for a digital image modified by a monitored imaging application. It is then determined that the digital image file includes at least some content in violation of a defined setting for the master imaging application and, based on the determination that the digital image file includes at least some content in violation of the defined setting for the master imaging application, taking an action.

An input switching circuit dynamically connects, based on an input mapping table, input streams to inputs of a wavefront pre-transform circuit. An output switching circuit dynamically connects, based on an output mapping table, output data at outputs of the wavefront pre-transform circuit to transport streams. A controller controls, based on a wiping command, at least one of the input and output switching circuits to alter at least one of the input and output mapping tables such that the at least one of the input and output switching circuits is disabled for connection. A first subset of the transport streams operates in a foreground mode available to a user and is transported for storage in remote storage sites at a network and a second subset of the transport streams operates in a background mode available to an administrator and is not transported for storage in the remote storage sites.

The confidentiality of data is maintained in the case of outsourcing analysis of an operation state of a facility. Degree-of-relevance information indicating a degree of relevance in operation between a plurality of apparatuses included in a facility is stored. At the occurrence of a failure in a first apparatus included in the plurality of apparatuses, a second apparatus having a degree of relevance in operation to the first apparatus equal to or greater than a preset first threshold is selected from the plurality of apparatuses based on the degree-of-relevance information, and the log data relating to operation states of the first apparatus in which a failure has occurred and the selected second apparatus are selectively read from a first memory storage, and the read log data is transmitted to a data user via a network.

Methods and systems are presented for providing a secured electronic transaction processing framework that enables online service providers to process electronic transactions for users while allowing the users to retain control over their user data. The secured electronic transaction processing framework includes a data access system configured to dynamically access user data, that is stored on user devices and controlled by users, on an as-needed basis. When a service provider server receives a request for processing a transaction through a user account, the service provider serer may use the data access system to dynamically obtain user data required for processing the transaction from a wallet application of a user device. The wallet application may include data access policies that specify data access settings for different service providers. After processing the transaction using the user data, the service provider server may remove the user data.

A method for securely terminating a distributed trusted execution environment spanning a plurality of work accelerators. Each accelerator is configured to self-isolate upon determining that the distributed TEE is to be terminated across the system of accelerators. The data is also wiped from the processor memory of each accelerator, such that the data cannot be read out from the processor memory once the accelerator's links are re-enabled. The self-isolation is performed on each accelerator prior to the step of terminating the TEE on that accelerator. An accelerator only re-enables its links to other accelerators once the data is wiped from its processor memory such that the secret data is removed from the accelerator memory.

A delivery vehicle includes: a main body portion equipped with a moving mechanism; and a control section provided at the main body portion, wherein the control section includes: an autonomous driving executing section that controls the moving mechanism and makes it possible for the main body portion to travel autonomously; a destination information acquiring section that acquires information relating to a delivery destination or a collection destination of a package; a data transmitting section transmitting predetermined data for authentication to a management system that manages a secure area on a delivery path; and a data acquiring section that, in a case in which the data for authentication is authenticated by the management system, acquires area information including map information of the secure area from the management system.

A method for securely terminating a distributed trusted execution environment (TEE) spanning a plurality of work accelerators. After wiping sensitive data from the memory of its accelerator, a root of trust for each accelerator is configured to receive confirmation that the data has been wiped from the processor memory in relevant other accelerators prior to moving on to the next stage at which the TEE on its associated accelerator is terminated. Since the data has been wiped from the other accelerators, even if a third party were to inject malicious code into the accelerator, they would be unable to read out the secret data from the other accelerators since the data has been wiped from those other accelerators. In this way, a mechanism is provided for ensuring that when the distributed TEE is terminated, malicious third parties are unable to read out confidential data from the accelerators.