A data processing system is provided with processing circuitry as well as a bank of 64-bit registers. An instruction decoder decodes arithmetic instructions and logical instruction specifying arithmetic operations and logical operations to be performed upon operands stored within the 64-bit registers. The instruction decoder is responsive to an operand size field SF within the arithmetic instructions and the logical instructions specifying whether the operands are 64-bit operands or 32-bit operands where all of the operands are 64-bit operands or all of the operands are 32-bit operands. If a switch is made to a lower exception level, then a check is made as to whether or not a register being used was previously subject to a 64-bit write to that register. If such a 64-bit write had previously taken place, then the upper 32-bits are flushed so as to avoid data leakage from the higher exception level.

Managing organization disconnections from a shared resource of a communication platform is described. In a sharing approval repository of a communication platform, a shared resource can be associated with a host organization identifier and a non-host organization identifier. In an example, in response to receiving, from a user computing device associated with the host organization identifier or the non-host organization identifier, a resource disconnection request comprising a disconnecting organization identifier and a resource identifier associated with the shared resource, the sharing approval repository can be updated to add a disconnection indication for the resource identifier in association with the disconnecting organization identifier. The disconnection indication can restrict access, of users of a disconnected organization, to data associated with the shared resource that is stored in a live shared resource repository and can cause a static shared resource to be presented based on a selection input corresponding to the shared resource.

In a case where a second client apparatus associated with a first client apparatus exists when the first client apparatus is determined as a client apparatus of a transfer target of authority, a server apparatus further determines the second client apparatus as the client apparatus of the transfer target of the authority, generates a permission screen corresponding to a client apparatus determined as the client apparatus of the transfer target of the authority, and transmits the generated permission screen.

In one embodiment, a system for managing a virtualization environment comprises a plurality of host machines, one or more virtual disks comprising a plurality of storage devices, a virtualized file server (VFS) comprising a plurality of file server virtual machines (FSVMs), wherein each of the FSVMs is running on one of the host machines and conducts I/O transactions with the one or more virtual disks, and a virtualized file server self-healing system configured to identify one or more corrupt units of stored data at one or more levels of a storage hierarchy associated with the storage devices, wherein the levels comprise one or more of file level, filesystem level, and storage level, and when data corruption is detected, cause each FSVM on which at least a portion of the unit of stored data is located to recover the unit of stored data.

Some implementations disclosed herein provide systems and methods that use an inmate-accessible electronic briefcase to facilitate an inmate's organization of significant content. Electronic documents are created and stored in an organized document storage area that may be accessed while the inmates are incarcerated and after the inmates are released.

A method may include, receiving, at a server device and from a requesting computing device associated with a requesting user, a request for a data item. The data item configured may be configured as a data structure and include an encrypted data payload; metadata identifying a source of the payload and when the data payload was captured; and a token identifying an owner of the data item and access rights to the data item. The method may include parsing he token to identify the owner of the data item; transmitting the request for the data item to a computing device associated with the owner; receiving a response from the computing device. The response may indicate the requesting user may access the data item, and in response, transmit a decryption key to the requesting computing device for the encrypted data payload. The method may include updating the token.

A method for managing data processes in a network of computing resources includes: receiving at least one child request being routed from an intermediary device to at least one corresponding destination device, the at least one child request requesting execution of at least one corresponding child data process, each of the at least one child data process for executing at least a portion of the at least one parent data process from an instructor device, and each of the at least one child request including a destination key derived at least in part from the at least one instructor key; storing the at least one child request in at least one storage device; modifying the at least one child request upon receiving a child request modification signal; and generating signals for communicating the child requests to one or more requesting devices.

Downloadable pluggable services and methods of distributing the same are described. The downloadable pluggable services may correspond to communication services that can be downloaded to upgrade a communication system. The downloadable pluggable services may include a number of component parts that can be distributed among various servers in the communication system being upgraded along with instructions that enable the component parts to instruct each server in the communication system to operate in a coordinated fashion so as to provide the downloaded service.

A method for enforcing entitlements includes configuring a wide variety of entitlements at a server; determining applicable combination of entitlements for a given client request; sending entitlements to the requesting client securely; handling entitlement information securely on a plurality of client devices at run time; storing entitlement information securely on a plurality of client devices for offline use; and enforcing entitlements on a plurality of client devices. The method employs manipulation of manifest files by a proxy that may be included in the client device or located in the network.

In one embodiment, a storage unit stores a table tree and verifier tree. The table tree includes parent and child tables. The verifier tree includes parent and child verifiers associated with the parent and child tables, respectively. The parent verifier is used for verifying the child table and child verifier. A device stores a secure table tree corresponded to the table tree and used for address translation and a secure verifier tree corresponded to the verifier tree, to a secure storage unit. The device executes verification, based on verification information calculated based on a first child table and first child verifier in the storage unit and a first parent verifier in the secure verifier tree. The device sets the second address of the secure table tree such that the second address designates data in the first storage unit.