A method, apparatus, system, and computer program product for domain-authenticated control of platform resources. Resources under the control of the platform are managed in accordance with access control rules that are centrally managed by a directory service. Security policies are uniformly applied by requiring authorization of the user's access to platform resources including hard drives, flash memory, sensors, network controllers and power state controllers.

Embodiments are provided for protecting boot block space in a memory device. Such a memory device may include a memory array having a protected portion and a serial interface controller. The memory device may have a register that enables or disables access to the portion when data indicating whether to enable or disable access to the portion is written into the register via a serial data in (SI) input.

In an aspect, a method of preventing tampering of a mobile device lock, wherein the method comprises: a client application executed in a mobile device monitoring the reception of presence messages transmitted, e.g. broadcast, by a user-detecting device in the vehicle, the user-detecting device comprising a radio interface configured to wirelessly transmit presence messages when the vehicle is moving, preferably the presence message comprising an identification code, preferably a MAC address, of the user detecting device. The client application repeatedly, for example periodically or regularly, wirelessly transmitting notification messages to a server in a network, the notification messages signaling the server that the client application is being executed on the mobile device. The client application determines if the user is inside the vehicle; monitors the velocity of the vehicle and locks the mobile device; and monitors user interaction with the mobile device.

Embodiments help to provide a cross-device security schema for an audio device and a master device to which it is tethered (e.g., a smartphone). An example security scheme provides flexible mechanisms for locking and unlocking the audio device and the device to which it is tethered. For instance, an example security scheme may include: (a) an unlock sync feature that unlocks the audio device and keeps the audio device unlocked whenever the master device is unlocked, (b) a separate audio device unlock process that unlocks the audio device only (without unlocking the master device, and (c) an on-head detection process that, in at least some scenarios, locks the audio device in response to a determination that the audio device is not being worn.

The techniques disclosed herein enable systems to manage remote file storage systems while bolstering information security through file encryption on download and permissions labels. To achieve this, a site owner configures permissions for a network site that stores files and that enables encryption on download. Various users with file access via the permissions may then interact with the site. When a user downloads a file from the site, they receive an encrypted copy that includes a permissions label that synchronizes with the network site permissions. When a user attempts to interact with an encrypted file the permissions label is used by the system to determine whether the user is authorized to access the file. In addition, permissions that are changed at the network site can be propagated to downloaded encrypted copies. In this way, permissions can be enforced for all site files even when copies leave the network site.

Some implementations disclosed herein provide systems and methods that use an inmate-accessible electronic briefcase to facilitate an inmate's organization of significant content. Electronic documents are created and stored in an organized document storage area that may be accessed while the inmates are incarcerated and after the inmates are released.

Disclosed are systems and methods for document branching. In some embodiments, the method includes the steps of: obtaining a branch model associated with a set of related documents, the branch model comprising one or more branches, each branch of the one or more branches comprising a branch type and one or more nodes, the one or more branches comprising a primary branch associated with a primary document, the set of related documents comprising the primary document having a first document identifier; generating a secondary branch based upon a revision of the primary document, the secondary branch associated with a secondary document of the set of related documents, the secondary document having a second document identifier; and adding the secondary branch to the branch model.

A method of unlocking a second device using a first device is disclosed. The method can include: the first device pairing with the second device; establishing a trusted relationship with the second device; authenticating the first device using a device key; receiving a secret key from the second device; receiving a user input from an input/output device; and transmitting the received secret key to the second device to unlock the second device in response to receiving the user input, wherein establishing a trusted relationship with the second device comprises using a key generated from a hardware key associated with the first device to authenticate the device key.

In association with a communication platform, one or more users can create, share, edit, and/or comment on a document. Some examples of this disclosure are related to providing a list of suggested documents that a user can reference (e.g., add a link to) in a virtual space (e.g., in a message or post to one or more other users). For example, a user can be interacting with a virtual space (e.g., composing a direct message, a channel post, a thread, a workspace, a document, and the like) and invoke a list of suggested documents that can be referenced in the virtual space. In examples of the present disclosure, the list of suggested documents can include documents that are identified (e.g., based on one or more conditions being met) to be relevant to, or otherwise associated with, the virtual space.

A distributed ledger, e.g., blockchain, enabled operating environment includes a user device that accesses services of a service device by leveraging the decentralized blockchain. For example, a user device can lock/unlock a door (e.g., service device) by interfacing with a smart contract stored on the decentralized blockchain. The user device provides parameters, such as payment, that satisfies the variables of the smart contract such that the user device can access the service device. The service device regularly retrieves information stored in the smart contract on the decentralized blockchain. For example, the retrieved information can specify that the user device is authorized to access the service device or that the service device is to provide a service. Therefore, given the retrieved information, the service device provides the service to the user device.