The disclosure relates to a method for enabling the secure functions of a chipset (1) and especially the encryption of the content of the secure memory (7) when the device goes into low power mode. The content of the secure memory (7) may be encrypted and stored in an external memory (20) during low power mode of the chipset (1).

Methods, apparatus, and systems are disclosed for file vault and cloud based document notary service. An example method includes receiving a first document from a first node associated with a first party and a second document from a second node associated with a second party, the first and second nodes remotely coupled to the at least one processor via a network, storing the first and second documents in at a non-volatile machine accessible medium coupled to the processor, the first and second documents respectively assigned to first and second document identifiers, receiving a first request to access the first document, the first request corresponding to the first document identifier, receiving a first authorization from a third node, associated with a third party, that is remotely coupled to the at least one processor via the network, and granting the first request based on the first authorization and the first document identifier.

A system for identifying one or more sub-fields within a field of a given field type, the field comprising a plurality of field bits, and each of the sub-fields comprising a distinct sub-group of the field bits having one or more fixed consecutive bit positions within each instance of a plurality of instances of the field, the system including a processing resource configured to: obtain one or more input time-series, each input time-series of the one or more input time-series including a plurality of input instances of the field; generate one or more 10 new time-series, each new time-series of the generated new time-series being associated with at least one input time-series of the one or more input time-series and including a plurality of new instances of the field; generate a bit-field based on selected instances of the new instances in each new time-series of the generated new time-series; and analyze the bit-field to identify the fixed consecutive bit positions of at least one of the sub-fields within the field.

Representative embodiments of operating a secured device requiring user authentication include receiving a request from a user for operating the device without prior authentication; granting the user temporary access to the device in accordance with a security policy that specifies a predetermined time interval and/or a predetermined number of device operations within which authentication must occur to continue at least some operations of the device; computationally storing an audit trail identifying the temporary access and actions performed during the temporary access; and upon determining that authentication has not been provided within the predetermined time interval or number of device operations, preventing at least some operations of the device and updating the audit trail to specify expiration of the temporary access.

A method for execution by a storage unit of a dispersed storage network includes receiving a proxied data access request regarding an encoded data slice from another storage unit of the DSN, where the encoded data slice is stored in the storage unit according to a distributed agreement protocol. The method continues with determining whether the other storage unit is an authentic storage unit of the DSN. When the other storage unit is the authentic storage unit, the method continues with processing the proxied data access request to produce a data access response. The method continues with sending the data access response to the other storage unit.

A computer program product for providing notifications to a user of an intrusion into firmware includes, in one example, non-transitory computer readable medium including computer usable program code embodied therewith to, when executed by a processor, detect intrusion to the firmware of a computing system during runtime in a system management mode.

A system for monitoring actual access to data elements in an enterprise computer network and providing associated data, the system including an at least near real time data element audit subsystem providing audit output data including at least one of a time stamp, identification of an accessor, user depository stored data regarding the accessor, accessed data element data, affected data element data, type of access operation, source IP address of access and access outcome data, in at least near real time, relating to actual access to data elements in the enterprise computer network, and an additional data providing subsystem receiving in at least near real time at least a part of the audit output data and utilizing the at least part of the audit output data for providing additional data which is not part of the audit output data.

Methods and apparatus for a secure time service are disclosed. A time server including a time source, a cryptographic key and a cryptographic engine is instantiated within a provider network. A time service endpoint receives a timestamp request from a client. The endpoint transmits a representation of the request to the time server, and receives, from the time server, an encryption of at least a timestamp generated using the time source. A response comprising the encryption of at least the timestamp is transmitted to the requesting client.

According to some embodiments, an electronic device can implement a failsafe action. The system comprises a processor and a computer-readable medium comprising processor executable instructions, that when executed by the processor, performs a method, the method comprises receiving a first antidote message within a first time interval. Based on receiving the first antidote message, continuing normal operation of the electronic device is continued. The electronic device waits for reception of a second antidote message within a second time interval. A determination is made that the second antidote message was not received within the second time interval. In response to determining that the second antidote message was not received, implementing a first failsafe action.

The present invention relates to a method to create, by a service provider, a trusted pool of security devices adapted to perform cryptographic operations in a secure service, comprising the steps of: for a service provider, setting up a secure service by allocating a first device in the service, setting the first security device's clock to a reliable time source, creating an internal secure-service-object defining at least a service clock-instance and service-specific cryptographic keys and certificates used to protect communication between a resource owner's security application and a security device part of the secure service, said secure-service-object being maintained by the security device internally preventing any service provider from arbitrarily changing it, when additional security devices are required, for the service provider, adding additional security devices to the service through ensuring the two security devices' clocks are synchronized by setting the target security device's clock to an accurate time value and defining, in the secure-service-object, a max-delta-time and a max-daily-correction per day values limiting the drift between two devices of the pool.