Provided is a method and apparatus for providing a cryptographic security function for the operation of a device, and to an associated computer program (product). The method for providing a cryptographic security function for the operation of a device carries out the following steps: receiving a request to provide such a security function, providing an interface to a point providing such a security function, said point being called a trust anchor, wherein said interface determines context information in accordance with the application initialing the request, providing the requested security function for the application initiating the request, wherein the determined context information influences the provision of said security function.

Disclosed embodiments relate to a system having a processor adapted to activate multiple security levels for the system and a monitoring device coupled to the processor and employing security rules pertaining to the multiple security levels. The monitoring device restricts usage of the system if the processor activates the security levels in a sequence contrary to the security rules.

A method of starting an electronic device includes: receiving a first wireless signal carrying a first identification data by a wireless receiver before the electronic device enters a normal operating state; comparing the first identification data with a valid data; obtaining an account name and a password according to the first identification data if the first identification data matches the valid data and logging in to an operating system with the account name and the password so as to allow the electronic device to enter the normal operating state; and not logging in to the operating system if the first identification data does not match the valid data.

System and methods perform identity freezing. A user input requesting halting of operations related to a plurality of accounts or profiles of the user at different local systems is received. In response, a token mapping database is accessed to identify a personally identifiable information (PII) token for the user. A freeze message with the PII token is transmitted to the different local systems to halt operations associated with the plurality of accounts or profiles of the user. Thereafter, at the different local systems, the operations associated with the plurality of accounts or profiles of the user are halted to freeze an identity of the user. More efficient communication and operations to freeze the user accounts and profiles thereby result.

A program execution device capable of protecting a program against unauthorized analysis and alteration is provided. The program execution device includes an execution unit, a first protection unit, and a second protection unit. The execution unit executes a first program and a second program, and is connected with an external device that is capable of controlling the execution. The first protection unit disconnects the execution unit from the external device while the execution unit is executing the first program. The second protection unit protects the first program while the execution unit is executing the second program.

A system and method for high performance secure access to a trusted platform module on a hardware virtualization platform. Example instructions partition resources of the host system to allocate (a) first resources of the host system for a first virtual machine and (b) second resources of the host system for a second virtual machine, wherein the resources of the host system include memory resources and a trusted platform module, the first virtual machine to run a first guest operating system and the second virtual machine to run a second guest operating system, wherein the first guest operating system is to run in a first isolated environment, the second guest operating system is to run in a second isolated environment; implement a virtual trusted platform module to support encryption for the first virtual machine; and protect the first resources and the second resources from unauthorized access.

Disclosed is a method of customizing an appliance. The method includes steps of pre-storing a public key in the appliance; connecting the appliance to an external storage device; and booting up the appliance to automatically proceed with the following customization process: obtaining a customization file from the external storage device; authenticating the customization file with the public key; and executing customization with the customization file if the authentication succeeds.

Aspects of the disclosure relate to a system and method for securely authenticating a device via token(s) and/or verification computing device(s). A verification computing device may generate a pseudorandom number or sequence. Based on the pseudorandom number or sequence, the verification computing device may select a first plurality of parameters associated with a user of a device to be authenticated. The verification computing device may transmit, to the device, the pseudorandom number or sequence, and the device may select a second plurality of parameters. The device may generate a token based on the second plurality of parameters. The device may send the token to another device, and the other device may send the token to the verification computing device. The verification computing device may authenticate the device based on the token.

An example memory subsystem includes a memory component and a processing device, operatively coupled to the memory component. The processing device is configured to receive a plurality of logical-to-physical (L2P) records, wherein an L2P record of the plurality of L2P records maps a logical block address to a physical address of a memory block on the memory component; determine a sequential assist value specifying a number of logical block addresses that are mapped to consecutive physical addresses sequentially following the physical address specified by the L2P record; generate a security token encoding the sequential assist value; and associate the security token with the L2P record.

Embodiments of the present disclosure disclose a secret information distribution method. The method includes: receiving, by a network functions virtualization infrastructure NFVI, secret information sent by management and orchestration (MANO); creating a virtual trusted platform module (vTPM) in the NFVI, and writing the secret information into the vTPM; receiving, by the network functions virtualization infrastructure NFVI, a virtualized network function VNF initialization command from the MANO, and creating a VNF; and obtaining, by the VNF, the secret information from the vTPM.