In one embodiment, an apparatus comprises: a challenger logic to issue a challenge to a responder logic, the challenge including an address of a portion of an array of a non-volatile memory; and the responder logic to receive the challenge and read data from the portion of the array at a read time less than a lockout period and at a demarcation voltage. The challenger logic may be configured to verify the challenge if the read data matches an expected read value, where the expected read value is determined based on configuration parameter information including compensation data associated with the portion of the array. Other embodiments are described and claimed.

Method, system, apparatus, and/or non-transitory computer readable medium for customizing data access permission in a data storage system. The system allows for the defining of data access permissions at a function level such that different functions in a host can have different data access permissions, for particular data stored in a storage device of the system.

Protecting contents of storage in a computer system from unauthorized access. The computer system includes one or more processing units sharing the storage. Each of the processing units has at least one processor cache. Each processing unit respectively encrypts or decrypts, with a protected section key, data transferred between its processor cache and the storage, when data relates to the protected section used by the hypervisor; and each processing unit respectively encrypts or decrypts, with a virtual machine key, data transferred between its processor cache and the storage, when data relates to storage areas used by a virtual machine.

An information handling system for enhanced system management mode (SMM) security may include a processor, system management random access memory (SMRAM), persistent memory, and basic input/output (BIOS) memory. The system may include instructions that, when loaded and executed by the processor, cause the processor to initialize the memory, initialize the BIOS memory, initialize the persistent memory, and check whether the system has previously executed a power-on self test (POST) routine. Based on a determination that the system has not previously executed a POST routine, the processor may unzip the SMM Code located in the BIOS memory store the unzipped SMM Code in the persistent memory and in the SMRAM. Based on a determination that the system has previously executed a POST routine, the processor may create a duplicate copy of the SMM Code from the persistent memory and store the duplicate copy in the SMRAM. The processor may further initialize the SMRAM, lock the SMRAM, and hide the SMM Code stored in the persistent memory.

In an active-active system, if write lock permission is granted to a second storage array, a first storage array sends to-be-written data and a lock revocation request together to a lock server; the lock server sends a lock revocation request carrying the to-be-written data to the second storage array; after storing the to-be-written data, the second storage array sends a lock revocation success message to the lock server; the lock server gives the write lock permission to the first storage array; and the first storage array obtains the write lock permission and stores the to-be-written data.

A system includes a plurality of data input ports, each port corresponding to one of a plurality of different levels of security classification; a security device, configured for cryptographic processing, coupled to receive incoming data from each of the plurality of input ports, wherein the incoming data includes first data having a first classification level; a key manager configured to select and tag-identified first set of keys from a plurality of key sets, each of the key sets corresponding to one of the different levels of security classification, wherein the first set of keys is used by the security device to encrypt the first data; and a common encrypted data storage, coupled to receive the encrypted first data from the security device for storage.

A method for resetting of memory locks in a transactional memory system. The method includes a processor setting at least one new memory lock during execution of a transaction that acquires access to a region of memory. The new memory lock indicates that the transaction and its associated thread have exclusive temporary access to the memory region. The method further includes determining if a first in first out (FIFO) memory lock register is full of memory locks and, in response to the FIFO memory lock register being full, a memory lock is removed from a tail position of the FIFO memory lock register. The removed memory lock is reset to return to a transactional memory state and the new memory lock is added to a head position in the FIFO memory lock register.

The invention provides method and system for improving efficiency of protecting multi-content process. The system may cooperate with a memory, and may comprise one or more hardware IPs (intellectual properties) for content processing, one of the one or more IPs may be associated with multiple access identities. The memory may comprise multiple different ranges, each range may register an access of one of the multiple access identities as a permissible access. The method may comprise: selecting one of the access identities for processing a first content, and using the selected access identity when said IP accesses the memory during processing of the first content; selecting a different one of the access identities for processing a second content, and using the selected different access identity when said IP accesses the memory during processing of the second content.

Methods and apparatus relating to cryptographic protection of memory attached over interconnects are described. In an embodiment, memory stores data and a processor having execution circuitry executes an instruction to program an inline memory expansion logic and a host memory encryption logic with one or more cryptographic keys. The inline memory expansion logic encrypts the data to be written to the memory and decrypts encrypted data to be read from the memory. The memory is coupled to the processor via an interconnect endpoint of a system fabric. Other embodiments are also disclosed and claimed.

Techniques performed by a data processing system for caching data herein include initializing a single instance of a persisted cache service on the data processing system, receiving data requests from a plurality of single page applications (SPAs) on the data processing system, processing the data requests using the persisted cache service to obtain requested data from a cache implemented on the data processing system or from one or more remote data sources via a network connection, and providing the requested data obtained from the cache or the one or more remote data sources to an SPA of the plurality of SPAs from which each data request originated.