An apparatus includes a cache controller circuit and a cache memory circuit that further includes cache memory having a plurality of cache lines. The cache controller circuit may be configured to receive a request to reallocate a portion of the cache memory circuit that is currently in use. This request may identify an address region corresponding to one or more of the cache lines. The cache controller circuit may be further configured, in response to the request, to convert the one or more cache lines to directly-addressable, random-access memory (RAM) by excluding the one or more cache lines from cache operations.

Methods, systems, and devices for access control configurations for inter-processor communications are described to support reconfiguration of a dynamic access control configuration at a device. For example, additional configuration fields may be added to existing access control rules of the device, where these additional fields may be configured by a processor sending information to a receiving processor, via a shared memory resource or region of the device. The additional fields may include a read-only value which may specify a processor which has exclusive write permission for a memory region of the share memory. This value may indicate the sending processor of the memory region, and the value may be set by access control hardware when the additional field is changed. Other processors of the device may be prevented from writing to the memory region.

Described are methods, systems and computer readable media for providing a current row position query language construct and array processing query language constructs and associated processing.

In an embodiment a method includes compiling, by a processor in a compiling phase, a software program intended to be executed by the processor, the processor having secure and non-secure access right level execution contexts, and/or privileged and non-privileged access right level execution contexts and generating, in the compilation phase, instructions in machine language having an exclusively secure access right level when the instructions are intended to be executed in the secure access right level execution context, and instructions having a non-privileged access right level when the instructions are intended to be executed in the non-privileged access right level execution context.

An illustrative method includes a data protection system detecting a request to perform an operation with respect to a storage system, identifying one or more attributes of the request, determining, based on the one or more attributes, that the request is possibly related to a security threat against the storage system, and throttling, based on the determining that the request is possibly related to the security threat against the storage system, a performance of the operation.

Access control request parameter interleaving may be implemented that supports user-configurable and host-configurable processing stages. A request may be received and evaluated to determine whether user-configured interleaving, host-configured interleaving, or both user-interleaving and host-interleaving are applied. For applied interleaving, two different portions of a request parameter may be swapped.

Apparatuses, methods and techniques for controlling memory access in a data processing system are disclosed. The operating data processing system comprises multiple subsystems, each comprising at least one processing element and at least one peripheral device. Memory transaction control circuitry receives memory transaction information of a memory transaction comprising a stream identifier indicative of the issuing peripheral device. A main control register indicates an address of a stream table having multiple entries each comprising an owning subsystem identifier. At least one subsystem control register corresponding to each subsystem of the multiple subsystems stores memory access checking configuration information. On receipt of the memory transaction information an entry of the stream table is selected in dependence on the stream identifier. At least one subsystem control register. corresponding to the subsystem identified by the owning subsystem identifier of the entry is selected.

Methods and apparatuses related to access to data stored in quarantined memory media are described. Memory systems can include multiple types of memory media (e.g., volatile and/or non-volatile) and data (e.g., information included in) stored in the memory media often are subject to risks of the data being undesirably exposed to the public. For example, requests to write data in the memory media can often be made and accepted without a user's awareness, which can lead to the undesirable exposure of the data. According to embodiments of the present disclosure, a particular portion and/or location in the memory media can provide a data protection scheme such that data stored in the particular location can be refrained from being transferred out of the computing system.

A memory controller and a storage device including the same are disclosed. A memory controller for controlling a nonvolatile memory includes: a security access control module configured to convert biometric authentication data received from a biometric module into security configuration data having a data format according to a security standard protocol and perform, based on the security configuration data, at least one of authority registration and authority authentication of a user authority set for an access control of a secure area of the nonvolatile memory, encrypted user data being stored in the secure area; and a data processing unit configured to, based on an access to the secure area being permitted, encrypt user data received from a host device or decrypt the encrypted user data read from the secure area.

An illustrative method includes a storage system receiving attribute data representative of one or more attributes of a known attack against data maintained by a target system other than the storage system, updating an extensible attack monitoring process executed by the storage system with the attribute data, and monitoring, using the extensible attack monitoring process updated with the attribute data, storage operation requests of the storage system for one or more attributes that match the one or more attributes of the known attack.