A computer program product includes program instructions configured for execution by a processor to perform various operations. The operations include accessing a system resource database including, for each of a plurality of disaggregated computing hardware resources within a composable computing system, hardware characteristics that describe the disaggregated computing hardware resource, wherein the hardware characteristics include a physical location of the disaggregated computing hardware resource. The operations further include identifying a first workload request that requests performance of a first workload, identifying a physical location requirement for the first workload, selecting a subset of the disaggregated computing hardware resources to be included in a first computing subsystem for performance of the first workload in compliance with the physical location requirement for the first workload, provisioning of the first computing subsystem, and assigning the first computing subsystem to perform the first workload.

A method for execution by a customer premises receiver, comprising: receiving a signal that carries an original media stream; determining a location of the receiver; obtaining an identifier of an authorized region for the receiver; determining whether said location is contained within said authorized region; if said location is determined to be contained within said authorized region, outputting the original media stream for conveyance to a user; if said location is determined to not be contained within said authorized region, outputting a second media stream that is sufficiently corrupted relative to the original media stream as to degrade the user's viewing experience while being demonstrative of non-malfunctioning of the receiver. Also, a method, comprising a service provider releasing towards a plurality of customer premises receivers information regarding a respective geographic region within which each receiver is authorized to operate, wherein different geographic regions define coverage areas of different sizes.

The system and methods described allow a content delivery application to provide temporary access to a content item for display on a content access device based on a user obtaining access to the content item initially on another system. The content delivery application receives content accessed confirmation that user access a content item and then monitors whether that access was interrupted. If the access was interrupted, the content delivery application generates a content access bookmark based on a content timeline and stores a content access authorization comprising the content access bookmark and an identifier from the profile. When the user requests the content item, the content delivery application transmits access information corresponding to segments of the content item, based on the content access bookmark to a user's device.

An approach to delivering media content to a client computing device of a recipient is described. A server system is provided that is arranged to receive a request identifying a media content segment, of a media content item comprising a plurality of identifiable media content segments, and a recipient. In response to the request, the server system uses recipient identification information to generate a modified version of the media content segment that is attributable to the recipient. The server system then delivers the modified version of the media content segment to the client computing device.

A set of security templates is maintained including first and second templates. The first template specifies time and location stamp authentication for a file, and contextual security conditions that must be met before the file can be accessed. The second template specifies the time and location stamp authentication, but not the contextual security conditions. One of the first or second security templates is applied to the particular file. When the second security template is applied, a GPS-crypto device adds a time and location stamp to the particular file. The particular file is signed using a private key associated with the GPS-crypto device to generate an authentication signature based on the time and location stamp. The authentication signature is added to the particular file to allow a recipient to verify the time and location stamp of the particular file using a public key corresponding to the private key.

An indication is received to export a file from a host having an authentication device. A memory buffer is allocated for a signature region, a header region, and a content region. A location stamp and a time stamp are calculated for content of the file. The location and time stamps are copied to the header region. An authentication signature is generated using a private key associated with the authentication device. The authentication signature is based on the header and content regions, which include the copied location stamp and timestamp, and content of the file. The authentication signature is copied to the signature region. The memory buffer is written to a new file, the new file being a signed version of the file and including the signature region having the authentication signature, the header region having the location and time stamps, and the content region having the content of the file.

Embodiments of the disclosure provide a method for enhancing standard authentication systems to include risk-based decisions. Risk-based decisions can be selectively implemented within existing authentication systems to strategically modify and supplement security if an unacceptable risk is detected. Embodiments capture information pertaining to a user and user device. Information is stored to create a profile for the user and user device. A comparison between the stored information and live data can be performed within authentication systems to optimize security. If the results of the comparison demonstrate the presence of an acceptable risk, then the need for subsequent authentication can be reduced or eliminated, which improves a user experience.

Systems and methods for generating and facilitating access to a personalized augmented rendering of a user to be presented in an augmented reality environment are discussed herein. The augmented rendering of a user may be personalized by the user to comprise a desired representation of the user in an augmented reality environment. When a second user is detected within the field of view of a first user, the second user may be identified and virtual content (e.g., an augmented rendering) for the second user may be obtained. The virtual content obtained may differ based on one or more subscriptions for the first user and/or permissions associated with the virtual content of the second user. The virtual content obtained may be rendered and appear superimposed over or in conjunction with a view of the second in the augmented reality environment.

A communal computing device such as an interactive digital whiteboard can provide progressively more access to functionality and data on the device based on a level of certainty in the identity of a user. If a user is identified based on one or more low-fidelity identification signals such as an image of the user or a device identifier, the communal computing device may provide a first level of functionality that is limited. If the user requests greater access, the communal computing device can request that a trusted cloud-based provider authenticate the user by way of a personal device, such as a smartphone. The authentication may be a password or high-fidelity biometric identification. The cloud-based provider communicates successful authentication to the communal computing device and it, in turn, provides the user access to higher, second level of functionality.

A technique for controlling the reading of a digital object by a user device. The digital object is stored locally in the memory of the user device. The reading of the digital object is conditioned by receiving at least one datum broadcast by a transmitting device using a radio communication channel. An area for reading the digital object is thus located in the radio range of the transmitter device. Reading is blocked outside of this reading area.