A system and a method for a supply-chain hardware integrity for electronics defense (SHIELD) dielet embedded over a component of a device, a radio frequency identification (RFID) probe system coupled to the SHIELD dielet, and a secure server system communicating with the RFID probe system that can enable security services is provided. Embodiments include a multi-function SHIELD software defined, hardware enabled security system that provides hardware identity, anti-tamper, encryption key generation and management, trusted platform module services, and cryptographic software security services for a device.

A key derivation provider (e.g., a key derivation enclave (KDE)) provides a stable key to trusted codes of application enclaves. The KDE receives, from a trusted code of an application enclave, a request for a key, the request including evidence of the trusted code of the application enclave and a specification of the key being requested. The KDE determines whether the evidence indicates that the trusted code of the application enclave is authorized to access the KDE. The KDE validates the request for the key against a key access policy for the requested key. Responsive to validating the request, the KDE obtains a master key corresponding to the specification of the key being requested, derives the requested key using materials of the obtained master key, and returns the master key to the requesting application enclave.

Embodiments securely share a machine learning (“ML”) notebook, comprising a plurality of cells, over a cloud network. Embodiments receive the ML notebook with one or more of the cells designated as a masked cell. Embodiments encrypt the masked cells and hash the masked cell using a corresponding hash. Embodiments store the hashed masked cell with a corresponding one or more identities of users who can use the hash to execute the masked cell.

Embodiments of a system and method for secure processing of image data are described. Image data included in image files may be encrypted and compressed in a single step using dynamically identified compression/encryption information such as code word tables.

A system for providing access is configured to receive an application access request from an application for authorization to access and a sensitive data access request from the application for authorization to access a document that includes sensitive data. The system is further configured to determine to authorize access to the application in response to the application access request; to determine the user authentication device in response to the sensitive data access request; to provide a secondary request for authorization to access sensitive data to the user authentication device in response to the sensitive data access request, receive a secondary request response from the user authentication device to the secondary request; and to provide the secondary request response to the application enabling access to the sensitive data, where the document is encrypted for delivery to the application for the user using a blinding secret and an identity private key.

A method implemented by an image recording unit having a normal state and an error state of operation. The method includes: receiving metadata specifying information about a patient and/or an endoscopic procedure; receiving images generated by an image sensor of an endoscope, the images corresponding to optical images received by the image sensor and comprising single images and/or a stream of images; controlling a display to show the images; in response to a first user input in the normal state, storing the images and the metadata in a memory of the image recording unit, and in the error state, overwriting with new data at least some of the metadata.

Method and system disclosed herein facilitate retrieval of a blockchain key. The method comprises receiving a key store comprising a first encryption method, a second encryption method, and identification information of one or more network nodes storing a plurality of encrypted storage keys; displaying an authentication request and receiving and input form the user in response to the authentication request; upon the input received matching a record within a database, instructing the one or more network nodes to transmit the encrypted key segments; decrypting each encrypted key segment based on the first encryption method; and generating a blockchain key by appending the strings of the key segments based on the second encryption method.

A computing device may determine that a user of an application is asleep based on data of a wearable computing device that is associated with a user. Based on the determination that the user is asleep, the computing device may lock an account that is associated with the user. Locking the account may involve restricting actions that the user is permitted to take with respect to the application. The computing device may receive an indication of a first transaction that is associated with the account of the user. Based on the determination that the account is locked, the computing device may prohibit the transaction. The computing device may receive an indication that the user is awake. Based on the indication that the user is awake, the computing device may unlock the account and permit a second transaction.

Systems and methods for concurrent modification of content are provided. In response to a verified request received from a user content is copied to a first storage media as a first version of the content uniquely identified by a first identifier, the verified request being based on verification of the user's credentials. In response to the user editing the first version of the content, the edited copy of the content is stored in the content management system in association with a second identifier uniquely identifying the edited copy of the content as a second version of the content. In response to receiving a notification that a plurality of users no longer request access to the content stored in the content management system, the first version of the content is deleted from the first storage media.

A storage apparatus includes a biological sensor configured to detect biological information on a user, an image acquisition unit configured to acquire, from an image capturing unit, an image that is captured around the user, an image processing unit configured to separate the image around the user into a line-of-sight direction image related to an image in a line-of-sight direction of the user and a peripheral image related to an image other than the line-of-sight direction image, an encryption unit configured to generate an encryption key for encrypting the line-of-sight direction image based on the biological information on the user, and encrypts the line-of-sight direction image by using the encryption key, and a storage control unit configured to store the line-of-sight direction image that is encrypted by the encryption unit in a storage unit.