A laser eye surgery system produces a treatment beam that includes a plurality of laser pulses. An optical coherence tomography (OCT) subsystem produces a source beam used to locate one or more structures of an eye. The OCT subsystem is used to sense the distance between a camera objective on the underside of the laser eye surgery system and the patient's eye. Control electronics compare the sensed distance with a pre-determined target distance, and reposition a movable patient support toward or away the camera objective until the sensed distance is at the pre-determined target distance. A subsequent measurement dependent upon the spacing between the camera objective and the patient's eye is performed, such as determining the astigmatic axis by observing the reflection of a plurality of point source LEDs arranged in concentric rings off the eye.

A method for determining completion of a data migration that results from a distributed agreement protocol (DAP) change within a distributed storage network (DSN). The method begins by transferring, in accordance with the DAP change, encoded data slices to one or more other storage units within the DSN. The method continues by maintaining a storage unit migration tracking repository that tracks migration of the encoded data slices. The method continues by maintaining a storage pool migration tracking repository based on the storage unit migration tracking repositories of the plurality of storage units. The method continues by maintaining a DSN migration tracking repository based on the storage pool migration tracking repositories of the plurality of storage pools. The method continues by indicating completion of the data migration as a result of the DAP change based on information within the DSN tracking repository.

Apparatus (400, 500) and method (200, 220, 240, 260, 280, 300) for detecting unauthorized tampering with a data storage device (100, 110, 140, 520). In some embodiments, the data storage device has a housing (112, 142) and a memory (192) supported by the housing. A first identifier value (202A, 222A, 242A, 262A, 282A, 306A) is stored on an external surface of the housing and a second identifier value (202B, 222B, 242B, 262B, 282B, 306B) is stored within the memory. A digital signature (210, 256, 296) generated in response to the first and second identifier values and in response to a private key (208, 254, 288) is stored on the storage device. Thereafter, the first identifier value is retrieved from the external surface of the housing and the second identifier value is retrieved from the memory. The storage device is authenticated using the retrieved first and second identifier values, the digital signature and a public key (228, 274, 312).

Apparatus (400, 500) and method (200, 220, 240, 260, 280, 300) for detecting unauthorized tampering with a data storage device (100, 110, 140, 520). In some embodiments, the data storage device has a housing (112, 142) and a memory (192) supported by the housing. A first identifier value (202A, 222A, 242A, 262A, 282A, 306A) is stored on an external surface of the housing and a second identifier value (202B, 222B, 242B, 262B, 282B, 306B) is stored within the memory. A digital signature (210, 256, 296) generated in response to the first and second identifier values and in response to a private key (208, 254, 288) is stored on the storage device. Thereafter, the first identifier value is retrieved from the external surface of the housing and the second identifier value is retrieved from the memory. The storage device is authenticated using the retrieved first and second identifier values, the digital signature and a public key (228, 274, 312).

Disclosed aspects relate to data management for a mass storage device. The mass storage device may be structured to include an encrypted file system to store a set of data and a token analyzer to manage access to the encrypted file system. A connection between the mass storage device and a computing device may be sensed. In response to sensing the connection, a token corresponding with the computing device may be detected. Based on the token, the token analyzer may determine to provide the computing device a set of selected permissions to the encrypted file system. The set of selected permissions to the encrypted file system may be provided by the mass storage device to the computing device.

A method for selecting a substantially optimized scheduler from a plurality of schedulers for executing dispersed storage error functions on a distributed storage network begins with a computing device receiving a dispersed storage error functions along with an indication of measured throughput and measured latency from a requesting device. The method resumes when a scheduler is selected from the plurality of schedulers based on desired latency and throughput, while considering the characteristics of the dispersed error function being executed. The method continues with the computing device receiving a different dispersed error function and selecting a different scheduler.

Various integrated circuits protect hidden content e.g., embedded instruments, keys, data, etc.) using scan cell circuit(s). For example, a first scan cell circuit is connected to the hidden content, and a second scan cell circuit is connected to the first scan cell circuit forming all or part of a serial data path. The first scan cell circuit provides access to the hidden content whenever the first scan cell circuit is in a first specified state and prevents access whenever the first scan cell circuit is in a different state. The first scan cell circuit does not interrupt the serial data path when the first scan cell circuit is in the different state. The second scan cell circuit changes an operational characteristic of the first scan cell circuit whenever the second scan cell circuit is in a second specified state. In some cases, the second scan cell circuit can be eliminated.

Various integrated circuits protect hidden content e.g., embedded instruments, keys, data, etc.) using scan cell circuit(s). For example, a first scan cell circuit is connected to the hidden content, and a second scan cell circuit is connected to the first scan cell circuit forming all or part of a serial data path. The first scan cell circuit provides access to the hidden content whenever the first scan cell circuit is in a first specified state and prevents access whenever the first scan cell circuit is in a different state. The first scan cell circuit does not interrupt the serial data path when the first scan cell circuit is in the different state. The second scan cell circuit changes an operational characteristic of the first scan cell circuit whenever the second scan cell circuit is in a second specified state. In some cases, the second scan cell circuit can be eliminated.

Systems and methods of providing spatial security of data stored on a hard disk drive. A method includes associating a user with at least one track and/or sector of the hard disk drive. The method also includes locking the at least one track and/or sector as a default setting. The method additionally includes determining the user has moved into a predefined area. The method further includes unlocking the at least one track and/or sector based on the determining the user has moved into the predefined area.

Systems and methods of providing spatial security of data stored on a hard disk drive. A method includes associating a user with at least one track and/or sector of the hard disk drive. The method also includes locking the at least one track and/or sector as a default setting. The method additionally includes determining the user has moved into a predefined area. The method further includes unlocking the at least one track and/or sector based on the determining the user has moved into the predefined area.