Mobile device security, device management, and policy enforcement are described in a cloud-based system where the “cloud” is used to pervasively enforce security and policy and perform device management regardless of device type, platform, location, etc. A method includes receiving one or more mobile profiles for one or more mobile devices each associated with a user from an enterprise; responsive to enrollment of a mobile device of the one or more mobile devices, communicating to the mobile device; determining an associated mobile profile of the one or more mobile profiles for the mobile device; and configuring the mobile device based on the associated mobile profile.

A method for authenticating a peripheral device, that includes detecting, by a baseboard management controller (BMC), a presence of the peripheral device, receiving authentication credentials from the peripheral device, making a determination, based on the authentication credentials, that the peripheral device is authentic, and sending, in response to the determination, a command to open a peripheral communication channel with the peripheral device.

A method for authenticating a peripheral device, that includes detecting, by a baseboard management controller (BMC), a presence of the peripheral device, receiving authentication credentials from the peripheral device, making a determination, based on the authentication credentials, that the peripheral device is authentic, and sending, in response to the determination, a command to open a peripheral communication channel with the peripheral device.

A computer implemented method for providing communication between a secured client computer and a remote computer. There is provided a client computer that includes peripheral components. Each peripheral component is configured, by a processor, to process a corresponding peripheral component data of a data type that is not compatible with peripheral component data types processed by a processor of other peripheral components. The processor of each peripheral component is further configured to code the corresponding data of the specified data type. Each peripheral component is configured, by the processor, to establish a secured peer-to-peer communication channel between the peripheral component and the remote computer that is authorized to communicate with the client computer, and is further configured to code data that is communicated between the authorized remote computer and the peripheral component through the secured communication channel. The coded data being indecryptable by the processors of other of the peripheral components.

A computer implemented method for providing communication between a secured client computer and a remote computer. There is provided a client computer that includes peripheral components. Each peripheral component is configured, by a processor, to process a corresponding peripheral component data of a data type that is not compatible with peripheral component data types processed by a processor of other peripheral components. The processor of each peripheral component is further configured to code the corresponding data of the specified data type. Each peripheral component is configured, by the processor, to establish a secured peer-to-peer communication channel between the peripheral component and the remote computer that is authorized to communicate with the client computer, and is further configured to code data that is communicated between the authorized remote computer and the peripheral component through the secured communication channel. The coded data being indecryptable by the processors of other of the peripheral components.

Systems and methods provide a transient component limited access to data in a composition. One method includes receiving a request for the transient component to access data in the composition. The composition may include permanent components operable to utilize encryption keys generated at selected intervals from a seed value shared by the permanent components. The encryption keys utilized by the permanent components at each selected interval may be identical to one another. The method also includes generating a set of encryption keys from the seed value for a specified period of time. The set of encryption keys may be identical to the encryption keys to be utilized by the permanent components at the selected intervals to occur during the specified period of time. The method further includes granting the transient component access to data in the composition for the specified period of time via the set of encryption keys.

An industrial control system module and methods are described for self-destruction or the destruction and/or erasure of sensitive data within the industrial control system module upon an indication of an unauthorized module access event. In an implementation, a secure industrial control system module includes a circuit board including electrical circuitry; a sealed encasement that houses the circuit board, where the sealed encasement includes a housing having a first housing side and a second housing side, where the housing is configured to house the circuit board when the first housing side and the second housing side are coupled together; and a first sensor component integrated with the sealed encasement, where the first sensor component is communicably coupled to the circuit board and electrical circuitry and is configured to provide an indication of an unauthorized access event.

A power receiving apparatus includes a power receiving unit and a control unit. The power receiving unit receives a first power from a power supply apparatus via a connection unit. The control unit determines whether or not authentication information including identification information of the power supply apparatus is authentic, and determines whether or not the power supply apparatus has passed a compliance test based on the identification information. The power receiving unit is allowed to receive a second power greater than the first power, in a case where the authentication information is authentic and the power supply apparatus has passed the compliance test.

A storage system and method for command execution ordering by security key are provided. In one example, the storage system has a non-volatile memory, a volatile memory storing a plurality of keys, and a controller with a cache storing a subset of the plurality of keys. The storage system gives priority to a command whose key is stored in the cache in the controller over commands whose keys are stored only in the volatile memory. This avoids transferring a key from the volatile memory to the cache in the controller, thereby improving efficiency of the storage system.

A supervisory unit configured to supervise interconnect messages passing to or from an interconnect is provided. The supervisory unit is configured to, on receiving an interconnect message: store the interconnect message in a data store; compare the interconnect message to predetermined filter criteria; and select, in dependence on that comparison, one or more actions to be taken with respect to the interconnect message. The one or more actions are selected from the group including: permitting the interconnect message to pass unaltered; blocking the interconnect message from passing and permitting the interconnect message to pass in an altered state; and performing the one or more selected actions with respect to the interconnect message.