Various approaches for memory encryption management within an edge computing system are described. In an edge computing system deployment, a computing device includes capabilities to store and manage encrypted data in memory, through processing circuitry configured to: allocate memory encryption keys according to a data isolation policy for a microservice domain, with respective keys used for encryption of respective sets of data within the memory (e.g., among different tenants or tenant groups); and, share data associated with a first microservice to a second microservice of the domain. Such sharing may be based on the communication of an encryption key, used to encrypt the data in memory, from a proxy (such as a sidecar) associated with the first microservice to a proxy associated with the second microservice; and maintaining the encrypted data within the memory, for use with the second microservice, as accessible with the communicated encryption key.

Systems and methods for developing one or more applications associated with a browser-based user interface within a multi-developer computing platform employ one or more processors that receive a request to build one or more applications configured to run in a browser-based user interface on a client; determine whether the one or more applications are associated with a core library and one or more runtime libraries; and in response to determining that the one or more applications are associated with the core library and the one or more runtime libraries: determine one or more version numbers associated with the one or more runtime libraries; and in response to the determined one or more version numbers being within a predetermined range associated with the core library, dynamically link the one or more runtime libraries and the one or more applications.

An augmented reality (AR) effect system can improve application of AR effects by sharing resources between AR effects. The AR effect system can employ manifests for AR effects that define which resources are required to render each AR effect. The AR effect system can organize rendering operations used by selected AR effects into a pipeline and can use the manifests of the AR effects to determine when each resource will be needed. Based on this pipeline, the AR effect system can create a cache order defining a resource schedule which specifies, when a resource is freed, conditions for whether to save the resource to a local cache or unload the resource. As rendering of the video with the AR effects progresses, the resource schedule can control whether resources not currently being used to render an AR effect should be unloaded or cached for fast access for future render operations.

A method for processing data includes receiving an offload request by a first virtual machine (VM), issuing, in response to the offload request and based on a processing pipeline, a processing request to a processing unit, and servicing, by the processing unit, the processing request to obtain a result.

A computer-implemented method for termination of programs associated with different addressing modes includes receiving a call to an external interface to execute a target callee program from a caller program executing in a primary runtime environment. The external interface allocates an interoperability term area (ITA) in a primary runtime environment. The ITA is accessible by the primary runtime environment and a secondary runtime environment. The external interface executes the target callee program in the secondary runtime environment. The target callee program sets a termination reason parameter in the ITA. In response to the target callee program setting the termination reason parameter, a termination action in the primary runtime environment is performed. Various other methods, systems, and computer-readable media are also disclosed.

Software performance can be automatically managed in a distributed computing environment. In one example, a system that can receive metrics information describing resource usage by a first instance of a service in a distributed computing environment. The system can also determine a quality-of-service (QoS) constraint for the service. The system can then modify a definition file based on the metrics information and the QoS constraint, the definition file being configured for deploying instances of the service in the distributed computing environment. The system can deploy a second instance of the service in the distributed computing environment using the modified definition file. As a result, the second instance can more closely satisfy the QoS constraint than the first instance.

A method for patching a patchable function programmed in a read only memory (ROM) of a semiconductor device by using firmware loaded onto a first memory includes receiving an encrypted and digitally signed firmware image; generating a verification result by verifying the firmware image by using a public key; decrypting the firmware image by using a secret key depending on the verification result; loading firmware decrypted from the firmware image onto the first memory; and running a replacement function corresponding to an identifier of the patchable function included in the firmware, when the patchable function is called.

Systems and methods may generally include sending an executable application, which when executed, automatically causes a monetary transfer. An example method may include performing, at a first user device, a handshake with a second user device, receiving, during the handshake, an operating capability of the second user device, and configuring, based on the operating capability of the second user device, an executable application, which when executed, automatically causes a monetary transfer to occur. The configured executable application may be sent to the second user device for execution.

A method and apparatus of a device for resource management by using a hierarchy of resource management techniques with dynamic resource policies is described. The device terminates several misbehaving application programs when available memory on the device is running low. Each of those misbehaving application programs consumes more memory space than a memory consumption limit assigned to the application program. If available memory on the device is still low after terminating those misbehaving application programs, the device further sends memory pressure notifications to all application programs. If available memory on the device is still running low after sending the memory pressure notifications, the device further terminates background, idle, and suspended application programs. The device further terminates foreground application programs when available memory on the device is still low after terminating the background, idle, and suspended application programs.

A system and method for partition administrative (admin) targeting in an application server, cloud, or other computing environment. An application server can include one or more partitions, wherein each partition provides an administrative and runtime subdivision of a domain. An administrative virtual target associated with a partition enables an administrator to identify an administrative resource group, including one or more administrative applications or resources, for use with the partition. A partition administrative lifecycle state (e.g., SHUTDOWN) can be associated with various substates (e.g., BOOTED or HALTED). When a partition is associated with a first state or substate (e.g., SHUTDOWN.BOOTED), the administrative resource group in that partition continues to run at an associated target, while other resource groups are shut down. When a partition is associated with a second state or substate (e.g., SHUTDOWN.HALTED), all of the resource groups, including administrative resource groups, in that partition are shut down.