A method includes performing a validation process on a firmware feature description file indicating a set of firmware features in an integrated circuit package, and communicating a result of the validation process to firmware feature enablement logic residing in the integrated circuit package.

One example method includes receiving, from a VM, a request for a software license, in response to the request, transmitting a UUID to the VM, receiving, from the VM, a response that comprises a first encrypted UUID corresponding to the request, and transmitting a client object that includes the first encrypted UUID, and the client object serves as a request for entry of the client object in a database of a cloud computing site.

A usage control method for a medical detection device, a system and a medical detection device. The method includes: receiving, by the medical detection device, an operation instruction inputted by an operator, and prompting the operator to input an authorization file when the operation instruction instructs to perform configuration authorization; receiving an authorization file inputted by the operator, and displaying an operation interface corresponding to the operation instruction when the authorization file passes authentication; where the authorization file is generated by a dongle inserted into the medical detection device according to the number of available times and the device identification; executing, by the medical detection device, configuration content inputted by the operator on the operation interface. Since the authorization file is unique to the medical detection device and an unauthorized operator cannot easily obtain the authorization file, the operation security of medical detection device can be greatly improved.

Embodiments provide a mutable CRTM schema for ensuring the integrity of a client workload on a single system as updates are made to the firmware used to initialize and run that system by booting a computing system in a secure mode; when successfully validating a boot image for the computing system via a secure verification code that is blocked from write access when the system is booted in a unsecure mode, allowing write access to the secure verification code; and continuing to boot the computing system in the secure mode according to the boot image. When booting the system and unseccessfully validating the boot image at the third time, the system boot is failed.

An article is authenticated by providing a magnetic security mark in the form of an optically-passive randomly-generated nanoscale magnetic pattern. The pattern is pre-imaged and this reference image is uploaded to a secure database along with an identifier for the article such as a serial number. A user of the article verifies its authenticity by scanning it magnetically to obtain a scanned image of the magnetic pattern. The serial number is used to retrieve the previously uploaded reference image which is compared to the scanned image. If the images match, the article's authenticity is confirmed. A single article may have multiple magnetic security marks, each unique, placed at predetermined, non-uniform locations. The magnetic patterns are generated using thin film deposition of yttrium iron garnet. In one embodiment the article is a physical key having additional security features, such as mechanical features and a radio-frequency identification chip.

Disclosed is a content wallet device to which a storage device storing a content is connected including a communication unit for communication between the content wallet device and a user terminal device; an encryption unit generating encryption data including a user ID and a password for authentication between the content wallet device and the user terminal device; a switch unit controlling an electrical connection between the storage device and the communication unit; and a reset unit initializing the generated password when the electrical connection between the storage device and the communication unit is released by the switch unit.

A Software in the Loop (SiL) system and method is disclosed which may include a simulator operable to provide an environment to simulate dynamic systems, enable rapid development, validation of systems, and testing of complex systems. The system and method may include assembling one or more unsecured models operable to simulate the real-world system. The system and method may then encrypt and generate at least one secured model from the one or more unsecured models using a first cryptographic key. The at least one secured model may be decrypted using a sealed decryption key. The decrypted secured model may then be executed within the one or more TEEs. The at least one secured model may be operable to process incoming data and outgoing data.

The present disclosure provides systems and methods for timed unlocking and locking of hardware intellectual properties obfuscation. One such method includes determining whether received key inputs match a functional key sequence of an integrated circuit or a test key sequence of the integrated circuit; permanently enabling operation of the integrated circuit responsive to the received key inputs being determined to be a functional key sequence for permanently enabling operation of the integrated circuit; temporarily enabling operation of the integrated circuit responsive to the received key inputs being determined to be the test key sequence for temporarily enabling operation of the integrated circuit to perform testing of the functionality and disable thereafter; and locking sequential logic and combinational logic of the integrated circuit if the received key inputs are determined to not be either the functional key sequence or the test key sequence. Other systems and methods are also provided.

A method secures a system that includes an application owner, a master application, and a plurality secure platforms. The master application receives from the application owner an application and an input. The application computes a function to calculate an output from the input. The master application deploys replicas of the application on a number of the secure platforms. The master application establishes a secure channel with each of the replicas, and sends at least a portion of the input to the replicas. The master application receives a result calculated by each of the replicas. The result is determined according to the function and the at least the portion of input. The master application determines the output based on the result received from each of the replicas; and sends to the application owner, the output.

A method for detecting, identifying, and mitigating advanced persistent threats in a computer network having one or more computers includes a processor in the computer network: receiving a request to access a resource in the computer network; identifying the request as originating from an application executing on the computer network; executing an anomaly operation to determine a behavior of the application is one of anomalous and not anomalous; executing a privilege operation to determine the request is one of permanently allowed and not-permanently allowed; granting access to the resource for both a non-anomalous-behaving application and a permanently allowed request; and generating and displaying, on a graphical user interface of the computer network, and prompt for either an anomalous-behaving application or a not-permanently allowed request.