Systems, computer program products, and methods are described herein for authenticating a user using an application specific integrated circuit embedded within a user device. The present invention is configured to receive an indication that a user has initiated an application on the user device; determine that the application is associated with the application specific integrated circuit embedded within the user device; activate the application specific integrated circuit based on at least determining that the application is associated with the application specific integrated circuit; receive an indication that the user has initiated an execution of an action, via the application, with an entity; and execute the action using the application specific integrated circuit based on at least receiving the indication that the user has initiated the execution of the action.

The present disclosure provides a method for securely updating firmware components, which is used in connection with an electronic device including a universal serial bus human interface device interface. The method includes: downloading a deformed patch executable file by the electronic device, wherein the deformed patch executable file is deformed from a patch executable file including a plurality of binary files, and each of the binary files is configured with an address reference label; and executing the deformed patch executable file and verifying whether a digital signature of the deformed patch executable file is authorized or not. If the digital signature of the deformed patch executable file is authorized, providing an update tool for updating the corresponding firmware component. If the digital signature of the deformed patch executable file is not authorized, prompting that the digital signature is unauthorized.

The present disclosure provides a spark query method and system supporting trusted computing. The method comprises receiving a SQL query statement input by a user; performing parsing, logical plan analysis, logical plan optimization and physical plan generation for the SQL query statement; re-implementing an operator in the physical plan by using SGX API, and generating an execution code; invoking an enclave trusted environment to implement trusted computing for the operator, and executing the execution code. Through the present disclosure, safety of data during the calculation is ensured while the query request is processed in parallel through the spark architecture. Moreover, the spark interface provides the user with more available service and is user-friendly.

Systems and methods for establishing a data connection between a mobile device and a peripheral. The mobile device is configured to determine whether to handle user approval of the data connection between the mobile device and the peripheral. Through the mobile device, an input mechanism is provided for the user to provide input. The input is used in determining whether to approve the data connection between the mobile device and the peripheral.

The application provides an example user interface switching method and an example terminal. The method includes, after the terminal triggers a trusted user interface (TUI) display request of a client application (CA) according to a first operation on a CA interface by a user, the terminal switches a display environment of the CA from a rich execution environment (REE) to a trusted execution environment (TEE) according to the TUI display request, and then displays a trusted application (TA) interface that is of the CA and that is in the TEE. The method also includes performing, by the user, an operation of inputting sensitive information on the TA interface.

A system and method for encrypting and decrypting information is presented. In some embodiments, an endpoint token management system is provided for facilitating dynamic and random encryption and decryption methods. The system and methods may be employed in virtually any system or network, and may be used to protect virtually any type of data, whether at rest (data storage), in motion (data transfer), or in use. In some embodiments, synchronization points are used as analogs for encryption/decryption keys, enabling the encrypting system and decrypting system to begin randomly altering encryption data in a like-manner, thereby creating a constantly changing encryption field that is virtually impossible to decrypt without authorization.

A system is described herein comprising at least one application configured to run on one or more processors of a computing device for providing a data sanitization application, wherein the data sanitization application comprises identifying the device type and data capacity of a storage component. The data sanitization application comprises determining a health status of the storage component. The data sanitization application comprises initiating a data wipe of the storage component when the health status comprises a first state, wherein the data wipe comprises wiping data of the storage component using at least one data wipe method. The data sanitization application comprises auditing the data wipe by detecting data values of the storage component, the auditing including passing the data wipe when the detected data values meet at least one condition.

A system and method for managing resources of a processor is disclosed. In an illustrative embodiment, the method includes accepting a command to execute an application at least in part by the processor, executing the application using the processor, monitoring execution parameters characterizing the execution of the application by the processor, and storing the monitored execution parameters in a memory accessible to processor. In one example, the execution parameters including an identifier of the application and a time at which the application begins execution.

Techniques and apparatus for authenticating a second device by a first device includes detecting a physical attachment of the second device to the first device. In response to the detection, an indication of one or more capabilities of the second device is received and an authentication procedure with the second device is performed. A determination of whether to allow use of the one or more capabilities of the second device is made based on the authentication procedure. The first device interacts with the second device, in accordance with the determination.

A secure processor, comprising a logic execution unit configured to process data based on instructions; a communication interface unit, configured to transfer of the instructions and the data, and metadata tags accompanying respective instructions and data; a metadata processing unit, configured to enforce specific restrictions with respect to at least execution of instructions, access to resources, and manipulation of data, selectively dependent on the received metadata tags; and a control transfer processing unit, configured to validate a branch instruction execution and an entry point instruction of each control transfer, selectively dependent on the respective metadata tags.