A method for managing licenses for soft IP on a partially reconfigurable hardware system, in particular an FPGA, wherein a license manager is provided in the non-configurable part of the hardware system, or is accessible only for the non-configurable part of the hardware system, where the license manager has exclusive access to a non-volatile memory in which license data having a time restriction of the useful life of at least one soft IP is stored, where before activating a particular soft IP, the license manager checks whether the useful life has expired, where the license manager only releases use of the soft IP if the useful life has not yet expired, where the license data is changed using a key, which is stored in a non-volatile memory for license data, and where a new key is stored and the preceding key is deleted when the license data is changed.

One or more techniques and/or systems are disclosed for a smart pump register device used during fluid transfer operations. The register allows third party software, such as third-party applications, to be downloaded to the register. The third-party software may be downloaded from a cloud-based application store without hardware modifications. The third-party software may be used for various tasks associated with fluid transfer events. A fluid transfer system can comprise a cloud computing environment that can maintain an application database of third-party applications. A register device can comprise a regulated software portion and an unregulated software portion. The unregulated portion can run third party applications downloaded from the application database, and the regulated portion can remain isolated from the unregulated portion to maintain integrity of the regulated portion. A metering device can be used to communicate metering data to the register.

A system and method for concealing information associated with a physical mail package. The system is configured for maintaining a standardized schema. The standardized schema defines a set of roles. Further, a public-private key pair is generated, by the system, corresponding to each role from the set of roles. Further, the system is configured for receiving a dataset, corresponding to a physical mail package, from a client application. The dataset includes information corresponding to a set of data elements, wherein at least one data element, from the set of data elements, corresponds to a role from the set of roles. Further, the system is configured for assigning a data access location to each data element from the set of data elements. Further, the system is configured for generating an encrypted data access location by processing each data element corresponding to each role from the set of roles based on a public key corresponding to each role from the set of roles respectively. Further, the system is configured for generating a set of machine-scannable codes corresponding to each of the encrypted data access locations. Further, the system is configured for printing the set of machine-scannable codes over the physical mail package, wherein a user device corresponding to a target role is enabled with the private-key from the public-private key pair associated with the target role, and wherein the user device is configured to scan a target machine-scannable code corresponding to the target role and decrypt the encrypted target data access location to obtain the at least one data element corresponding to the target role.

Systems and methods are described for modifying input and output (I/O) to an object storage service by implementing one or more owner-specified functions to I/O requests. Such functions can include data access control functions, data manipulation functions, and the like. The owner of an object collection maintained by the object storage service can specify code execution environment rules that can give privileges to the execution of such functions such as by allowing the functions to access external services or the requesting user's private resources. In this manner, owners of the object collection are provided with greater control over how the object collection is accessed.

One example method of operation may include determining one or more of a file type and a code segment accessed during a code access event, identifying code origin information appended to the code segment during previous code access events, appending an updated code access location to the code segment identifying the current code access event and a current code location, and applying one or more code access restrictions to the code segment based on the current code location.

A method for controlling the interoperation of a plurality of software applications and resources includes intercepting communications from a first application to a second application or resource, directing the communication to a context management system, generating a candidate list of contexts for the communication, evaluating the candidate list according to at least one policy defined for these contexts to identify the resultant action and namespace for the communication, and performing the action as defined by the policies within the identified namespace. The method further includes tracking one or more versions of the second application, as well as tracking an evolution of application and/or resource names. The method further includes identifying one or more operations associated with a context on the candidate list, and executing the identified operations prior to a further communication.

A computer-implemented method includes obtaining, by a processor, existing security information for static application security testing (SAST). The method also includes using, by the processor, the existing security information to discover, by a machine capable of learning, new security information. The method also includes improving, by the processor, security of a computer using the new security information.

Methods that can embed opt-in permission for an artificial intelligence (AI) service are provided. One method includes implementing, by a processor, an access level of a plurality of access levels for user sensor data. The method further includes, based on the implemented access level, generating, from a set of raw sensor data received from a set of sensors, a set of sensor data for a user of an apparatus and gaining insight about the user of the apparatus via an AI service utilizing the set of sensor data. Here, implementing the access level provides to the user of the apparatus an embedded opt-in permission for the AI service. Systems and apparatus that can include, perform, and/or implement the methods are also provided.

A request is received from a trusted application to authorize a client application that requests a service offered by the trusted application. Whether the client application is authorized to access the trusted application is determined in view of the request. An authentication of a user of the client application is caused in response to determining the client application is authorized to access the trusted application. An authorization result is returned to the trusted application in view of the determining and the authentication.

A data storage device providing secure data storage for a software application executed by an operating system in a computer system including a file system operation interceptor that detects requests for file system operations in respect of data for the application; a file system operation analyzer that is responsive to the interceptor and that analyses an intercepted file system operation request to identify attributes associated with the file system operation; a comparator that compares the attributes with a predefined security policy definition; a cryptographic unit that encrypts and/or decrypts data using one or more cryptographic functions; wherein the cryptographic unit is operable in response to the comparator to perform an encryption or decryption operation on the data and effect the performance of the requested file system operation by the operating system.