An information processing apparatus includes a display unit that displays a first list which is a list of available software and a second list which is a list of software installed on a target device; and a receiving unit that receives an instruction operation of installing the software displayed in the first list on the target device and an instruction operation of performing a predetermined process on the installed software displayed in the second list, in which the display unit continues to display the software in the second list, in a case where the software included in the second list is no longer newly provided, and the display unit does not display the software in the first list or displays a fact that it is not allowed to install the software, in a case where the software included in the first list is no longer newly provided.

The present disclosure pertains to a system configured to prepare and use prediction models for software diversification. Some embodiments may: obtain compilation data; identify a plurality of blocks from the compilation data; and pad each of one or more blocks of the plurality of blocks by a random amount such that executable instructions within the each block begin at a different location to prevent a deterministic memory addressing attack, none of the one or more blocks being a beginning block of the compilation data.

A predetermined credential system for remote administrative operating system (OS) authorization and policy control is disclosed. Administrative activities are packaged in single-use downloaded software. When executed, the administrative access to the OS is activated before completing the administrative activities. The single-use downloaded software has policies that reacts to the condition of the user computer. The single-use downloaded software can be protected with a credential to prevent activation in an unauthorized way.

Methods, apparatus, systems, and articles of manufacture are disclosed to defend against dynamic-link library (DLL) side-loading attacks. An example apparatus includes a fingerprint generator to determine a first DLL fingerprint of a first DLL stored at a first OS path referenced by an operating system (OS) event generated by a computing device, and, in response to determining that a second DLL having the same name as the first DLL is stored at a second OS path superseding the first OS path, determine a second DLL fingerprint of the second DLL, a fingerprint comparator to determine whether at least one of the first or the second DLL fingerprint satisfies a deviation threshold based on a comparison of the first and the second DLL fingerprint to a reference DLL fingerprint, and a security action enforcer to execute a security action to protect a computing device from an attack.

A context of one or more interactions is determined. Base objects are transformed into interpreted objects by interpreting the base objects based on evaluation of the context, and by resolving references of the base objects relative to domain model types and concepts, each of the base objects modeled using a same declarative modeling language, the same declarative modeling language enabling transitions between the interpreted objects, at least one of the interpreted objects including at least one post-condition providing hooks for transition policies which allow the at least one of the interpreted objects to be logically chained in a non-linear process. Transitioning between at least two of the interpreted objects by chaining the at least two interpreted objects based on a particular post-condition of a particular interpreted object to create at least a portion of a particular non-linear process. At least a portion of the particular non-linear process is executed.

An external trusted time source is implemented over a network for conditional access system (CAS)/digital rights management (DRM) client devices. A client device includes untrusted software and a trusted execution environment (TEE) for processing an entitlement management message (EMM) that includes an epoch sequence number (ESN) transmitted from an EMM server using a first network connection. A remaining client key set (CKS) lifetime value is stored and updated in the TEE based on the ESN processed.

Remote administration of initial computer operating system setup options is facilitated by systems and mechanisms that provide such initial setup options to a computing device during an earlier stage of the operating system setup. An administrator defines, in a profile, how such initial setup options are to be set and when an operating system is being set up it communicates with licensing servers to validate the copy of the operating system. If authorized, and if set up by an administrator, initial setup options are provided to the computing device at such an early stage of the operating system setup. Processes executing on the computing device then utilize software licensing application program interfaces to not only validate the copy of the operating system, but also to set the initial setup options in the manner pre-specified by the administrator. A customized directory service login user interface is one such initial setup option.

Technologies for untrusted code execution include a computing device having a processor with sandbox support. The computing device executes code included in a native domain in a non-privileged, native processor mode. The computing device may invoke a sandbox jump processor instruction during execution of the code in the native domain to enter a sandbox domain. The computing device executes code in the sandbox domain in a non-privileged, sandbox processor mode in response to invoking the sandbox jump instruction. While executing in the sandbox processor mode, the processor denies access to memory outside of the sandbox domain and may deny execution of one or more prohibited instructions. From the sandbox domain, the computing device may execute a sandbox exit instruction to exit the sandbox domain and resume execution in the native domain. The computing device may execute processor instructions to configure the sandbox domain. Other embodiments are described and claimed.

Systems, methods, and computer program products to perform an operation comprising monitoring a privileged storage of a computing system, wherein at least a portion of the privileged storage stores a microcode of the computing system, determining, based on the monitoring, that a first location of the privileged storage includes an instruction, determining that the first location is designated as an unused location of the privileged storage, and performing a predefined operation to remove the instruction from the first location of the privileged storage.

There is provided a user device including a transceiver, a processor, and a memory. The memory stores a device management application (DMA) arranged to disable at least one function of the user device in accordance with an operative device policy state of the user device, and a device policy schedule comprising a queue of device policy states each having an associated respective set of policy data. Responsive to receiving, from a remote system via the transceiver, first synchronisation data indicating a first device policy state in the queue of device policy states, the DMA is arranged to update the operative device policy state of the user device to the indicated first device policy state.