Some examples relate generally to computer architecture software for data classification and information security and, in some more particular aspects, to verifying audit events in a file system.

A hardware security accelerator includes a configurable parser that is configured to receive a packet and to extract from the packet headers associated with a set of protocols. The security accelerator also includes a packet type detection unit to determine a type of the packet in response to the set of protocols and to generate a packet type identifier indicative of the type of the packet. A configurable security unit includes a configuration unit and a configurable security engine. The configuration unit configures the configurable security engine according to the type of the packet and to content of at least one of the headers extracted from the packet. The configurable security engine performs security processing of the packet to provide at least one security result.

A portable computer providing high level of security comprises of two completely logically and electrically isolated computer modules within one tamper resistant enclosure. One computer module is for Higher-Security applications (refer higher-security to as “red”) and the other is for Lower-Security applications such as email and internet (refer lower-security to as “black”). The two modules are coupled together to secure Peripheral Sharing Switch that enables intuitive user interaction while minimizing the security risk resulted from sharing same peripheral device.

An input information management system for a vehicle that can be used by using each of a plurality of electronic keys, the system managing input information that is input by a user, where the system includes a key information acquisition unit that acquires and stores key information of an electronic key, when an operation is performed on the vehicle using the electronic key, and an input information erasure unit that erases the input information that is stored in a storage device, where, when the key information is acquired by the key information acquisition unit, the input information erasure unit compares current key information that is acquired with last key information that is last stored by the key information acquisition unit before acquisition of the current key information, and erases the input information that is stored in the storage device on a basis of a result of the comparison.

A system includes a data store, memory, and hardware processor. The data store includes a dataset with first and second blocks of data. The memory stores first and second encryption algorithms. The processor receives a request to transmit the dataset to a first user's device. The processor encrypts the dataset by applying the first encryption algorithm to the first block and the second encryption algorithm to the second block, in response to determining a first level of security for the first block and a second level of security for the second block. The processor also applies an access control to the encrypted dataset, based on a characteristic of the first user, and transmits the encrypted dataset to the first user. The access control prevents a second user with a characteristic incompatible with the characteristic of the first user from accessing the encrypted dataset.

A method of certifying a state of a platform includes receiving one or more software elements of a software stack of the platform by an authentication module and performing a hash algorithm on the software stack to generate one or more hash values. The software stack uniquely determines a software state of the platform. The method includes generating creation data, a creation hash, and a creation ticket, corresponding to the hash values and sending the creation ticket to the platform. The method also includes receiving the creation ticket by the authentication module and certifying the creation data and the creation hash based on the creation ticket. The method further includes generating a certified structure based on the creation data and performing the hash algorithm on the certified structure to generate a hash of the certified structure. The certified structure uniquely determines the software state of the platform.

A data processing apparatus includes a secure portion, wherein the secure portion includes a private key, an unencrypted private certificate key, and a seed generated based on a private certificate key, wherein the private key, the unencrypted private certificate key, and the seed are non-extractable from the secure portion. A method that uses the data processing apparatus includes the secure portion receiving a signing request; in the secure portion, generating a signature signed with a private key derived from the seed and signing the signature with the unencrypted private certificate key and thus generating a signature signed with the unencrypted private certificate key; and outputting the signature signed with the private key derived from the seed and the signature signed with the unencrypted private certificate key.

A method of selecting a distributed framework includes identifying, by a selection device coupled to a memory, at least a first cryptographic evaluator of a plurality of cryptographic evaluators, wherein identifying the at least a first cryptographic evaluator further comprises and evaluating a secure proof generated by the at least a first cryptographic evaluator, and identifying the at least a first cryptographic evaluator as a function of the secure proof, assigning, by the selection device, a confidence level of the at least a first cryptographic evaluator, and selecting, by a selection device, a distributed framework from the plurality of cryptographic evaluators as a function of the confidence level, and assigning a task to the distributed framework.

A method, system, and computer program product for dynamically ensuring SDK integrity load, at a merchant system, a software development kit (SDK) wrapper from a payment gateway system via a merchant webpage associated with the merchant system; execute the SDK wrapper, the SDK wrapper loading an SDK core when executed; determine an integrity of the SDK core; in response to determining the integrity of the SDK core, perform a handshake between the SDK wrapper and the SDK core and overload a real function exported by the SDK wrapper; and provide, from the merchant system via the SDK core, a secure payment container request to a payment gateway system.

The embodiment of the present disclosure provides a method for evolving a root of trust and an electronic device using the method. Through the present disclosure, the root of trust can be evolved several times to strengthen the security verification capability for secure boot. Different from the conventional method of burning the root of trust in the read-only memory, the present disclosure uses a block protection storage device to write a verification firmware to be added to the root of trust into an unprotected block of the block protection storage device. Further, after the writing is completed, the unprotected block in which the verification firmware is written becomes a protected block, so as to make the evolvable root of trust secure and reliable, and can achieve credibility for evolving the root of trust.