A controller includes a host interface and a processor. The host interface is configured for communicating with a host. The processor is configured to receive from the host, via the host interface, instructions for execution in a Non-Volatile Memory (NVM), to identify among the instructions an instruction, which pertains to a secure monotonic counter and is intended for execution in an NVM having a secure monotonic counter embedded therein, and to execute the identified instruction, and respond to the host responsively to the instruction, instead of the NVM.

A method for initializing a computer system, which includes a Central Processing Unit (CPU), a Trusted Root Device and a Trusted Platform Module (TPM), includes authenticating a boot code of the CPU using the Trusted Root Device, and booting the CPU using the authenticated boot code. A challenge-response transaction, in which the TPM authenticates the Trusted Root Device, is initiated by the CPU following booting of the CPU. Only in response to successful authentication of the Trusted Root Device using the challenge-response transaction, a resource used in operating the computer system is released from the TPM.

A virtual cryptographic module is used to perform cryptographic operations. The virtual cryptographic module may include a fleet of cryptographic modules and a load balancer that determines when a cryptographic module should be added to or removed from the fleet. The fleet size may be adjusted based on detecting a set of conditions that includes the utilization level of the fleet. One or more cryptographic modules of the fleet may be used to fulfill requests to perform cryptographic operations. A cryptographic module may be a hardware security module (HSM).

A method includes generating a behavioral state for an endpoint device based on actor identities and corresponding subject identities for a plurality of operations wherein for each operation, a respective actor represented by a respective actor identity performs the operation upon a respective subject represented by a respective subject identity. Performance of a later operation by an actor with an actor identity upon a subject with a subject identity is recorded and the actor identity and the subject identity are used to determine that the performance of the later operation does not match the behavioral state and indicates a security risk.

In some examples, a secure compliance protocol may include a virtual computing instance (VCI) deployed on a hypervisor and may be provisioned with hardware computing resources. In some examples the VCI may also include a cryptoprocessor to provide cryptoprocessing to securely communicate with a plurality of nodes, and a plurality of agents to generate a plurality of compliance proofs; the VCI may communicate with a server corresponding to a node of the plurality of nodes; and receive a time stamp corresponding to at least one compliance proof based on a metric of a connected device.

A device, system, and method protects cryptographic keying material. The method is performed at an electronic device including a plurality of components housed in an enclosure. The method includes determining a tamper state of the enclosure, the tamper state being one of a secure state in which the enclosure has not been physically tampered or an unsecure state in which the enclosure has been physically tampered. When the tamper state is the secure state, the method includes associating a first value with the application. When the tamper state is the unsecure state, the method includes associating a second value with the application. The first value is configured to enable access to the data in the data storage unit. The second value prevents access to the data in the data storage unit.

Methods, media, and systems for secure provisioning of servers within a cloud computing environment are provided for herein. In some embodiments, a management service can delegate provisioning of a server of the cloud computing environment to an imaging service. In response, the imaging service can generate an operating system image for the server and can utilize disk encryption to protect to operating system image. In embodiments, a volume encryption key of the disk encryption can be encrypted utilizing a public key of a trusted platform manager of the server, to produce an encrypted volume encryption key that is protected by the trusted platform module of the server. The encrypted operating system image and the encrypted volume encryption key can then be transmitted to the server to cause the server to be provisioned with the operating system image. Other embodiments may be described and/or claimed herein.

An HSM cluster includes a set of hardware security modules that maintain a set of cryptographic keys that are synchronized across the HSM cluster. Individual applications running on client computer systems access the HSM cluster using HSM cluster clients running on the client computer systems. The HSMs are accessed via a set of HSM cluster servers that monitor the synchronization of the cryptographic keys. Synchronization of the HSMs is maintained by the HSM cluster clients. The HSM cluster clients replicate key-addition and key-deletion operations across the HSM cluster. When a new key is created by a particular HSM, a prefix associated with the particular HSM is added to the identifier associated with the new key to avoid key-namespace collisions. If the set of cryptographic keys becomes unsynchronized across the HSM cluster, applications may continue read-only cryptographic operations while the HSM cluster is resynchronized by the HSM cluster clients.

A method of accessing a trusted platform module in a computing device is disclosed. The method includes storing a platform authorization key in a memory of the computing device that includes the trusted platform module. The platform authorization key includes permitting access to the trusted platform module. The method includes obtaining a digital signature in response to the computing device requesting access to the trusted platform module. The digital signature is generated using at least a command for configuring the trusted platform module. The method includes verifying the digital signature and allowing retrieval of the platform authorization key from the memory of the computing device in order to access the trusted platform module in response to the digital signature is verified, and denying retrieval of the platform authorization key otherwise.

The Seed Splitting and Firmware Extension for Secure Cryptocurrency Key Backup, Restore, and Transaction Signing Platform Apparatuses, Methods and Systems (SFTSP) transforms transaction signing request, key backup request, key recovery request inputs via SFTSP components into transaction signing response, key backup response, key recovery response outputs. An offline transaction signing request message for a transaction is received by a first cold HSM and includes an encrypted second master key share from a second cold HSM and an encrypted third master key share from a hot HSM. A first master key share is retrieved. The encrypted master key shares are decrypted and, along with the first master key share, used to recover a master private key. A keychain path is determined. A signing private key for the keychain path is generated using the master private key. The transaction is signed using the signing private key, and the generated signature is returned.