In an example implementation according to aspects of the present disclosure, a system receives behavioral biometric data associated with a user of a computing device. The system determines whether an identity of the user is authenticated based on a comparison of the received behavior biometric data and historical behavioral biometric data associated with the user of the computing device. In response to determining that the identity of the user is not authenticated based on the comparison of the received behavioral biometric data and the historical behavioral biometric data, the system receives physiological biometric data associated with the user. The system determines whether the identity of the user is authenticated based on a comparison of the received physiological biometric data and historical physiological biometric data associated with the user of the computing device.

An online system receives a content item including a link to a landing page and determines a likelihood the landing page violates an online system policy based on a structural similarity between the landing page and a web page violating the policy. To determine the likelihood, the online system determines a hierarchical structure associated with the web page violating the policy and an additional hierarchical structure associated with the landing page. The hierarchical structure represents a structure of at least a portion of the web page and the additional hierarchical structure represents a structure of a corresponding portion of the landing page. The online system compares the hierarchical structure and additional hierarchical structure. Based on the comparison, the online system computes a measure of dissimilarity between the hierarchical structure and additional hierarchical structure and determines a likelihood the landing page violates the policy based on the measure of dissimilarity.

In one embodiment, a processor includes a memory hierarchy and a core coupled to the memory hierarchy. The memory hierarchy stores encrypted data, and the core includes circuitry to access the encrypted data stored in the memory hierarchy, decrypt the encrypted data to yield decrypted data, perform an entropy test on the decrypted data, and update a processor state based on a result of the entropy test. The entropy test may include determining a number of data entities in the decrypted data whose values are equal to one another, determining a number of adjacent data entities in the decrypted data whose values are equal to one another, determining a number of data entities in the decrypted data whose values are equal to at least one special value from a set of special values, or determining a sum of n highest data entity value frequencies.

In one embodiment, a processor includes a memory hierarchy and a core coupled to the memory hierarchy. The memory hierarchy stores encrypted data, and the core includes circuitry to access the encrypted data stored in the memory hierarchy, decrypt the encrypted data to yield decrypted data, perform an entropy test on the decrypted data, and update a processor state based on a result of the entropy test. The entropy test may include determining a number of data entities in the decrypted data whose values are equal to one another, determining a number of adjacent data entities in the decrypted data whose values are equal to one another, determining a number of data entities in the decrypted data whose values are equal to at least one special value from a set of special values, or determining a sum of n highest data entity value frequencies.

Examples disclosed herein relate to a computing device that includes a central processing unit, a management controller separate from the central processing unit, and a security co-processor. The management controller is powered using an auxiliary power rail that provides power to the management controller while the computing device is in an auxiliary power state. The security co-processor includes device unique data. The management controller receives the device unique data and stores a representation at a secure location. At a later time, the management controller receives endorsement information from an expected location of the security co-processor. The management controller determines whether to perform an action on the computing device based on an analysis of the endorsement information and the stored representation of the device unique data.

A method is provided for determining command-to-process correspondence. The method includes identifying, by the hardware processor, initial processes resulting from executions of container immutability change events for each of multiple containers in a cluster, based on an execution time, a process identifier and a process group identifier for each of the container immutability change events. The method further includes checking, by the hardware processor, if an initial process from among the identified initial processes matches an entry in a database that stores external container commands and at least one respective process resulting from executing each of the external container commands. The method also includes designating, by the hardware processor, a particular external command, from among the external container commands stored in the database, as having a correspondence to the initial process, responsive to the initial process matching the at least one respective process resulting from executing the particular external command.

An information processing system includes: a first receiving unit that receives, from a first user, an instruction to distribute content that the first user owns to a second user; a distribution unit that distributes the content to the second user based on the instruction; a storage unit that stores information that the content is distributed by the distribution unit; a second receiving unit that receives, from a third user, a request to use content that the third user owns; and an execution unit that executes processing in accordance with the request in a case where the content identified by the request is determined as content that has been distributed by the distribution unit, based on the information stored in the storage unit.

Authentication translation is disclosed. A request to access a resource is received at an authentication translator, as is an authentication input. The authentication input corresponds to at least one stored record. The stored record is associated at least with the resource. In response to the receiving, a previously stored credential associated with the resource is accessed. The credential is provided to the resource.

Systems, apparatuses and methods may provide for technology that assumes, by a root of trust located in a trusted region of a system on chip (SOC), control over a reset of the SOC and conducting, by the root of trust, an authentication of an update package in response to an update condition. The root of trust technology may also apply the update package to firmware located in non-volatile memory (NVM) associated with a microcontroller of the SOC if the authentication is successful.

A Software in the Loop (SiL) system and method is disclosed which may include a simulator operable to provide an environment to simulate dynamic systems, enable rapid development, validation of systems, and testing of complex systems. The system and method may include assembling one or more unsecured models operable to simulate the real-world system. The system and method may then encrypt and generate at least one secured model from the one or more unsecured models using a first cryptographic key. The at least one secured model may be decrypted using a sealed decryption key. The decrypted secured model may then be executed within the one or more TEEs. The at least one secured model may be operable to process incoming data and outgoing data.