In described examples, a processor system includes a mailbox, a hardware security functional block (HSFB, also called a trusted agent herein), a processor, and a processor firewall. The HSFB includes a database configured to store at least one software context access rule. The processor executes multiple software contexts. The HSFB approves or denies an access request received from a debugging tool, via the mailbox, in response to the database and a software context identification (ID) included in the access request. The HSFB sends a message to the processor firewall indicating whether the access request is approved. The processor firewall determines whether to pass instructions to the processor for execution with respect to the identified software context in response to the message.

One disclosed method involves determining, by at least one computing system and based at least in part on input provided to a meeting application, at least a first topic of interest for a first user accessing the meeting application via a first client device, in response to determining the first topic of interest, querying, by the at least one computing system, at least one data source, external to the meeting application, for information corresponding to the first topic of interest, and causing, by the at least one computing system, the first client device to display a representation of the information.

In a computer system, an orchestration platform includes extensible components that interact with external systems and technology. The platform is secured by means of architectural features, encryption, and access control.

Some embodiments provide a local controller on a set of host computers that reduce the volume of data that is communicated between the server set and the set of host computers. The local controller executing on a particular host computer, in some embodiments, receives a portion of the namespace including only the policies (e.g., opcode) that are relevant to API-authorization processing for the applications executing on the particular host computer provided by a local agent executing on the computer to authorize the API requests based on policies and parameters. The local controller analyzes the received policies (e.g., policy opcodes) and identifies the parameters (e.g. operands), or parameter types, needed for API-authorization processing (e.g., evaluating the policy opcode upon receiving a particular API request) by the local agent. In some embodiments, the local controller performs this analysis for each updated set of policies (e.g., policy opcodes).

Examples described herein include systems and methods for providing user-specific applications on a shared user device. The user device can receive a first instance of an application having a Package ID that includes an identification of a first user. When the first user is logged in, the user device can display an icon associated with the first instance of the application, based on the Package ID including an identification of the first user. When the first user is not logged in, the user device can hide the first instance of the application. When a second user is logged in, the device can display a second instance of the application based on the Package ID of the second instance including an identification of the second user. The user device can also display the same instance of a shared application to both the first and second user.

An artefact is received. Features are later extracted from the artefact and are used to populate a vector. The vector is input into a classification model to generate a score. This score is then modified using a time-based oscillation function and is provided to a consuming application or process. Related apparatus, systems, techniques and articles are also described.

Described herein are methods, systems and computer products for supporting user interactive actions in workflows integrating multiple disparate web applications by adding (embedding) one or more User Interface (UI) elements in one or more webpages of one or more web applications and linking them with respective workflows. Users visiting these webpages may engage with the added UI elements to interact with the linked workflows. Further described are methods, systems and computer products for enhancing performance of one or more workflows integrating multiple disparate web applications by adjusting the workflows to asynchronously initiate actions which are independent of each other such that the independent actions are executed simultaneously.

A method and a device for managing a node includes: initiating, by an application program, a first request by calling an interface function, where the first request is used to perform an operation on a feature node in a kernel; searching, based on a keyword of the interface function, a table used for node management for an entry corresponding to the feature node, where the entry includes a node identifier of the feature node and a user handle identifier of the feature node; and performing, by the user program, the operation on the feature node based on the user handle identifier. A program running in user space can be prevented from directly accessing a feature node in kernel space, thereby improving system security.

An app migration system including at least one processor which places an app in one of an inside and an outside of a space joined by at least one user in a user group in which information is shareable; sets, for the app, a permission corresponding to a placement location of the app; migrates the app in one of a route between a public space and a private space and a route between the inside and the outside of the space; and sets, for the migrated app, a permission corresponding to a migration destination of the app.

A method includes displaying a user interface having a first region with one or more user interface elements and determining whether a shield is in a locked state or an unlocked state. The shield covers the first region when in the locked state and uncovers at least part of the first region when in the unlocked state. The method includes, in response to determining that the shield is in the locked state, displaying the shield covering the first region and disabling the user interface element(s). The method includes, in response to receiving user input on the shield while the shield is in the locked state, changing the shield to the unlocked state. Additionally, the method includes, in response to determining that the shield is in the unlocked state, displaying the first region such that the user interface element(s) is/are not covered by the shield and enabling the user interface element(s).