A request associated with one or more privileges assigned to a first entity may be received. Each of the one or more privileges may correspond to an operation of an integrated circuit. Information corresponding to the first entity and stored in a memory that is associated with the integrated circuit may be identified. Furthermore, the memory may be programmed to modify the information stored in the memory that is associated with the integrated circuit in response to the request associated with the one or more privileges assigned to the first entity.

A request associated with one or more privileges assigned to a first entity may be received. Each of the one or more privileges may correspond to an operation of an integrated circuit. Information corresponding to the first entity and stored in a memory that is associated with the integrated circuit may be identified. Furthermore, the memory may be programmed to modify the information stored in the memory that is associated with the integrated circuit in response to the request associated with the one or more privileges assigned to the first entity.

Each of a secure computation server apparatuses includes a random number generation part that generates random numbers using a pseudo random number generator shared among the secure computation server apparatuses; a seed storage part that shares and stores a seed(s) used for generating random numbers in the random number generation part; a pre-generated random number storage part that stores random numbers generated by the random number generation part; a share value storage part that stores a share(s) to be a target of processing; a logical operation part that computes a carry to be transmitted and received among the secure computation server apparatuses using the random numbers and the share(s) to be a target of processing; an inner product calculation part that removes a mask from the carry; and an arithmetic operation part that performs a processing of erasing the carry to obtain a processing result.

Each of a secure computation server apparatuses includes a random number generation part that generates random numbers using a pseudo random number generator shared among the secure computation server apparatuses; a seed storage part that shares and stores a seed(s) used for generating random numbers in the random number generation part; a pre-generated random number storage part that stores random numbers generated by the random number generation part; a share value storage part that stores a share(s) to be a target of processing; a logical operation part that computes a carry to be transmitted and received among the secure computation server apparatuses using the random numbers and the share(s) to be a target of processing; an inner product calculation part that removes a mask from the carry; and an arithmetic operation part that performs a processing of erasing the carry to obtain a processing result.

A semiconductor device includes a first control unit, a second control unit, a random number generator, a first memory in which random numbers generated by the random number generator are stored, an encryption engine configured to perform encryption and decryption processes by using the random numbers stored in the first memory, and a second memory in which information related to random number generation is stored. The second control unit is configured to generate the random numbers by the random number generator based on the information related to random number generation.

A proactively protected (P2) processing system and method is invented for stopping the cyber-attacks from malicious usages of computing systems. The invention is applicable to eliminate the roots of the cyber-threats before a successful cyber-incident. Thereby, demand for resilient computing systems to survive a cyber-incident will be disappeared. Any recovery act and information loss is not happened. The invention dynamically switches a plurality of instruction sets at random or scheduled time for determining authorized operations with code compatibility. Therefore, a P2 processing system and method can detect and delete only unauthorized operations before being executed while executing authorized operations.

A tamper resistant device can be used for an integrated circuit card. The device includes memory storing a first security domain that includes a telecommunication profile and a second security domain that includes an application profile. A first physical interface is configured to be coupled to a baseband processor configured to operate with a mobile telecommunications network. A second physical interface configured to be coupled to an application processor. The first physical interface configured to allow the baseband processor to access the telecommunication profile and the second physical interface is configured to allow the application processor to access the application profile. The tamper resistant device is configured to enable accessibility to the application profile if corresponding commands are received at the first interface and to enable accessibility to the telecommunication profile if corresponding commands are received at the second interface.

The disclosed system implements techniques to secure communications for injecting a workload (e.g., a container) into a virtual network hosted by a cloud-based platform. Based on a delegation instruction received from a tenant, a virtual network of the tenant can connect to and execute a workload via a virtual machine that is part of a virtual network that belongs to a resource provider. To secure calls and authorize access to the tenant's virtual network, authentication information provided with a call from the virtual network of the resource provider may need to match authorization information made available via a publication service of the cloud-based platform. Additionally or alternatively, an identifier of a NIC used to make a call may need to correspond to a registered name of the resource provider for the call to be authorized. These checks provide increased security by preventing unauthorized calls to the tenant's virtual network.

Embodiments of the present invention relate to password authentication. According to an embodiment of the present invention, a password associated with a user identification is received from a user device. The password is authenticated based on a preset relationship between a seed password and a graphical password associated with the user identification. The seed password consists of a string of characters. The graphical password is a directed path traversing all keys of a keypad in an order. Each of the keys represents one of the characters and is associated with an order number according to the order of the keys being traversed. The preset relationship is that the password consists of respective order numbers associated with respective keys representing corresponding characters of the seed password.

Embodiments of the present invention relate to password authentication. According to an embodiment of the present invention, a password associated with a user identification is received from a user device. The password is authenticated based on a preset relationship between a seed password and a graphical password associated with the user identification. The seed password consists of a string of characters. The graphical password is a directed path traversing all keys of a keypad in an order. Each of the keys represents one of the characters and is associated with an order number according to the order of the keys being traversed. The preset relationship is that the password consists of respective order numbers associated with respective keys representing corresponding characters of the seed password.