Systems, methods and computer software are disclosed for fronthaul. In one embodiment a method is disclosed, comprising: providing a virtual Radio Access Network (vRAN) having a centralized unit (CU) and a distributed unit (DU); and interconnecting the CU and DU over an Input/Output (I/O) bus using Peripheral Component Interconnect-Express (PCIe); wherein the CU and the DU include a PCI to optical converter and an optical to PCI converter.

A device connectable between a host computer and a computer peripheral over a standard bus interface is disclosed, used to improve security, and to detect and prevent malware operation. Messages passing between the host computer and the computer peripherals are intercepted and analyzed based on pre-configured criteria, and legitimate messages transparently pass through the device, while suspected messages are blocked. The device communicates with the host computer and the computer peripheral using proprietary or industry standard protocol or bus, which may be based on a point-to-point serial communication such as USB or SATA. The messages may be stored in the device for future analysis, and may be blocked based on current or past analysis of the messages. The device may serve as a VPN client and securely communicate with a VPN server using the host Internet connection.

Computer systems and methods are disclosed to implement a virtual machine monitor (VMM) that stores cryptographic keys for guest virtual machines (VMs) and securely executes cryptographic operations on the VMs' behalf using the stored cryptographic keys. The cryptographic keys are maintained in a key store that is accessible to the VMM but not accessible to the guest VMs. The cryptographic operations are executed in a manner that does not reveal the cryptographic keys to the guest VMs. In embodiments, the guest VMs may invoke the cryptographic operations via a device driver, a memory access interface, or some other mechanism. Advantageously, the guest VMs cannot obtain the cryptographic keys in their own memory space, so that the keys cannot be exfiltrated from the guest VMs. Embodiments of the VMM may be used to implement cryptographic operations such as request signing and verification, data encryption and decryption, and others.

A decryption-enabling device for decrypting a disk image of a computer device, comprising a processor, memory and a hardware connector for connecting to the hardware interface connection of the computer device. The decryption-enabling device is arranged to create using the processor a copy of the random-access memory of the computer device, analyse using the processor the copy of the random-access memory to extract one or more potential decryption keys, and store the one or more potential decryption keys in the memory.

Methods, systems, and apparatuses associated with hardware mechanisms for link encryption are disclosed. In various embodiments, an interconnect interface is coupled to a processor core to interconnect a peripheral device to the processor core via a link established between the peripheral device and the interconnect interface. The interconnect interface is to select a cryptographic engine of a plurality of cryptographic engines instantiated in the interconnect interface for the link. The cryptographic engine is to symmetrically encrypt data to be transmitted through the link. In more specific embodiments, each of the plurality of cryptographic engines is instantiated for one of a request type on the link, a virtual channel on the link, or a request type within a virtual channel on the link.

Examples disclosed herein include are computing device hardware components, computing devices, systems, machine-readable mediums, and interconnect protocols that provide for code object measurement of a peripheral device and a method for accessing the measurements to verify integrity across a computing interconnect (e.g., Peripheral Component Interconnect Express—PCIe). For example, a cryptographic processor of a PCIe endpoint (such as a peripheral) may take a measurement (e.g., computing a hash value) of a code object on the device prior to executing the code object. This measurement may be placed in a register that is accessible to another component, such as a host operating system across a PCIe bus for interrogation. The host operating system may utilize an interconnect protocol, such as a PCIe protocol to access the measurement. These measurements may be consumed by a Trusted Platform Manager or other components of a host system that may verify the measurements.

System and method for providing trusted execution environments uses a peripheral component interconnect (PCI) device of a computer system to receive and process commands to create and manage a trusted execution environment for a software process running in the computer system. The trusted execution environment created in the PCI device is then used to execute operations for the software process.

A plug-in mobile peripheral component interconnect express module connector is disclosed, comprising a plastic body, and a first terminal set and a second terminal set disposed relatively in the plastic body. The plastic body includes transversely penetrated slots, an upper end surface of the slots has intermittently plural upper magazines, and a lower end surface has intermittently plural lower magazines. The first terminal set includes plural first elastic terminals inserted in the upper magazines, and the second terminal set includes plural second elastic terminals inserted in the lower magazines. Each first elastic terminal is opposed to each second elastic terminal, forming a holding gap. A motherboard is inserted between the first elastic terminals and the second elastic terminals from a side, and an MXM board is inserted between the first elastic terminals and the second elastic terminals from the other side.

The system or device may build one or more data packets by dividing a given payload for a packet into data blocks and inserting data checks for each data block sequentially into the packet payload. The device may generate, for each of the data blocks, a corresponding data check block corresponding to data in each data block. The device may send or arrange the data blocks and the corresponding data check blocks such that each of the data blocks is followed by the corresponding error check block in the packet. Using the corresponding check block, each of the data blocks is independently verifiable, so that the data blocks may be used upon receipt, even if the payload is not completely received.

Methods and systems are disclosed to aggregate traffic from multiple server devices through a peripheral component interconnect (PCI) hosting device. In one embodiment, the PCI hosting device comprises a network interface to couple the PCI hosting device to a network, a plurality of PCI interfaces, a processing circuit to forward packets, and a power supply to supply power to the PCI interfaces independently from the plurality of server devices. Each of the PCI interfaces is designed to be coupled to one server device to the PCI hosting device, which is registered as a first PCI board of a first server device through a first PCI interface and as a second PCI board of a second server device through a second PCI interface, and the PCI hosting device is designed to forward packets between the network interface and the first server device, and the network interface and the second server device.