Described herein are systems and methods that allow for secure wireless communication between a contact lens system and an accessory device to protect sensitive data and prevent unauthorized access to confidential information. In certain embodiments, tampering attempts by potential attackers are thwarted by using a Physically Unclonable Functions (PUF) circuit that is immune to reverse engineering. In addition, sensors monitor a to-be-protected electronic device to detect tampering attempts and physical attacks to ensure the physical integrity of the communication system.

An access key for a device having a fingerprint activated lock includes an electrically conductive member having surface features formed on a surface thereof that can be recognized by the fingerprint activated lock as a unique fingerprint. A second electrically conductive member is electrically coupled to the first electrically conductive member. The second electrically conductive member is electrically coupled to the body of a user such that the sensor recognizes the first electrically conductive member as a fingerprint. The second electrically conductive member is preferably a ring, stylus or gripping portion upon which the first electrically conductive member is mounted. The electrically conductive member is preferably constructed from a capacitive elastomer such as an electrically conductive silicone. The access key functions as a synthetic fingerprint to limit access to a system to a possessor of the key. Access to the system provided by key can be limited to a predetermined period of time or a selected geographic area.

There is disclosed a method of providing an authentication service, wherein: i) a plurality of authentication virtual appliances is deployed in a distributed network by way of an authentication management platform application; ii) a pool of authentication licences is allocated to the authentication management platform application, each licence comprising computer code permitting an end user to authenticate his/her identity to at least one authentication virtual appliance by way of a predetermined computer-implemented authentication protocol; and iii) the management platform application allocates, revoke and reallocate authentication licences, from the pool of authentication licences, to end users by way of a graphical user interface.

An example memory subsystem includes a memory component and a processing device, operatively coupled to the memory component. The processing device is configured to receive a plurality of logical-to-physical (L2P) records, wherein an L2P record of the plurality of L2P records maps a logical block address to a physical address of a memory block on the memory component; determine a sequential assist value specifying a number of logical block addresses that are mapped to consecutive physical addresses sequentially following the physical address specified by the L2P record; generate a security token encoding the sequential assist value; and associate the security token with the L2P record.

Systems and methods support transferring control of a workspace that operates on an Information Handling System (IHS). An authorization policy is established on the IHS that is modifiable only by an arbiter of a remote orchestration service. The authorization policy specifies authorized administrators of the workspace. The authorization policy is modified to specify the arbiter and a first remote orchestrator as authorized administrators of the workspace. Administration of the workspace by the first orchestrator is allowed based on credentials that validate it as an authorized administrator specified by the policy. A notification is received of a transfer of orchestration of the workspace to a second remote orchestrator. The authorization policy is modified to specify the arbiter and the second orchestrator as authorized administrators of the workspace. Administration of the workspace by the second orchestrator is allowed based on credentials that validate it as an authorized administrator specified by the policy.

A method is for a first-time startup of a not fully personalized secure element, which serves for the use of services of a mobile communication network, in a mobile terminal. In the method, the secure element is started and requested to transmit a status message. The secure element transmits a status message in which it is stated whether the secure element: S1) contains only a bootloader but as yet no firmware image for the secure element; S2) contains a firmware image for the secure element but is not yet fully personalized; or S3) is fully personalized. The secure element is accepted in the cases S1), S2) and S3) and rejected in other cases. In the case S1), a download for a firmware image of the secure element is initiated for a first-time startup.

The present disclosure describes techniques for changing a required authentication type based on a request for a particular type of information. For example, consider a situation where a user has asked a virtual assistant “who owns this device?” By default, the device may allow biometric authentication to unlock. In response to identification of the owner by the virtual assistant, however, the device may require one or more other types of authentication (e.g., manual entry of a passcode) to unlock the device. In various embodiments, the disclosed techniques may increase the security of the device by making it more difficult for malicious entities to obtain the sensitive information or to access device functionality once the sensitive information has been disclosed. In various embodiments, this may prevent or reduce unauthorized access to the device.

A program execution device capable of protecting a program against unauthorized analysis and alteration is provided. The program execution device includes an execution unit, a first protection unit, and a second protection unit. The execution unit executes a first program and a second program, and is connected with an external device that is capable of controlling the execution. The first protection unit disconnects the execution unit from the external device while the execution unit is executing the first program. The second protection unit protects the first program while the execution unit is executing the second program.

Methods, systems, and computer programs are presented for securing a computing device. One security device includes a processor, memory and a connector. The memory includes a computer program that, when executed by the processor, performs a method. The method includes operations for detecting that the connector is coupled to a second computing device, and for determining a user associated with the security computing device. In addition, the method includes operations for receiving periodic images from an image capture device coupled to the second computing device, and for performing continuous authentication operations to validate an identification of the user based on the periodic images. The user is disabled from using the second computing device after an authentication operation fails.

Secure voltage adjustment techniques for computing systems and processing devices are presented herein. In one example, a method of controlling operating voltages for a processing device includes initializing a security portion of the processing device after application of input voltages to the processing device as supplied by voltage regulation circuitry according to voltage identifiers (VIDs) established for the processing device. The method includes, in the security portion, generating adjusted input voltages based on at least the VIDs and authenticated voltage offset information stored according to a digitally signed security process, and instructing the voltage regulation circuitry to supply the adjusted input voltages to the processing device.