Abstract: An anti-cheating system may comprise a combination of a modified environment, such as a modified operating system, in conjunction with a trusted external entity to verify that the modified environment is running on a particular device. The modified environment may be may be modified in a particular manner to create a restricted environment as compared with an original environment which is replaced by the modified environment. The modifications to the modified environment may comprise alternations to the original environment to, for example, detect and/or prevent changes to the hardware and/or software intended to allow cheating or undesirable user behavior.

Abstract: A system and method is provided that drives microtransactions in multiplayer video games. The system may include a microtransaction arrange matches to influence game-related purchases. For instance, the system may match a more expert/marquee player with a junior player to encourage the junior player to make game-related purchases of items possessed/used by the marquee player. A junior player may wish to emulate the marquee player by obtaining weapons or other items used by the marquee player.

Abstract: A system and method for providing dynamically variable maps in a video game is disclosed. A map is provided that defines a playable space available to one or more game players in a video game. Gameplay is monitored in real-time for the detection of a trigger event. Upon detection of a trigger event, a map management engine dynamically modifies a configuration of the map to improve the gameplay experience based on the type of trigger event. Dynamic modification of a map may comprise altering one or more of the map boundary, and/or the location, position, size, number, state, etc. of one or more static map objects or dynamic map objects. As a result of the dynamic modification of the map, the map may transform from its initial (or first or beginning) configuration to a modified (or new or second) configuration.

Abstract: A system and method is provided for continuous gameplay in a multiplayer video game through an unbounded gameplay session. Players may join, exit, and later rejoin a given unbounded gameplay session at any time. A given unbounded gameplay session may therefore continue indefinitely so long as at least one player wishes to continue to gameplay. To facilitate an unbounded gameplay session, the system may score players using time-based or other parameters in a manner that is fair to players who have been playing in the unbounded gameplay session longer than other players.

Abstract: A system and method is provided that simulates gameplay of non-player characters (NPCs) distributed across networked end user devices. The system may identify end user devices that are connected to the system through a network and are available to participate in a simulation in which each participating end user device is provided with one or more NPCs to be executed. An end user device may be available to participate when it has sufficient computing capacity, such as when in an idle or standby state. As such, the system may leverage spare computing capacity of networked end user devices to execute NPCs at networked end user devices during a simulation. In this manner, the behavior of an NPC may be tested using real-world conditions that may affect gameplay, such as a network connection quality, user-to-user game engine coordination and data exchanges, and/or other real-world conditions associated with networked end user devices.

Abstract: A matchmaking system and method is provided that facilitates optimization of player matches for multiplayer video games. The system may provide a generalized framework for matchmaking using historical player data and analytics. The framework may facilitate automatic determinations of an optimal mix of players and styles to produce the most satisfying user experiences. The system may dynamically update analytical processes based on statistical or otherwise observed data related to gameplay at any given time. In this manner, the system may continually tune the matchmaking process based on observations of player behavior, gameplay quality, and/or other information.

Abstract: A system and method is provided that recommends group compositions in multiplayer video games. The system may suggest a composition of a group of players using a matchmaking process. For example, one or more players may wish to form or join a group of players for a given game, but not know what would be an appropriate mix of player styles, player roles, skill levels, and/or other player characteristics that would make an optimal group, given the player's own characteristics. The system may identify optimal groups based on matchmaking related information such as, without limitation, game profile, player profile, prior match scores, prior quality scores, and/or other information. Optimal groups may be those that have performed successfully (e.g., accomplished the most wins, objectives, etc.), are associated with the highest player enjoyment (e.g., based on match and/or quality scores), and/or otherwise are deemed to be desirable.

Abstract: A soft reservation system and method is provided facilitates an unrequested reservation of a gameplay session in multiplayer video games. A soft reservation may include a match between two or more players for one or more subsequent gameplay sessions that are reserved for the players. The system may, for instance, anticipate an interest by players in a gameplay session and make a soft reservation for the players, who may not have explicitly requested the reservation, to play in the gameplay session. A soft reservation may be made for a player based on a match score, a game profile, a player profile, and/or other information.

Abstract: A system and method is provided that drives microtransactions in multiplayer video games. The system may include a microtransaction arrange matches to influence game-related purchases. For instance, the system may match a more expert/marquee player with a junior player to encourage the junior player to make game-related purchases of items possessed/used by the marquee player. A junior player may wish to emulate the marquee player by obtaining weapons or other items used by the marquee player.

Abstract: Systems and methods are provided, whereby partitions may become enlightened and discover the presence of a hypervisor. Several techniques of hypervisor discovery are discussed, such as detecting the presence of virtual processor registers (e.g. model specific registers or special-purpose registers) or the presence of virtual hardware devices. Upon discovery, information (code and/or data) may be injected in a partition by the hypervisor, whereby such injection allows the partition to call the hypervisor. Moreover, the hypervisor may present a versioning mechanism that allows the partition to match up the version of the hypervisor to its virtual devices. Next, once code and/or data is injected, calling conventions are established that allow the partition and the hypervisor to communicate, so that the hypervisor may perform some operations on behalf of the partition.

Abstract: An online key stored by a remote service is generated or otherwise obtained, and a storage media (as it applies to the storage of data on a physical or virtual storage media) master key for encrypting and decrypting a physical or virtual storage media or encrypting and decrypting one or more storage media encryption keys that are used to encrypt a physical or virtual storage media is encrypted based at least in part on the online key. A key protector for the storage media is stored, the key protector including the encrypted master key. The key protector can be subsequently accessed, and the online key obtained from the remote service. The master key is decrypted based on the online key, allowing the one or more storage media encryption keys that are used to decrypt the storage media to be decrypted.

Abstract: Computer systems and environments implemented herein permit a local machine increased participation in authorizing access to protected content. An operating system attests to a computing environment at a corresponding computer system. If the computing environment is one permitted to access protected content, the operating system is permitted to regulate further (e.g., application) access to protected content in accordance with a procreation policy. As such, authorization decisions are partially distributed, easing the resource burden on a content protection server. Accordingly, this computing environment can facilitate more robust and efficient authorization decisions when access to protected content is requested.

Abstract: An online key stored by a remote service is generated or otherwise obtained, and a storage media (as it applies to the storage of data on a physical or virtual storage media) master key for encrypting and decrypting a physical or virtual storage media or encrypting and decrypting one or more storage media encryption keys that are used to encrypt a physical or virtual storage media is encrypted based at least in part on the online key. A key protector for the storage media is stored, the key protector including the encrypted master key. The key protector can be subsequently accessed, and the online key obtained from the remote service. The master key is decrypted based on the online key, allowing the one or more storage media encryption keys that are used to decrypt the storage media to be decrypted.

Abstract: Tools and techniques for securely launching encrypted operating systems are described herein. The tools may provide computing systems that include operating systems (OSs) that define boot paths for the systems. This boot path may include first and second OS loader components. The first loader may include instructions for retrieving a list of disk sectors from a first store, and for retrieving these specified sectors from an encrypted second store. The first loader may also store the sectors in a third store that is accessible to both the first and the second loader components, and may invoke the second loader to try launching the OS using these sectors. In turn, the second loader may include instructions for retrieving these sectors from the third store, and for unsealing a key for decrypting these sectors. The second loader may then decrypt these sectors, and attempt to launch the OS from these sectors.

Abstract: A system and method are provided, whereby data that is easily re-created is separated from data that is not easily re-created, such that the easily re-created data can be disposed of based on a variety of events and the not easily re-created data can be kept in its original state. In one aspect of the invention, such easily re-created data is disposed of based on a “panic button” being pushed by a computer system user, such as when a user becomes aware that some malware has infected the computer system. In other aspects of the invention, such data is disposed of every time the computer system boots up, or detects via its anti-virus program that some malware is present. In other aspects of the invention, the easily re-created data can be rolled back or rolled forward without affecting the non-easily re-created data.

Abstract: An anti-cheating system may comprise a combination of a modified environment, such as a modified operating system, in conjunction with a trusted external entity to verify that the modified environment is running on a particular device. The modified environment may be may be modified in a particular manner to create a restricted environment as compared with an original environment which is replaced by the modified environment. The modifications to the modified environment may comprise alternations to the original environment to, for example, detect and/or prevent changes to the hardware and/or software intended to allow cheating or undesirable user behavior.

Abstract: Various embodiments of the present invention are directed to augmented interrupt controllers (AICs) and to synthetic interrupt sources (SISs) providing richer interrupt information (or “synthetic interrupts” or “SIs”). The AIC and SIS provide efficient means for sending and receiving interrupts, and particularly interrupts sent to and received by virtual machines. Several of these embodiments are specifically directed to an interrupt controller that is extended to accept and deliver additional information associated with an incoming interrupt. For certain such embodiments, a memory-mapped extension to the interrupt controller includes a data structure that is populated with the additional information as part of the interrupt delivery. Although several of the embodiments described herein are disclosed in the context of a virtual machine system, the inventions disclosed herein can also be applied to traditional computer systems (without a virtualization layer) as well.

Abstract: The present invention extends to methods, systems, and computer program products for protecting content. Embodiments of the invention permit a local machine increased participation in authorizing access to protected content. An operating system attests to a computing environment at a corresponding computer system. If the computing environment is one permitted to access protected content, the operating system is permitted to regulate further (e.g., application) access to protected content in accordance with a procreation policy. As such, authorization decisions are partially distributed, easing the resource burden on a content protection server. Accordingly, embodiments of the invention can facilitate more robust and efficient authorization decisions when access to protected content is requested.

Abstract: Tools and techniques for securely launching encrypted operating systems are described herein. The tools may provide computing systems that include operating systems (OSs) that define boot paths for the systems. This boot path may include first and second OS loader components. The first loader may include instructions for retrieving a list of disk sectors from a first store, and for retrieving these specified sectors from an encrypted second store. The first loader may also store the sectors in a third store that is accessible to both the first and the second loader components, and may invoke the second loader to try launching the OS using these sectors. In turn, the second loader may include instructions for retrieving these sectors from the third store, and for unsealing a key for decrypting these sectors. The second loader may then decrypt these sectors, and attempt to launch the OS from these sectors.

Abstract: Bifurcated processes, in which a shadow process in a first environment is controlling thread scheduling for a trusted agent in a second, high assurance environment, can be debugged via a two-phase initialization of the debugger. In the first phase, initial set up is accomplished for the trusted agent, but no shadow process will schedule execution for any thread of the trusted agent. The debugger will then be attached. In a second phase, the shadow process will begin scheduling threads for the trusted agent. In order to allow the debugger access to the process memory of the trusted agent or to set or get information regarding a particular thread of the trusted agent, a thread which is either a thread belonging to the trusted agent or belonging to the second execution environment and matched with the trusted agent is used.