Abstract: A scheme for protecting policy state information during the lifetime of a virtual machine is presented. In order to protect and preserve the policy state information of the virtual machine, a process creates a source policy, a mapping policy, and a binary policy. These policies are all different representations of a security policy. The different policy representations are chained together via cryptographic hashes.

Abstract: The present invention is directed to a session initiation protocol (SIP) infrastructure containing various user devices and the use of this infrastructure to conduct media exchange sessions among the various user devices. Included in the user devices are wearable devices, for example pendants and wrist watches, that provide readily available and accessible devices for use in controlling the media exchange sessions. SIP permits the separation of the control aspects of a session from the actual media exchange aspects to facilitate the use of wearable devices having limited processing resources as control devices. The actual media exchange is directed to user devices suitable for sending, receiving and displaying the exchanged media.

Abstract: The presented method allows a virtual TRUSTED PLATFORM MODULE (TPM) instance to map the Platform Configuration Registers (PCR) register state of a parent virtual TPM instance into its own register space and export the state of those registers to applications inside the virtual machine associated with the virtual TPM instance. Through the mapping of PCR registers, the procedure of attesting to the overall state of a virtual machine can be accelerated, since the state of all measurements relevant to the trustworthiness of a virtual machine are all visible in the combined view of mapped and non-mapped PCR registers. Registers that are mapped into the register space of a virtual TPM instance reflect the state of trustworthiness of those virtual machines that were involved in the creation of the virtual machine that is being challenged.

Abstract: An improved antenna device has an internal length compensation device, permitting a varying length expansion of the housing/radome in relation to the antenna support or reflector device located within the housing/radome. At least one of at least two internal fixing devices is provided with the internal length compensation device. The internal length compensation device is in at least two parts or has two limbs, wherein one part is fixed to the antenna support and/or reflector device and the other part is at least indirectly fixed to the housing/radome and/or supported thereby. The at least two parts can be moved relative to each other, be moved in position or deformed. In particular with relation to the support points of both parts, the position may be changed with common deformation.

Abstract: An improved component for the separation or combination of high frequency outputs includes a coaxial input port located at the front end of the outer conductor. At the opposite end of the outer conductor, a head is located with at least two, and preferably three or four, single ports which cover the outer conductor connections. The head with the single ports is built as a single part to avoid any mechanical connection junctions. The head with the single ports which form integral outer conductor connectors consists of a forged part or a cast part.

Abstract: A migration scheme for virtualized Trusted Platform Modules is presented. The procedure is capable of securely migrating an instance of a virtual Trusted Platform Module from one physical platform to another. A virtual Trusted Platform Module instance's state is downloaded from a source virtual Trusted Platform Module and all its state information is encrypted using a hybrid of public and symmetric key cryptography. The encrypted state is transferred to the target physical platform, decrypted and the state of the virtual Trusted Platform Module instance is rebuilt.

Abstract: A light-weight composite structural member including an elongated body having at least one internal recess with a tensioned cable in the recess or series of recesses. End pieces on each end of the elongated body secure the cable, which is connected to each end piece. The composite structural member is light-weight with relatively thin walls while providing enhanced benefits for resisting the combination of tension, compression and buckling forces.

Abstract: A damping valve includes a valve body, the valve body having at least one through hole and a valve seating surface. There is at least one valve disk configured to mate with the valve seating surface and at least partially seal the through hole and a first spring configured to bias the at least one valve disk towards the valve seating surface. A stop ring is configured to support the first spring on a first surface and an intermediate ring is configured to be supported by the stop ring on a second surface of the stop ring opposite the first surface. A second spring is configured to bias the intermediate ring against the stop ring.

Abstract: A system for monitoring performance of a machine for detection of visible signs of failure, the system including: a machine enclosure housing a plurality of machine parts; a visual conduit for providing a view of an interior of the machine; an interface to the machine configured to receive images from the visual conduit; and a repair network for linking the interface to a monitoring center that provides for the repair of problems with the machine.

Abstract: A machine comprises an enclosure; a plurality of parts within the enclosure; and a visual conduit for providing a view inside of the enclosure for detection of visible signs of failure of the machine. The concept of a visual conduit encompasses a broad variety of devices including cameras inside the enclosure that provide images of the interior of the enclosure and alternatively selective transparency or translucence of the enclosure relative to at least some of the parts of the machine housed within the enclosure.

Abstract: A method, system, and program product for remotely attesting to a state of computing system is provided. Specifically, the present invention allows a remote system to establish trust in the properties of the computer system. The properties to be trusted are expanded from the usual system software layers and related configuration files to novel types of data such as static data specific to the computer system, dynamic data determined at system startup, or dynamic data created as the computer system runs applications.

Abstract: A migration scheme for virtualized Trusted Platform Modules is presented. The procedure is capable of securely migrating an instance of a virtual Trusted Platform Module from one physical platform to another. A virtual Trusted Platform Module instance's state is downloaded from a source virtual Trusted Platform Module and all its state information is encrypted using a hybrid of public and symmetric key cryptography. The encrypted state is transferred to the target physical platform, decrypted and the state of the virtual Trusted Platform Module instance is rebuilt.

Abstract: A trusted platform module is presented that is capable of creating, dynamically, multiple virtual trusted platform modules in a hierarchical organization. A trusted platform module domain is created. The trusted platform module creates virtual trusted platform modules, as needed, in the trusted platform module domain. The virtual trusted platform modules can inherit the permissions of a parent trusted platform module to have the ability to create virtual trusted platform modules themselves. Each virtual trusted platform module is associated with a specific partition. Each partition is associated with an individual operating system. The hierarchy of created operating systems and their privilege of spawning new operating systems is reflected in the hierarchy of trusted platform modules and the privileges each of the trusted platform modules has.

Abstract: The presented method allows a virtual TRUSTED PLATFORM MODULE (TPM) instance to map the Platform Configuration Registers (PCR) register state of a parent virtual TPM instance into its own register space and export the state of those registers to applications inside the virtual machine associated with the virtual TPM instance. Through the mapping of PCR registers, the procedure of attesting to the overall state of a virtual machine can be accelerated, since the state of all measurements relevant to the trustworthiness of a virtual machine are all visible in the combined view of mapped and non-mapped PCR registers. Registers that are mapped into the register space of a virtual TPM instance reflect the state of trustworthiness of those virtual machines that were involved in the creation of the virtual machine that is being challenged.

Abstract: A method, system, and program product for remotely attesting to a state of computing system is provided. Specifically, the present invention allows a remote system to establish trust in the properties of the computer system. The properties to be trusted are expanded from the usual system software layers and related configuration files to novel types of data such as static data specific to the computer system, dynamic data determined at system startup, or dynamic data created as the computer system runs applications.

Abstract: A scheme for protecting policy state information during the lifetime of a virtual machine is presented. In order to protect and preserve the policy state information of the virtual machine, a process creates a source policy, a mapping policy, and a binary policy. These polices are all different representations of a security policy. The different policy representations are chained together via cryptographic hashes.

Abstract: A migration scheme for virtualized Trusted Platform Modules is presented. The procedure is capable of securely migrating an instance of a virtual Trusted Platform Module from one physical platform to another. A virtual Trusted Platform Module instance's state is downloaded from a source virtual Trusted Platform Module and all its state information is encrypted using a hybrid of public and symmetric key cryptography. The encrypted state is transferred to the target physical platform, decrypted and the state of the virtual Trusted Platform Module instance is rebuilt.

Abstract: A trusted platform module is presented that is capable of creating, dynamically, multiple virtual trusted platform modules in a hierarchical organization. A trusted platform module domain is created. The trusted platform module creates virtual trusted platform modules, as needed, in the trusted platform module domain. The virtual trusted platform modules can inherit the permissions of a parent trusted platform module to have the ability to create virtual trusted platform modules themselves. Each virtual trusted platform module is associated with a specific partition. Each partition is associated with an individual operating system. The hierarchy of created operating systems and their privilege of spawning new operating systems is reflected in the hierarchy of trusted platform modules and the privileges each of the trusted platform modules has.

Abstract: The present invention provides methods and apparatus to protect user privacy while accessing information in public places, using both public and personal devices. This is achieved by employing a mechanism that prevents private information from being displayed on public devices. Instead, this type of information is made available only to a user's personal device(s) that the user carries and/or trusts. An example embodiment of the invention shows relevant parts of the information content, referred to also as information documents or simply documents, to multiple devices based on privacy level and user preferences. Embodiments of the present invention also provide personalized services based on privacy levels defined by users. These users can for example be customers of a retail store. The service provided is sometimes also based on user history of accessing information documents. It permits personalized information to be sent to a customer's personal device.

Abstract: A current supply circuit includes an input, a load terminal, a selectively activatable current regulator, a selectively activatable adjustable current source, and a comparator circuit. The input is configured to receive a first value signal. The load terminal is configured to provide a load current that is dependent on the first value signal. The current regulator is operable to, when activated, cause a first current to be provided through the load based on the first value signal. The adjustable current source is operable to, when activated, cause a second current to be provided through the load based on the first value signal. The comparator circuit is operable to generate a comparison of the first value signal and a second value signal, and is further operable to cause selective activation of one of the current regulator or the adjustable current source based on the comparison.