Abstract: A game identifier of an encrypted streaming electronic game to be streamed to a playback device may be received. The game identifier may comprise a title of the encrypted streaming electronic game. An electronic ticket for access by the playback device to a secured portion of the encrypted streaming electronic game may be gathered. The electronic ticket may specify a first gameplay state. The electronic ticket may be used to access the secured portion of the encrypted streaming electronic game at the first gameplay state. One or more gameplay actions to transform the encrypted streaming electronic game to a second gameplay state may be received. The second gameplay state may be provided to a state server, where the state server configured to instruct a license server to modify the electronic ticket to specify the second gameplay state for the encrypted streaming electronic game.

Abstract: A game identifier of an encrypted streaming electronic game to be streamed to a playback device may be received. The game identifier may comprise a title of the encrypted streaming electronic game. An electronic ticket for access by the playback device to a secured portion of the encrypted streaming electronic game may be gathered. The electronic ticket may specify a first gameplay state. The electronic ticket may be used to access the secured portion of the encrypted streaming electronic game at the first gameplay state. One or more gameplay actions to transform the encrypted streaming electronic game to a second gameplay state may be received. The second gameplay state may be provided to a state server, where the state server configured to instruct a license server to modify the electronic ticket to specify the second gameplay state for the encrypted streaming electronic game.

Abstract: A game identifier of an encrypted streaming electronic game to be streamed to a playback device may be received. The game identifier may comprise a title of the encrypted streaming electronic game. An electronic ticket for access by the playback device to a secured portion of the encrypted streaming electronic game may be gathered. The electronic ticket may specify a first gameplay state. The electronic ticket may be used to access the secured portion of the encrypted streaming electronic game at the first gameplay state. One or more gameplay actions to transform the encrypted streaming electronic game to a second gameplay state may be received. The second gameplay state may be provided to a state server, where the state server configured to instruct a license server to modify the electronic ticket to specify the second gameplay state for the encrypted streaming electronic game.

Abstract: A technique for content management involves storing runtime state of content externally. A system created according to the technique may include a state server that receives runtime state of content from a playback device, and provides the runtime state to that or another playback device upon request. A playback device constructed according to the technique may include a content state recovery engine for recovering runtime state that was previously stored externally to the playback device. A method according to the technique may include generating the runtime state locally, storing the runtime state externally, and re-acquiring the runtime state.

Abstract: A technique for maintaining encrypted content received over a network in a secure processor without exposing a key used to decrypt the content in the clear is disclosed.

Abstract: A technique for quickly switching between a first operating system (OS) and a second OS involves deactivating the first OS and loading the second OS from dynamic memory. The technique can include inserting a context switching layer between the first OS and a hardware layer to facilitate context switching. It may be desirable to allocate dynamic memory for the second OS and preserve state of the first OS before deactivating the first OS and loading the second OS from the dynamic memory.

Abstract: A technique for maintaining encrypted content received over a network in a secure processor without exposing a key used to decrypt the content in the clear is disclosed.

Abstract: A method may be executed by a secure processor having secure cryptography hardware implemented thereon. The method may be executed in a security kernel of a secure on-chip non-volatile (NV) memory coupled to the secure processor. The method may include: storing a rewritable state and a device private key based at least in part on a programmed secret seed and the rewritable state, the device private key being part of a cryptographic key pair comprising a public key associated with the device private key, and the rewritable state being a state of a secure application encrypted with the public key; providing one or more instructions to gather the device private key and from the private key datastore; and using the device private key to generate a device certificate, the device certificate providing the device with access to the secure application.

Abstract: A method may be executed by a secure processor having secure cryptography hardware implemented thereon. The method may be executed in a security kernel of a secure on-chip non-volatile (NV) memory coupled to the secure processor. The method may include: storing a rewritable state and a device private key based at least in part on a programmed secret seed and the rewritable state, the device private key being part of a cryptographic key pair comprising a public key associated with the device private key, and the rewritable state being a state of a secure application encrypted with the public key; providing one or more instructions to gather the device private key and from the private key datastore; and using the device private key to generate a device certificate, the device certificate providing the device with access to the secure application.

Abstract: A technique for maintaining encrypted content received over a network in a secure processor without exposing a key used to decrypt the content in the clear is disclosed.

Abstract: A game identifier of an encrypted streaming electronic game to be streamed to a playback device may be received. The game identifier may comprise a title of the encrypted streaming electronic game. An electronic ticket for access by the playback device to a secured portion of the encrypted streaming electronic game may be gathered. The electronic ticket may specify a first gameplay state. The electronic ticket may be used to access the secured portion of the encrypted streaming electronic game at the first gameplay state. One or more gameplay actions to transform the encrypted streaming electronic game to a second gameplay state may be received. The second gameplay state may be provided to a state server, where the state server configured to instruct a license server to modify the electronic ticket to specify the second gameplay state for the encrypted streaming electronic game.

Abstract: A method may be executed by a secure processor having secure cryptography hardware implemented thereon. The method may be executed in a security kernel of a secure on-chip non-volatile (NV) memory coupled to the secure processor. The method may include: storing a rewritable state and a device private key based at least in part on a programmed secret seed and the rewritable state, the device private key being part of a cryptographic key pair comprising a public key associated with the device private key, and the rewritable state being a state of a secure application encrypted with the public key; providing one or more instructions to gather the device private key and from the private key datastore; and using the device private key to generate a device certificate, the device certificate providing the device with access to the secure application.

Abstract: A technique for quickly switching between a first operating system (OS) and a second OS involves deactivating the first OS and loading the second OS from dynamic memory. The technique can include inserting a context switching layer between the first OS and a hardware layer to facilitate context switching. It may be desirable to allocate dynamic memory for the second OS and preserve state of the first OS before deactivating the first OS and loading the second OS from the dynamic memory.

Abstract: A technique for maintaining encrypted content received over a network in a secure processor without exposing a key used to decrypt the content in the clear is disclosed.

Abstract: An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later process of connecting to ticket servers to obtain tickets. A method according to the technique may involve sending a (manufacturing) server signed certificate from the device prior to any communication to receive tickets. A device according to the technique may include chip-internal non-volatile memory to store the certificate along with the private key, in the manufacturing process.

Abstract: An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later process of connecting to ticket servers to obtain tickets. A method according to the technique may involve sending a (manufacturing) server signed certificate from the device prior to any communication to receive tickets. A device according to the technique may include chip-internal non-volatile memory to store the certificate along with the private key, in the manufacturing process.

Abstract: An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later process of connecting to ticket servers to obtain tickets. A method according to the technique may involve sending a (manufacturing) server signed certificate from the device prior to any communication to receive tickets. A device according to the technique may include chip-internal non-volatile memory to store the certificate along with the private key, in the manufacturing process.

Abstract: An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later process of connecting to ticket servers to obtain tickets. A method according to the technique may involve sending a (manufacturing) server signed certificate from the device prior to any communication to receive tickets. A device according to the technique may include chip-internal non-volatile memory to store the certificate along with the private key, in the manufacturing process.

Abstract: A technique for quickly switching between a first operating system (OS) and a second OS involves deactivating the first OS and booting the second OS from memory. The technique can include inserting a context switching layer between the first OS and a hardware layer to facilitate context switching. It may be desirable to allocate memory for the second OS and preserve state of the first OS before deactivating the first OS and booting the second OS from memory.

Abstract: A technique for leveraging cloud resources includes maintaining a resource index for a user for resources that are available from a connected standby device. The resource index can store an identification of resources for an entity (e.g., a user or enterprise) that is stored on a connected standby device. The resource index can include resources of other devices, as well. A connected standby device will generally have at least three power states, online, offline, and connected standby. When a device is online, a processor of the device is powered up and capable of handling, e.g., remote requests for resources. When a device is offline, the device may or may not be off, but is in any case not responsive to remote access. When a device is on connected standby, a processor of the device is powered down, but the device is responsive to a wakeup packet, enabling the device to respond to a resource request, typically after a short delay while the processor powers up.