Abstract: In an embodiment, a method comprises intercepting, from a first computer, a first set of instructions that define one or more original operations, which are configured to cause one or more requests to be sent if executed by a client computer; modifying the first set of instructions to produce a modified set of instructions, which are configured to cause a credential to be included in the one or more requests sent if executed by the client computer; rendering a second set of instructions comprising the modified set of instructions and one or more credential-morphing-instructions, wherein the one or more credential-morphing-instructions define one or more credential-morphing operations, which are configured to cause the client computer to update the credential over time if executed; sending the second set of instructions to a second computer.

Abstract: A mechanism for probabilistically determining the contents of an encrypted file is provided, such that a transfer of the encrypted file can be restricted according to rules associated with an unencrypted version of the file. Embodiments generate a file size table of a subset of files, where each entry of the file size table includes a size information regarding the unencrypted file. Embodiments compare the size of the encrypted file against the file sizes and compressed file size ranges to determine whether the encrypted file has a match. If the size of the encrypted file has a single match in the table, then there is a high probability that the file associated with the matching entry is the unencrypted version of the encrypted file. Rules associated with restricting access of the file related to the matching entry can be used to control transfer of the encrypted file.

Abstract: The present disclosure provides systems and methods for parameterized application installation. A client device may provide authentication credentials of a user to an authentication server, which may store an association between the user and a content item linking to an application and identifying a parameter for use by the application. The client device may download and install the application via an application server or application store. Once installed, the application may re-provide the authentication credentials to the authentication server, which may retrieve the association, and provide the parameter for use by the application. Thus, the application server or application store may continue to discard referrer information or parameters for the application, but the application may still receive and utilize the parameters without further user intervention.

Abstract: Described herein are systems, methods, and non-transitory computer readable media for automating the transfer/syncing of datasets or other artifacts from one security domain (e.g., a low security side environment) to another security domain (e.g., a high security side environment) in a seamless manner that complies with requirements of a data transfer mechanism used to transfer data between the two security domains while ensuring data integrity and consistency between the two security domains.

Abstract: Methods and systems for enabling secure memory transactions in a memory controller are disclosed. Responsive to determining that an incoming request is for a secure memory transaction, the incoming request is placed in a secure request container. The memory container then enters a state where re-ordering between requests for secure memory transactions placed in the secure request container and requests for non-secure memory transactions from other containers is prevented in a scheduling queue.

Abstract: In one or more embodiments, one or more systems, methods, and/or processes may determine that a switch of an information handling system has been actuated; may provide, via a conductor of the switch, an electric charge to an element of a lid portion of a chassis of the information handling system; after providing the electric charge to the element of the lid portion of the chassis, may determine that an amount of time has transpired; in response to determining that the amount of time has transpired, may determine a voltage value associated with the element of the lid portion of the chassis; may determine an identification of the chassis based at least on the voltage value; and may configure at least a portion of the information handling system based at least on the identification of the chassis.

Abstract: Systems, methods, circuits, devices, and apparatus including computer-readable mediums for managing tamper detections in secure memory devices. In one aspect, a secure memory device includes: a memory cell array, one or more tamper detectors each configured to detect a respective type of tamper event on at least part of the secure memory device, and a tamper detection status register storing one or more values each indicating a tamper detection status detected by a corresponding tamper detector. The secure memory device can include a command interface coupled to the tamper detection status register and configured to output the values stored in the tamper detection status register when receiving a trigger. The secure memory device can also include an output pin coupled to the tamper detection status register and be configured to automatically output the values stored in the tamper detection status register via the output pin.

Abstract: A device may receive data identifying applications, wherein each application includes files and each file includes functions and lines of code. The device may generate file hashes for the files, line hashes for the lines of code, and function hashes for the functions. The device may store, in a data structure, data identifying one or more of the applications, the files, the lines of code, the functions, the file hashes, the line hashes, and the function hashes. When scanning a new application, the device may generate a hash associated with one of the files of the new application, and may determine that the hash associated with the file of the new application matches one of the file hashes. The device may refrain from performing a scan of the file of the new application based on determining that the hash of the file matches one of the file hashes.

Abstract: Various examples are provided related to power side-channel vulnerability assessment. In one example, a method includes identifying target registers in an IC design; generating input patterns associated with a target function that can generate a power difference in the target registers when processing the target function; determining a side-channel vulnerability (SCV) metric using the power difference produced by the input patterns; and identifying a vulnerability in the IC design using the SCV metric. Identification of the vulnerability allows for modification of the IC design at an early stage, which can avoid power side-channel attacks (e.g., DPA and CPA) in the fabricated IC design. The method can be used for pre-silicon power side-channel leakage assessment of IC designs such as, e.g., cryptographic and non-cryptographic circuits.

Abstract: Described herein are methods and systems for generating shared collaborative maps for planting or harvesting operations. A method of generating a collaborative shared map between machines includes generating a first map for a first machine based on a first set of data and generating a second map for a second machine based on a second set of data. The method further includes generating at least one shared collaborative map for at least one of the first and second machines based on the first and second maps.

Abstract: A computer system for security of components includes at least one processor. For a new version of a component, the processor determines, based on a dataset of release events over time, a historical behavioral analysis of (i) a project that is released with prior versions of the component, and/or (ii) historical committer behavior of a committer that committed the new version of the component, and/or (iii) historical behavior of a publisher of the project. The dataset of release events includes event data collected over time regarding open source project, committers, and repository. The processor determines whether the new version of the component presents an unusual risk profile, based on the historical behavioral analysis. The processor facilitates delayed consumption of the new version of the component in response to determining that the new version of the component presents the unusual risk profile.

Abstract: A method for fetching a content from a web server to a client device is disclosed, using tunnel devices serving as intermediate devices. The client device accesses an acceleration server to receive a list of available tunnel devices. The requested content is partitioned into slices, and the client device sends a request for the slices to the available tunnel devices. The tunnel devices in turn fetch the slices from the data server, and send the slices to the client device, where the content is reconstructed from the received slices. A client device may also serve as a tunnel device, serving as an intermediate device to other client devices. Similarly, a tunnel device may also serve as a client device for fetching content from a data server. The selection of tunnel devices to be used by a client device may be in the acceleration server, in the client device, or in both.

Abstract: The technology disclosed can query configuration management system data and includes cross table selection criteria and joined data return.

Abstract: Mechanisms are provided to implement an enhanced privacy deep learning system framework (hereafter “framework”). The framework receives, from a client computing device, an encrypted first subnet model of a neural network, where the first subnet model is one partition of multiple partitions of the neural network. The framework loads the encrypted first subnet model into a trusted execution environment (TEE) of the framework, decrypts the first subnet model, within the TEE, and executes the first subnet model within the TEE. The framework receives encrypted input data from the client computing device, loads the encrypted input data into the TEE, decrypts the input data, and processes the input data in the TEE using the first subnet model executing within the TEE.

Abstract: Techniques are described herein that are capable of registering a user device with a cloud-based management service using an intermediate cloud storage. For instance, the intermediate cloud storage may store an encrypted data blob including information that identifies the user device. The intermediate cloud storage or a registration system may decrypt the encrypted data blob so that the registration system may use the decrypted data blob to register the user device with the cloud-based management service. For instance, the registration system may retrieve the encrypted or decrypted data blob from the intermediate cloud storage by providing a requisite secret to the intermediate cloud storage. The requisite secret may be provided to the registration system by the user device (e.g., via a matrix barcode, such as a QR code).

Abstract: Systems methods and devices are provided for a presentation including a communications console with component aggregation. In one potential implementation, a computing device with an application framework receives a communication manager object via a network connectivity device and executes the communication manager object within the application framework. The computing device may then receive and execute communications components and a presentation components within the application framework using the communication manager object. The communication manager object may then manages interface and display of the presentation information via the application framework, as modified by communication components.

Abstract: A method of selectively allocating a plurality of deployment units among a plurality of clouds. The method can include identifying a first context of a first deployment unit of a workload and identifying a second context of a second deployment unit of the workload. Based on the first context, a first of the plurality of clouds that satisfies at least one requirement indicated by the first context can be identified and the first deployment unit can be automatically allocated to the first cloud. Based on the second context, a second of the plurality of clouds that satisfies at least one requirement indicated by the second context can be identified, wherein the first cloud does not satisfy the requirement indicated by the second context, and the second deployment unit can be automatically allocated to the second cloud.

Abstract: A method for fetching a content from a web server to a client device is disclosed, using tunnel devices serving as intermediate devices. The client device accesses an acceleration server to receive a list of available tunnel devices. The requested content is partitioned into slices, and the client device sends a request for the slices to the available tunnel devices. The tunnel devices in turn fetch the slices from the data server, and send the slices to the client device, where the content is reconstructed from the received slices. A client device may also serve as a tunnel device, serving as an intermediate device to other client devices. Similarly, a tunnel device may also serve as a client device for fetching content from a data server. The selection of tunnel devices to be used by a client device may be in the acceleration server, in the client device, or in both.

Abstract: Certain aspects of the disclosure are directed to communication bridging in a telecommunication system. According to a specific example, a Voice over Internet Protocol (VoIP) communication server is provided comprising a uniform resource locator (URL) generation module configured and arranged to form a communication bridge between a first protocol-disparate chat room and a second protocol-disparate chat room in response to receipt of a request from a participant of one of the chat rooms. The URL generation module can identify the participant as being associated with a customer, and redirect the participant to a customer-specific account provided by the communication bridging service. Using the customer-specific account, the URL generation module can generate a URL associated with the communication bridge. Using the generated URL an assimilation and processing module can translate chat messages received, and transmit the translated chat messages between the first chat room and the second chat room.

Abstract: A method and system for connecting a communication to a client including at a system bridge, establishing a client subscription connection with a client device; receiving an incoming communication request at the system bridge; publishing an incoming communication notification from the system bridge to the client device; receiving a client communication at the system bridge; and merging the incoming communication request into the client communication at the system bridge.