Abstract: A system includes a host processor operable to communicate with a remote requestor to perform operations for attesting a trusted system. The system also includes a hardware acceleration coprocessor coupled to the host processor. The host processor is further operable to offload at least some of the operations onto the hardware acceleration coprocessor to free up processing power on the host processor.

Abstract: A system for supporting Enhanced Privacy Identification (EPID) is provided. The system may include a host processor operable to communicate with a remote requestor, where the host processor needs to perform signature revocation checking in accordance with EPID. To perform signature revocation checking, the host processor has to perform either a sign or verify operation. The host processor may offload the sign/verify operation onto one or more associated hardware acceleration coprocessors. A programmable coprocessor may be dynamically configured to perform the desired number of sign/verify functions in accordance with the requirements of the current workload.

Abstract: In an embodiment a single user authentication event, performed between a trusted path hardware module and a service provider via an out of band communication, can enable a user to transparently access multiple service providers using strong credentials that are specific to each service provider. The authentication event may be based on multifactor authentication that is indicative of a user's actual physical presence. Thus, for example, a user would not need to enter a different retinal scan to gain access to each of the service providers. Other embodiments are described herein.

Abstract: In an embodiment a single user authentication event, performed between a trusted path hardware module and a service provider via an out of band communication, can enable a user to transparently access multiple service providers using strong credentials that are specific to each service provider. The authentication event may be based on multifactor authentication that is indicative of a user's actual physical presence. Thus, for example, a user would not need to enter a different retinal scan to gain access to each of the service providers. Other embodiments are described herein.

Abstract: In an embodiment a single user authentication event, performed between a trusted path hardware module and a service provider via an out of band communication, can enable a user to transparently access multiple service providers using strong credentials that are specific to each service provider. The authentication event may be based on multifactor authentication that is indicative of a user's actual physical presence. Thus, for example, a user would not need to enter a different retinal scan to gain access to each of the service providers. Other embodiments are described herein.

Abstract: In an embodiment a single user authentication event, performed between a trusted path hardware module and a service provider via an out of band communication, can enable a user to transparently access multiple service providers using strong credentials that are specific to each service provider. The authentication event may be based on multifactor authentication that is indicative of a user's actual physical presence. Thus, for example, a user would not need to enter a different retinal scan to gain access to each of the service providers. Other embodiments are described herein.

Abstract: A system for supporting Enhanced Privacy Identification (EPID) is provided. The system may include a host processor operable to communicate with a remote requestor, where the host processor needs to perform signature revocation checking in accordance with EPID. To perform signature revocation checking, the host processor has to perform either a sign or verify operation. The host processor may offload the sign/verify operation onto one or more associated hardware acceleration coprocessors. A programmable coprocessor may be dynamically configured to perform the desired number of sign/verify functions in accordance with the requirements of the current workload.

Abstract: In an embodiment a single user authentication event, performed between a trusted path hardware module and a service provider via an out of band communication, can enable a user to transparently access multiple service providers using strong credentials that are specific to each service provider. The authentication event may be based on multifactor authentication that is indicative of a user's actual physical presence. Thus, for example, a user would not need to enter a different retinal scan to gain access to each of the service providers. Other embodiments are described herein.

Abstract: Technologies for field-programmable gate array (FPGA) processing include a computing device having a field-programmable gate array (FPGA) and a virtual FPGA controller (VFC). The computing device generates a user-specific platform profile (PP) that identifies one or more FPGA applications to be instantiated. The computing device synthesizes each FPGA application identified by the PP to generate a bit stream image that is associated with the PP and saves the bit stream image in a profile storage of the computing device. The computing device generates a virtual memory address that is indicative of the identified FPGA applications in response to saving the bit stream image. The VFC translates the virtual memory address to a user segment of the FPGA and a logical element (LE) offset within the user segment. The FPGA executes the bit stream associated with the PP with the FPGA at the LE offset. Other embodiments are described and claimed.

Abstract: A processing device may include a first processor executing an operating system including a configurable setting and an isolated execution environment including a second processor communicatively coupled to the first processor, and a secure store coupled to the second processor to store a setting profile containing a copy of the configurable setting, in which the second processor is to, subsequent to establishing a trust relationship between the isolated execution environment and the operating system, synchronize the configurable setting with the setting profile.

Abstract: A processing device may include a first processor executing an operating system including a configurable setting and an isolated execution environment including a second processor communicatively coupled to the first processor, and a secure store coupled to the second processor to store a setting profile containing a copy of the configurable setting, in which the second processor is to, subsequent to establishing a trust relationship between the isolated execution environment and the operating system, synchronize the configurable setting with the setting profile.

Abstract: In an embodiment a single user authentication event, performed between a trusted path hardware module and a service provider via an out of band communication, can enable a user to transparently access multiple service providers using strong credentials that are specific to each service provider. The authentication event may be based on multifactor authentication that is indicative of a user's actual physical presence. Thus, for example, a user would not need to enter a different retinal scan to gain access to each of the service providers. Other embodiments are described herein.

Abstract: The present disclosure generally relates to a system and method for enterprise device customization. An example system may comprise an enterprise customization service and a device. The enterprise customization service may be configured to provide at least one of configuration or software to the device based on enterprise customization data. The device may include at least an enterprise customization application and the enterprise customization data. The enterprise customization application may be configured to cause the enterprise customization service to at least one of configure the device or to download software to the device based on the enterprise customization data.

Abstract: Methods and apparatuses for re-instantiating a firmware environment that includes one or more firmware functions available at pre-boot time when transitioning the computing device from a first, higher power consumption state to a second, lower power consumption state. The firmware environment determines whether a cryptographic signature on a firmware volume is verified; whether hardware resources of the computing device requested by a manifest of the firmware volume are available; and whether a firmware module of the firmware volume is compatible with installed firmware of the firmware environment. If so, the firmware environment reserves space in a memory to accommodate resources used by the firmware module, and executes the firmware module with the computing device in the second, lower power consumption state.

Abstract: A system, device, and method for facilitating wireless communications during a pre-boot phase of a computing device includes establishing a communications interface between a unified extensible firmware interface executed on the computing device and a wireless transceiver of the computing device during a pre-boot phase of the computing device. An OOB processor of the computing device processes data communications between the unified extensible firmware interface and the wireless communication circuit during the pre-boot phase by reformatting the data communications between wired and wireless communication standards.

Abstract: A system, device, and method for facilitating wireless communications during a pre-boot phase of a computing device includes establishing a communications interface between a unified extensible firmware interface executed on the computing device and a wireless transceiver of the computing device during a pre-boot phase of the computing device. An OOB processor of the computing device processes data communications between the unified extensible firmware interface and the wireless communication circuit during the pre-boot phase by reformatting the data communications between wired and wireless communication standards.

Abstract: Methods and apparatuses for re-instantiating a firmware environment that includes one or more firmware functions available at pre-boot time when transitioning the computing device from a first, higher power consumption state to a second, lower power consumption state. The firmware environment determines whether a cryptographic signature on a firmware volume is verified; whether hardware resources of the computing device requested by a manifest of the firmware volume are available; and whether a firmware module of the firmware volume is compatible with installed firmware of the firmware environment. If so, the firmware environment reserves space in a memory to accommodate resources used by the firmware module, and executes the firmware module with the computing device in the second, lower power consumption state.

Abstract: A system, device, and method for facilitating wireless communications during a pre-boot phase of a computing device includes establishing a communications interface between a unified extensible firmware interface executed on the computing device and a wireless transceiver of the computing device during a pre-boot phase of the computing device. An OOB processor of the computing device processes data communications between the unified extensible firmware interface and the wireless communication circuit during the pre-boot phase by reformatting the data communications between wired and wireless communication standards.