Abstract: A first non-volatile memory stores a redundant copy of system data that relates to a configuration of at least one physical component of a system, where the first non-volatile memory is accessible by a controller in the system and inaccessible to a processor in the system. It is determined whether system data in a second non-volatile memory accessible by the processor is compromised. In response to determining that the system data in the second non-volatile memory is compromised, the compromised system data in the second non-volatile memory is repaired.

Abstract: In examples provided herein, a computing device includes a processor, a memory coupled to the processor, and a non-transitory computer readable storage medium coupled to the processor that includes instructions, that when executed by the processor, cause the processor to manage a transition between a first operating system and a second operating system. The instructions cause the processor to instantiate a copy-on-write virtual computing system executing a first operating system, delete a second operating system from the non-transitory computer readable storage medium or the memory, copy the first operating system to the non-transitory computer readable storage medium. The instructions can further cause the processor to instantiate the first operating system on the computing device.

Abstract: A system and method for authentication are described herein. An authentication request is received at a combiner proxy (350). The combiner proxy (350), is arranged to receive a user authentication request, receive one or more share values from one or more communications devices (330A, . . . ,330N) where each of the communications devices (330A, . . . 330N) stores at least one share value of a set of share values and determine if one or more share values that have been received from the communications devices (330A, . . . ,330N) meet a quantitative criteria. The combiner proxy (350) is arranged to authenticate the user if the received share values meet the quantitative criteria.

Abstract: Examples herein disclose monitoring an expected functionality upon execution of a system management mode (SMM) BIOS code. The examples detect whether a change has occurred to the SMM BIOS code based on the monitoring of the expected functionality. The change indicates that the SMM BIOS code is compromised.

Abstract: In some examples, an electronic device receives, while an operating system is running in the electronic device, a request to access a function of a Basic Input/Output System (BIOS), the request containing a web address of the function of the BIOS, and routes, based on the web address of the function of the BIOS, the request through a web-based interface to a domain that includes the function of the BIOS.

Abstract: In some examples, a privileged domain includes a function of a Basic Input/Output System (BIOS). A request to access the function of the BIOS is routed to the privileged domain. The privileged domain determines whether to execute the function based on identifying at least one selected from among a source of the request and a context of the request.

Abstract: A data processing system supporting a secure domain and a non-secure domain comprises a hardware component, and a processor device having operating modes in the secure domain and non-secure domain, the processor device to execute a secure application in the secure domain. The hardware component has a property having a secure state. The property of the hardware component in the secure state may only be reconfigured responsive to instructions received from the secure domain. The secure application is operative to implement a configuration service to configure the property of the hardware component in the secure state, responsive to a request received from the non-secure domain according to an application programming interface associated with the secure application.

Abstract: A secure communication channel is established between a virtual trusted runtime basic input output system (BIOS) and a virtual machine that includes a virtual BIOS. The virtual trusted runtime BIOS communicates with the virtual machine according to a web-based protocol over the secure communication channel using a secure socket layer.

Abstract: One example includes a display device. The display device includes an electronic paper display imageable by receiving charges on an imaging surface of the electronic paper display. The display device includes an embedded chip to enable writing to the electronic paper display based on a successful authentication.

Abstract: A network system for implementing a cloud platform within a network to which at least one device defining a computing environment for a user has access comprises an application management module, a community management module, and a user enrollment portal. The application management module enables access to an abstract application, wherein the abstract application is associated with a concrete application defining an implementation of the abstract application for the computing environment. The community management module manages a community, wherein the community comprised of at least a user credential and the abstract application, wherein the community defines at least one of said following: a policy, a management process, and a service, under which the abstract application can be accessed by the user.

Abstract: Examples of systems and methods for device-type content management are described herein. In an example, at least one of a community policy and a community-device type policy may be generated. The community policy may be generated for a community defined for an enterprise and may be enforced on a plurality of user devices registered with the community. Further, the device-community policy may be enforced on a user device, from among the plurality of user devices, based on a device-type of the user device. The device-community policy may indicate a management service to be used to realize the community policy. Further, a management service agent (MS agent) may be provided to the user device, based on the management service indicated by the device-community policy. The MS agent may provide for managing enterprise content on the user device as indicated by the community policy.

Abstract: An implementation may include a virtual trusted runtime BIOS managed by the virtual machine monitor. A replacement portion of the virtual trusted runtime BIOS may be included. A router can replace an address to a resource of the virtual trusted runtime BIOS with the address to the resource of the replacement portion of the virtual trusted runtime BIOS.

Abstract: In some examples, an electronic device receives, while an operating system is running in the electronic device, a request to access a function of a Basic Input/Output System (BIOS), the request containing a web address of the function of the BIOS, and routes, based on the web address of the function of the BIOS, the request through a web-based interface to a domain that includes the function of the BIOS.

Abstract: A secure communication channel is established between a virtual trusted runtime basic input output system (BIOS) and a virtual machine that includes a virtual BIOS. The virtual trusted runtime BIOS communicates with the virtual machine according to a web-based protocol over the secure communication channel using a secure socket layer.

Abstract: A web-based interface in an electronic device receives a request to access a function of a Basic Input/Output System.

Abstract: A secure communication channel is established between a virtual trusted runtime basic input output system (BIOS) and a virtual machine that includes a virtual BIOS. The virtual trusted runtime BIOS communicates with the virtual machine according to a web-based protocol over the secure communication channel using a secure socket layer.

Abstract: A data processing system supporting a secure domain and a non-secure domain comprises a hardware component, and a processor device having operating modes in the secure domain and non-secure domain, the processor device to execute a secure application in the secure domain. The hardware component has a property having a secure state. The property of the hardware component in the secure state may only be reconfigured responsive to instructions received from the secure domain. The secure application is operative to implement a configuration service to configure the property of the hardware component in the secure state, responsive to a request received from the non-secure domain according to an application programming interface associated with the secure application.

Abstract: An electronic device for management of cryptographic keys, and a corresponding method implemented in a computing device comprising a physical processor, transmit feature data of the device to a key generation module, wherein the feature data comprises information corresponding to an identifier or an attribute of the device, and receive, by the device from the key generation module, a digital signature of the transmitted feature data. The device installs the received digital signature as a cryptographic private key for communication, and performs a cryptographic operation using the installed digital signature as the cryptographic private key.

Abstract: The present disclosure relates to an integrated circuit. The integrated circuit includes a memory controller. The integrated circuit includes a first memory coupled to the memory controller. The integrated circuit includes a processor core coupled to the memory controller. The integrated circuit includes a secure core that includes a second memory. The secure core is configured to inspect the first memory and detect a security event.

Abstract: An environment manager in a computer executes multiple environments concurrently. A user management framework (UMF) virtual machine on the computer runs an authentication domain that supports user profile management of the multiple environments.