Abstract: A system includes a stored counter value and a stored boot manifest including a manifest type flag. A manifest type of the boot manifest is determined based on the manifest type flag, a tenancy mode is determined based on a parity of the counter value, a first boot is executed if the manifest type is a first manifest type and the tenancy mode is a first tenancy mode, a second boot flow is executed if the manifest type is the first manifest type and the tenancy mode is a second tenancy mode, a third boot flow is executed if the manifest type is a second manifest type and the tenancy mode is the first tenancy mode, and a fourth boot flow is executed if the manifest type is the second manifest type and the tenancy mode is the second tenancy mode.

Abstract: The techniques disclosed herein are directed to devices, circuits, systems, and techniques to mitigate the impact of side-channel attacks on a cryptography function in a target system. The Razor flip-flops are inserted into critical paths of the cryptography function of the target system, including at rest blocks such as key vaults and data vaults, and also including registers and/or pipelines used for calculations within the cryptography functions. Errors detected by the Razor flip-flops are processed by error detection logic in the cryptographic function, which continues the calculations until completion. The generated key and data value pairs resulting from detected errors are discarded, silently ignored without disrupting the calculation process. The schemes disclosed herein mitigate the impact of side-channel attacks with a digital logic based implementation, with reduced complexity and reduced cost.

Abstract: Methods, systems, and techniques for providing visual expertise to objectively measure, evaluate, and visualize aesthetic change are provided. Example embodiments provide an Aesthetic Delta Measurement System (“ADMS”), which enables users to objectively measure and visualize aesthetic health and wellness and treatment outcomes and to continuously supplement a knowledge repository of objective aesthetic data based upon a combination of automated machine learning and surveyed human input data. The ADMS provides a labeling platform for labeling aesthetic health and wellness over large populations of individuals and a personal analysis application for viewing an individuals aesthetic changes over time. The ADMS provides labeling of images using guides with corresponding discrete scalar values or using pairwise comparison techniques.

Abstract: Embodiments described herein are directed to transferring the ownership of a computing device from one entity to another entity. For example, a security processor is utilized to boot the computing device. During a boot session, the security processor loads and executes boot code, which determines whether specialized firmware authorized by the current owner indicates whether a transfer of ownership is to occur. In response to determining that the specialized firmware indicates that a transfer of ownership is to occur, the secure processor loads and executes the specialized firmware. The specialized firmware, when executed, causes the security processor to program a set of fuses with the public key of the new owner. Execution of the specialized firmware also causes the security processor to invalidate the public key of the original owner, which is stored in another set of fuses.

Abstract: Embodiments described herein are directed to firmware policy enforcement of a computing device. For example, a security processor of the computing device is utilized to boot the computing device. During a boot session, the security processor loads and executes specialized firmware. The specialized firmware, when executed, causes the security processor to determine whether other types of firmware to be executed on the computing device is in compliance with a policy specified by the specialized firmware. Based at least on a determination that the other firmware is in compliance with the policy, the security processor executes the other firmware. Based at least on a determination that the other firmware is not in compliance with the policy, the security processor performs a mitigation with respect to the other firmware.

Abstract: Techniques are described herein that are capable of reducing latency of changing an operating state of a processor from a low-power state to a normal-power state. For example, providing a notification from a hardware system to the processor or receiving the notification at the processor, indicating that a transaction layer packet will be provided to the processor at a future time, may trigger the processor to change the operating state from the low-power state to the normal-power state. In another example, receipt of a transaction layer packet at the processor from a hardware system may trigger the processor to change the operating state from the low-power state to the normal-power state.

Abstract: Systems and methods for a confidential compute architecture integrated with direct swap caching are described. An example method for managing a near memory and a far memory includes, in response to determining that the far memory contains an encrypted version of a first block of data, retrieving from the far memory the encrypted version of the first block of data, decrypting the first block of data using a first key for exclusive use by a first virtual machine associated with the system, and providing a decrypted version of the first block of data to the requestor. The method further includes swapping out a second block of data having an address conflict with the first block of data from the near memory to the far memory, where the second block of data is encrypted using a second key for exclusive use by a second virtual machine associated with the system.

Abstract: Methods, systems, apparatuses, and computer-readable storage mediums described herein enable executable code of a hardware security platform (HSP) circuit to communicate with a hypervisor in a separate processor. The hypervisor generates and manages virtual machines. The HSP code comprises trusted platform module (TPM) logic, that processes TPM commands received via the hypervisor, and in response to the processing, communicates security information (e.g., measurements, keys, authorization data) with the virtual machines via the hypervisor. The TPM logic receives security information related to a virtual machine from the hypervisor and stores the security information in non-volatile memory of the HSP circuit, where security information from a particular VM is distinguishable from security information from another VM in the HSP memory.

Abstract: Embodiments described herein are directed to firmware policy enforcement of a computing device. For example, a security processor of the computing device is utilized to boot the computing device. During a boot session, the security processor loads and executes specialized firmware. The specialized firmware, when executed, causes the security processor to determine whether other types of firmware to be executed on the computing device is in compliance with a policy specified by the specialized firmware. Based at least on a determination that the other firmware is in compliance with the policy, the security processor executes the other firmware. Based at least on a determination that the other firmware is not in compliance with the policy, the security processor performs a mitigation with respect to the other firmware.

Abstract: A system includes a stored counter value and a stored boot manifest including a manifest type flag. A manifest type of the boot manifest is determined based on the manifest type flag, a tenancy mode is determined based on a parity of the counter value, a first boot is executed if the manifest type is a first manifest type and the tenancy mode is a first tenancy mode, a second boot flow is executed if the manifest type is the first manifest type and the tenancy mode is a second tenancy mode, a third boot flow is executed if the manifest type is a second manifest type and the tenancy mode is the first tenancy mode, and a fourth boot flow is executed if the manifest type is the second manifest type and the tenancy mode is the second tenancy mode.

Abstract: Embodiments described herein are directed to transferring the ownership of a computing device from one entity to another entity. For example, a security processor is utilized to boot the computing device. During a boot session, the security processor loads and executes boot code, which determines whether specialized firmware authorized by the current owner indicates whether a transfer of ownership is to occur. In response to determining that the specialized firmware indicates that a transfer of ownership is to occur, the secure processor loads and executes the specialized firmware. The specialized firmware, when executed, causes the security processor to program a set of fuses with the public key of the new owner. Execution of the specialized firmware also causes the security processor to invalidate the public key of the original owner, which is stored in another set of fuses.

Abstract: A computing device includes circuitry that is configured to disable a physical interface between a baseboard management controller (BMC) and a processor when the BMC is not running and a logical interface between the BMC and the processor is not available. Disabling the physical interface prevents an attacker from writing malicious code to the BMC using the physical interface. The computing device also includes circuitry that enables the physical interface between the BMC and the processor in response to receiving a unique signal sequence from a trusted external entity. When firmware should be installed on the BMC, someone with proper authorization can cause the trusted external entity to send the unique signal sequence to the circuitry on the computing device, thereby enabling the physical interface between the BMC and the processor. The processor can then write the firmware to non-volatile memory within the BMC across the physical interface.

Abstract: A system and method of monitoring a status of a server using a baseboard management controller (BMC) is disclosed. First, the BMC may access a status code generated in Domain 0 of the server through a command line interface to the server and send the status code to an alert management system. Second, the BMC may snoop on a status code generated in the hypervisor of the server through input/output port 80h and send the status code to the alert management system. Third, the BMC may read a status code generated in the hypervisor and written in a Model Specific Register (MSR) and send the status code to the alert management system. The system and method can enable the alert management system to readily recognize the occurrence of an error, including the type of the error which is a software error, and the cause of the error in real time or nearly real time.

Abstract: A system and method of monitoring a status of a server using a baseboard management controller (BMC) is disclosed. First, the BMC may access a status code generated in Domain 0 of the server through a command line interface to the server and send the status code to an alert management system. Second, the BMC may snoop on a status code generated in the hypervisor of the server through input/output port 80h and send the status code to the alert management system. Third, the BMC may read a status code generated in the hypervisor and written in a Model Specific Register (MSR) and send the status code to the alert management system. The system and method can enable the alert management system to readily recognize the occurrence of an error, including the type of the error which is a software error, and the cause of the error in real time or nearly real time.

Abstract: A computing device includes circuitry that is configured to disable a physical interface between a baseboard management controller (BMC) and a processor when the BMC is not running and a logical interface between the BMC and the processor is not available. Disabling the physical interface prevents an attacker from writing malicious code to the BMC using the physical interface. The computing device also includes circuitry that enables the physical interface between the BMC and the processor in response to receiving a unique signal sequence from a trusted external entity. When firmware should be installed on the BMC, someone with proper authorization can cause the trusted external entity to send the unique signal sequence to the circuitry on the computing device, thereby enabling the physical interface between the BMC and the processor. The processor can then write the firmware to non-volatile memory within the BMC across the physical interface.

Abstract: A Root of Trust hardware hierarchy provides firmware security for motherboard and peripheral devices. Power is received at a computer system and, in response to the receipt of power, of a standby power rail of a motherboard of the computer system is energized, and a first microcontroller mounted on the motherboard authenticates first firmware associated with a baseboard management controller mounted on the motherboard and coupled to the first microcontroller. If the authentication of the first firmware is successful, the baseboard management controller is powered on, a central processing unit coupled to the first microcontroller is held in reset, and a standby power rail of a peripheral component card coupled to the motherboard is energized.

Abstract: A processor may be coupled to a flash memory by way of an interface. The processor may be caused to read and/or write data, such as computer executable instructions, from/to the flash memory via the interface. An interface filter may be interposed between the processor and the flash memory to enhance the security and validity of data transactions associated with the processor and the flash memory.

Abstract: A processor may be coupled to a flash memory by way of an interface. The processor may be caused to read and/or write data, such as computer executable instructions, from/to the flash memory via the interface. An interface filter may be interposed between the processor and the flash memory to enhance the security and validity of data transactions associated with the processor and the flash memory.

Abstract: A Root of Trust hardware hierarchy provides firmware security for motherboard and peripheral devices. Power is received at a computer system and, in response to the receipt of power, of a standby power rail of a motherboard of the computer system is energized, and a first microcontroller mounted on the motherboard authenticates first firmware associated with a baseboard management controller mounted on the motherboard and coupled to the first microcontroller. If the authentication of the first firmware is successful, the baseboard management controller is powered on, a central processing unit coupled to the first microcontroller is held in reset, and a standby power rail of a peripheral component card coupled to the motherboard is energized.

Abstract: Management of infrastructure devices is performed by computing devices that are associated with the processing being provided by the data center, such as chassis managers. A master is first selected through polling or consensus algorithms, and then subsequently the master is endowed with the authority to manage infrastructure devices and generate the control output to such infrastructure devices. Alternatively, no master need be elected and, instead, output to such infrastructure devices is generated by a computing device selected utilizing polling or consensus algorithms, and in accordance with a management decision made through polling or consensus algorithms. The interplay between the cooling apparatuses of individual server computing devices and the cooling apparatuses of the data center as a whole is also managed to increase the portion of the cooling of server computing devices provided by data center air movers. Control of data center air movers can be determined empirically or predictively.