Abstract: A device facilitating script deployment through service provider servers includes at least one processor configured to receive, from a service provider, a request to perform a transaction directly with a device secure element on which a credential is provisioned, where the request includes a credential identifier corresponding to the credential. The at least one processor is further configured to identify, based at least in part on the credential identifier, the device secure element. The at least one processor is further configured to verify that the service provider is authorized to interact directly with the device secure element. The at least one processor is further configured to instruct, responsive to the verifying, the device secure element to communicate directly with a service provider server to perform the transaction. The at least one processor is further configured to receive, from the device secure element, a result associated with the transaction.

Abstract: A content request communication, e.g., generated using a first processor of a device, can be transmitted to a web server. A response communication including content identifying a first value can be received from the web server. The first processor can facilitate presentation of the content on a first display of the device. A communication can be received at a second processor of the device from a remote server. The communication can include data representing a second value and can be generated at the remote server using information received from the web server. Further, the second processor can produce a secure verification output that can be presented on a separate, second display, representing at least the second value. The presentation on first display can at least partially overlap in time with the presentation on the second display.

Abstract: This disclosure describes techniques for compressing a graphical state object. In one example, a central processing unit may be configured to receive, for output to the GPU, a set of instructions to render a scene. Responsive to receiving the set of instructions to render the scene, the central processing unit may be further configured to determine whether the set of instructions includes a state object that is registered as corresponding to an identifier. Responsive to determining that the set of instructions includes the state object that is registered as corresponding to the identifier, the central processing unit may be further configured to output, to the GPU, the identifier that is registered as corresponding to the state object.

Abstract: Systems and methods for validating and applying modifications to a policy control function (PCF) of a station. The methods include generating a PCF package including a modification to a POE, and determining whether the PCF package is to be transmitted to the station by a first or second entity. The methods further include when the PCF package is to be transmitted by the first entity, including a first signature of the first entity in a deliverer field of the PCF package, and when the PCF package is to be transmitted by the second entity, including the first signature in an owner field and a second signature of the second entity in the deliverer field. The methods further include receiving the PCF package from the first or second entity, determining whether the PCF package is valid, and applying the modification to the PCF when it is determined the PCF package is valid.

Abstract: Systems, methods, and computer-readable media for managing secure transactions between electronic devices and service providers. In one embodiment, an administration entity system may receive device order data from an electronic device, wherein the received device order data is indicative of an order for an item of value of a service provider system to be stored on the electronic device, transmit administration order data to the service provider system based on the received device order data, wherein the administration order data is indicative of the order for the item of value, receive service provider fulfillment data from the service provider system based on the transmitted administration order data, wherein the service provider fulfillment data includes the item of value, and transmit administration fulfillment data to the electronic device based on the received service provider fulfillment data, wherein the administration fulfillment data includes the item of value.

Abstract: Methods and apparatus for large scale distribution of electronic access control clients. In one aspect, a tiered security software protocol is disclosed. In one exemplary embodiment, a server electronic Universal Integrated Circuit Card (eUICC) and client eUICC software comprise a so-called “stack” of software layers. Each software layer is responsible for a set of hierarchical functions which are negotiated with its corresponding peer software layer. The tiered security software protocol is configured for large scale distribution of electronic Subscriber Identity Modules (eSIMs).

Abstract: A transparent format converter (TFC) may determine that a request by at least one processor for graphics data stored in graphics memory is indicative of a request for graphics data in a first data format. The TFC may retrieve the graphics data in a second data format from the graphics memory based at least in part on the request for the graphics data in the graphics memory. The TFC may convert the retrieved graphics data from the second data format to the first data format. The TFC may store the converted graphics data in the first data format into a memory that is accessible by the at least one processor.

Abstract: This disclosure proposes techniques for graphics processing. In one example, a graphics processing unit (GPU) is configured to access a memory according to one of an unsecure mode and a secure mode. The GPU may include a memory access controller configured to direct memory transactions from at least one hardware unit of the GPU to a secure context bank in a memory controller when the GPU is operating in a secure mode, and configured to direct memory transactions from the at least one hardware unit of the GPU to an unsecure context bank in the memory controller when the GPU is operating in the unsecure mode.

Abstract: Systems and methods for validating and applying modifications to a policy control function (PCF) of a station. The methods include generating a PCF package including a modification to a PCF, and determining whether the PCF package is to be transmitted to the station by a first or second entity. The methods further include when the PCF package is to be transmitted by the first entity, including a first signature of the first entity in a deliverer field of the PCF package, and when the PCF package is to be transmitted by the second entity, including the first signature in an owner field and a second signature of the second entity in the deliverer field. The methods further include receiving the PCF package from the first or second entity, determining whether the PCF package is valid, and applying the modification to the PCF when it is determined the PCF package is valid.

Abstract: Systems, methods, and computer-readable media for validating online access to secure device functionality are provided that may use shared secrets between different subsystems and limited use validation data.

Abstract: This disclosure describes communication techniques that may be used within a multiple-processor computing platform. The techniques may, in some examples, provide software interfaces that may be used to support message passing within a multiple-processor computing platform that initiates tasks using command queues. The techniques may, in additional examples, provide software interfaces that may be used for shared memory inter-processor communication within a multiple-processor computing platform. In further examples, the techniques may provide a graphics processing unit (GPU) that includes hardware for supporting message passing and/or shared memory communication between the GPU and a host CPU.

Abstract: This disclosure describes communication techniques that may be used within a multiple-processor computing platform. The techniques may, in some examples, provide software interfaces that may be used to support message passing within a multiple-processor computing platform that initiates tasks using command queues. The techniques may, in additional examples, provide software interfaces that may be used for shared memory inter-processor communication within a multiple-processor computing platform. In further examples, the techniques may provide a graphics processing unit (GPU) that includes hardware for supporting message passing and/or shared memory communication between the GPU and a host CPU.

Abstract: This disclosure proposes techniques for graphics processing. In one example, a graphics processing unit (GPU) is configured to access a memory according to one of an unsecure mode and a secure mode. The GPU may include a memory access controller configured to direct memory transactions from at least one hardware unit of the GPU to a secure context bank in a memory controller when the GPU is operating in a secure mode, and configured to direct memory transactions from the at least one hardware unit of the GPU to an unsecure context bank in the memory controller when the GPU is operating in the unsecure mode.

Abstract: This disclosure proposes techniques for graphics processing. In one example, a graphics processing unit (GPU) is configured to access a memory according to one of an unsecure mode and a secure mode. The GPU may include a memory access controller configured to direct memory transactions from at least one hardware unit of the GPU to an unsecure memory unit or a secure memory unit based on the unsecure mode or secure mode and a resource descriptor associated with a memory resource.

Abstract: Systems, methods, and computer-readable media for provisioning multiple credentials of a multi-scheme card on an electronic device for selective use in a secure transaction are provided.

Abstract: The present disclosure provides for systems and methods to process a non-resident page that may include attempting to access the non-resident page, an address for the non-resident page pointing to a memory page containing default values, determining that the non-resident page should not cause a page fault based on an indicator indicating that a particular non-resident page should not generate a page fault, returning an indication that a memory read did not translate and returning the default value when the access of the non-resident page is a read and the non-resident page should not cause a page fault. Another example may discontinue a write when the access of the non-resident page is a write and the non-resident page should not cause a page fault.

Abstract: A device includes a memory that stores a first page table that includes a first page table entry, wherein the first page table entry further includes a physical address, an alternative location associated with the page table entry, and a physical page of memory associated with the physical address. A first processing unit is configured to: read the first page table entry, and determine the physical address from the first page table entry. The second processing unit is configured to: read the physical address from the first page table entry, determine second page attribute data from the alternative location, wherein the second page attribute data define one or more accessibility attributes of the physical page of memory for the second processing unit, and access the physical page of memory associated with the physical address according to the one or more accessibility attributes.

Abstract: Methods and apparatus for large scale distribution of electronic access control clients. In one aspect, a tiered security software protocol is disclosed. In one exemplary embodiment, a server electronic Universal Integrated Circuit Card (eUICC) and client eUICC software comprise a so-called “stack” of software layers. Each software layer is responsible for a set of hierarchical functions which are negotiated with its corresponding peer software layer. The tiered security software protocol is configured for large scale distribution of electronic Subscriber Identity Modules (eSIMs).

Abstract: A transparent format converter (TFC) may determine that a request by at least one processor for graphics data stored in graphics memory is indicative of a request for graphics data in a first data format. The TFC may retrieve the graphics data in a second data format from the graphics memory based at least in part on the request for the graphics data in the graphics memory. The TFC may convert the retrieved graphics data from the second data format to the first data format. The TFC may store the converted graphics data in the first data format into a memory that is accessible by the at least one processor.

Abstract: The techniques described in the disclosure are generally related to gradual, iterative hang recovery for a graphics processing unit (GPU). The techniques described in the disclosure attempt to re-execute instructions of an application in response to a GPU hang, rather than stopping the execution of the application. If the re-execution causes the GPU to hang again, the techniques described in the disclosure cause the GPU to iteratively execute next set of instructions.