Abstract: A method and system for implementing a virtual trusted platform module (vTPM). Software components are sequentially loaded and measured from a core root of trust for measurement (CRTM) in a user confidential virtual machine (CVM). The measurements of the software components are recorded in a runtime measurement register (RTMR) log and a digest of each entry of the RTMR log is extended into an RTMR configured for the user CVM. A signed quote and corresponding measurement entries of the RTMR log are provided to a verifier. The signed quote includes a value of the RTMR. A state of the user CVM may be verified based on the RTMR value and the RTMR log entries. The measurement entries of the RTMR log may be replayed to calculate platform configuration register (PCR) values and the TCG event log may be verified using the PCR values.

Abstract: An apparatus and method of protect secret input data, secret processing, and secret output data by receiving a signed private enclave from a secret processing owner; receiving a signed manager enclave from a trusted third party (TTP); deploying the signed manager enclave; receiving a protected code loader (PCL) key encrypted with an encryption public key of the signed manager enclave from the secret processing owner; deploying the signed private enclave; running secret processing in the signed private enclave with secret input data to generate secret output data; and encrypting the secret output data in the signed private enclave using an ephemeral key, encrypting the ephemeral key in the signed private enclave using an encryption public key of the signed manager enclave, and sending the encrypted secret output data and the encrypted ephemeral key to the signed manager enclave.

Abstract: A computing system to receive a new workload by a trusted execution environment virtual machine (TVM); validate the new workload; in response to the new workload being successfully validated, evaluate a launch policy of the new workload against one or more launch policies of one or more existing workloads of the TVM; and in response to the launch policy of the new workload being successfully validated, load the new workload into the TVM.

Abstract: An apparatus and method include generating a trusted computing base (TCB) component identifier (TCI) of a current component of a computing system, generating a compound device identifier (ID) (CDI) of the current component from a CDI of a previous component of the computing system and the TCI of the current component, and determining a size of the TCI of the current component. The system and method further include summing the size of the TCI of the current component and the cumulative size of the TCIs of previous components of the computing system to generate a current cumulative size, combining the current cumulative size and the CDI of the current component, and including the combined current cumulative size and the CDI of the current component in a chain of measurements for attestation of the computing system.

Abstract: Systems, apparatuses and methods may provide for technology that determines an updated data state of a local oracle node and reconciles, in accordance with a set of consensus rules, the updated data state with one or more remote data states corresponding to a distributed network of oracle nodes to obtain a reconciled data state. The technology may also submit a transaction to a blockchain node based on the reconciled data state.

Abstract: An apparatus and method include generating a trusted computing base (TCB) component identifier (TCI) of a current component of a computing system, generating a compound device identifier (ID) (CDI) of the current component from a CDI of a previous component of the computing system and the TCI of the current component, and determining a size of the TCI of the current component. The system and method further include summing the size of the TCI of the current component and the cumulative size of the TCIs of previous components of the computing system to generate a current cumulative size, combining the current cumulative size and the CDI of the current component, and including the combined current cumulative size and the CDI of the current component in a chain of measurements for attestation of the computing system.

Abstract: Systems, apparatuses and methods may provide for technology that determines an updated data state of a local oracle node and reconciles, in accordance with a set of consensus rules, the updated data state with one or more remote data states corresponding to a distributed network of oracle nodes to obtain a reconciled data state. The technology may also submit a transaction to a blockchain node based on the reconciled data state.

Abstract: Techniques for calibration of image capturing devices are described herein. The techniques include capturing one or more images at a first target, capturing one or more images at a second target, capturing one or more images at a third target, capturing one or more images at a fourth target, and calibrating a multi-camera system based on the captured images.

Abstract: Techniques for calibration of image capturing devices are described herein. The techniques include capturing one or more images at a first target, capturing one or more images at a second target, capturing one or more images at a third target, capturing one or more images at a fourth target, and calibrating a multi-camera system based on the captured images.