Abstract: System and method for managing migration of trusted execution environments (TEEs) based on migration policies utilizes a source migration agent in the source host computer and a destination migration agent in a destination host computer to migrate a source TEE in the source host computer to the destination host computer. A migration policy data of the source TEE is first transmitted to the destination migration agent from the source migration agent to determine whether the destination host computer satisfies migration policies specified in the migration policy data. In response to a determination that the destination host computer satisfies the migration policies specified in the migration policy data, a destination TEE is created in the destination host computer and memory pages of the source TEE are transmitted to the destination TEE. The memory pages are then restored at the destination TEE for execution.

Abstract: This disclosure relates generally to configuring a legacy application or service with a reconfigurable cryptographic provider capable of leveraging many different cryptographic algorithms, protocols or functions. The application or service can be configured with the reconfigurable cryptographic provider by redirecting cryptographic API calls intended for a linked static shared cryptographic library or provider to a cryptographic adapter configured to emulate responses provided by the linked static shared cryptographic library. A cryptographic adapter is also described and is configured to generate abstracted versions of the cryptographic API calls and pass them on to the reconfigurable cryptographic provider, which selects and implements an appropriate cipher solution based on the abstracted cryptographic API calls.

Abstract: This disclosure relates generally to configuring an application or service with reconfigurable cryptographic features taking the form of cryptographic algorithms, protocols or functions. The application or service can be configured with a cryptographic provider configured to receive abstracted cryptographic API calls and retrieve specific cryptographic features based on established cryptographic policies. This configuration allows for rapid updates to the cryptographic framework and for the cryptographic framework to be managed remotely in enterprise environments.

Abstract: This relates generally to protecting adjustable cipher solutions using trusted execution mechanisms. An example method includes, at one or more electronic devices, receiving a request for configuring a cipher solution for one or more cryptographic operations, retrieving one or more cryptographic policies from a first module protected by a secure enclave within a trusted execution environment, accessing one or more libraries in accordance with the one or more cryptographic policies, attesting the one or more libraries by verifying attestation data associated with the one or more libraries within a second module protected by the secure enclave of the trusted execution environment, and configuring the cipher solution for the electronic device based on attesting the one or more libraries.

Abstract: This relates generally to configuring and automatically selecting a cipher solution for secure communication. An example method includes, at an electronic device, receiving a request initiated by a requestor for one or more cryptographic operations, determining contextual information associated with the requestor, selecting a cipher solution for processing the request based on the contextual information and a policy engine, and processing the request for the one or more cryptographic operations by executing one or more cryptographic algorithms in accordance with the selected cipher solution.

Abstract: System and method for managing migration of trusted execution environments (TEEs) based on migration policies utilizes a source migration agent in the source host computer and a destination migration agent in a destination host computer to migrate a source TEE in the source host computer to the destination host computer. A migration policy data of the source TEE is first transmitted to the destination migration agent from the source migration agent to determine whether the destination host computer satisfies migration policies specified in the migration policy data. In response to a determination that the destination host computer satisfies the migration policies specified in the migration policy data, a destination TEE is created in the destination host computer and memory pages of the source TEE are transmitted to the destination TEE. The memory pages are then restored at the destination TEE for execution.

Abstract: Generally discussed herein are systems, devices, and methods for managing content of an information centric network (ICN). A component of an ICN can include a memory including an extended content store that includes content from at least one other component of the ICN, and first attributes of the content, the first attributes including a content popularity value that indicates a number of requests for the content, and processing circuitry to increment the content popularity value in response to a transmission of a first content packet that includes the content, the first content packet transmitted in response to receiving an interest packet.

Abstract: Generally discussed herein are systems, devices, and methods for managing content of an information centric network (ICN). A component of an ICN can include a memory including an extended content store that includes content from at least one other component of the ICN, and first attributes of the content, the first attributes including a content popularity value that indicates a number of requests for the content, and processing circuitry to increment the content popularity value in response to a transmission of a first content packet that includes the content, the first content packet transmitted in response to receiving an interest packet.

Abstract: Generally discussed herein are systems, devices, and methods for managing content of an information centric network (ICN). A component of an ICN can include a memory including an extended content store that includes content from at least one other component of the ICN, and first attributes of the content, the first attributes including a content popularity value that indicates a number of requests for the content, and processing circuitry to increment the content popularity value in response to a transmission of a first content packet that includes the content, the first content packet transmitted in response to receiving an interest packet.

Abstract: System and techniques for radio spectrum sharing are described herein. A free radio spectrum block may be identified. An identification packet of the free radio spectrum block may be published. Here, the identification packet may include at least one of available spectrum, time, or area corresponding to the free radio spectrum block. An acknowledgement to the identification packet may be received. A provider of the free radio spectrum block may then be caused to cease radio communication on the available spectrum for the time and area specified in the identification packet.

Abstract: System and techniques for radio spectrum sharing are described herein. A free radio spectrum block may be identified. An identification packet of the free radio spectrum block may be published. Here, the identification packet may include at least one of available spectrum, time, or area corresponding to the free radio spectrum block. An acknowledgement to the identification packet may be received. A provider of the free radio spectrum block may then be caused to cease radio communication on the available spectrum for the time and area specified in the identification packet.

Abstract: Generally discussed herein are systems, devices, and methods for managing content of an information centric network (ICN). A component of an ICN can include a memory including an extended content store that includes content from at least one other component of the ICN, and first attributes of the content, the first attributes including a content popularity value that indicates a number of requests for the content, and processing circuitry to increment the content popularity value in response to a transmission of a first content packet that includes the content, the first content packet transmitted in response to receiving an interest packet.