Abstract: A computing device, such as a personal computing device (e.g., laptop, smartphone, etc.) or server, is configured to utilize environmental factors in generating public/private key pairs to access restricted data or operations. The environmental factors can include location, time, barometric pressure, acceleration, temperature, humidity, and the like. An initial key pair may be used to encrypt data and enable other conventional security features. A key pair can be subsequently generated based on the same environmental factors as with the initial key pair generation and used to access the data or operations which have been restricted using the initial key pair.

Abstract: A ray is cast into a volume described by a volumetric data structure, which describes the volume at a plurality of levels of detail. A first entry in the volumetric data structure includes a first set of bits representing voxels at a lowest one of the plurality of levels of detail, and values of the first set of bits indicate whether a corresponding one of the voxels is at least partially occupied by respective geometry. A set of second entries in the volumetric data structure describe voxels at a second level of detail, which represent subvolumes of the voxels at the first lowest level of detail. The ray is determined to pass through a particular subset of the voxels at the first level of detail and at least a particular one of the particular subset of voxels is determined to be occupied by geometry.

Abstract: This disclosure describes systems and techniques receiving a request for information from a user and, in response, outputting the requested information along with unsolicited, interesting content that is related to, yet nonresponsive to, the requested information. In some instances, if the requested information is unknown, the techniques may output an indication that the information is unknown, followed by the additional, unsolicited, interesting content.

Abstract: A brownfield security gateway is configured to support a trusted execution environment (TEE) that employs cryptographic and physical security—which forms a trusted cyber physical system—to protect sensitive transmissions on route to a controllable device. The gateway may be implemented with a System on Chip (SoC) that utilizes an application layer gateway to filter content within a transmission. When the application layer gateway authorizes the transmission, the transmission is forwarded to a trusted peripheral device that is configured with communication transport protocols, and the trusted peripheral device transfers the transmission to the controllable device. The trusted peripheral device and the controllable device are physically protected by, for example, protected distribution systems. Accordingly, the trusted peripheral device functions as a gateway between the SoC and the controllable device.

Abstract: This disclosure describes systems and techniques receiving a request for information from a user and, in response, outputting the requested information along with unsolicited, interesting content that is related to, yet nonresponsive to, the requested information. In some instances, if the requested information is unknown, the techniques may output an indication that the information is unknown, followed by the additional, unsolicited, interesting content.

Abstract: A brownfield security gateway is configured to support a trusted execution environment (TEE) that employs cryptographic and physical security—which forms a trusted cyber physical system—to protect sensitive transmissions on route to a controllable device. The gateway may be implemented with a System on Chip (SoC) that utilizes an application layer gateway to filter content within a transmission. When the application layer gateway authorizes the transmission, the transmission is forwarded to a trusted peripheral device that is configured with communication transport protocols, and the trusted peripheral device transfers the transmission to the controllable device. The trusted peripheral device and the controllable device are physically protected by, for example, protected distribution systems. Accordingly, the trusted peripheral device functions as a gateway between the SoC and the controllable device.

Abstract: This disclosure describes systems and techniques receiving a request for information from a user and, in response, outputting the requested information along with unsolicited, interesting content that is related to, yet nonresponsive to, the requested information. In some instances, if the requested information is unknown, the techniques may output an indication that the information is unknown, followed by the additional, unsolicited, interesting content.

Abstract: A computer system 100 that allows a storage facility 500 to be shared by multiple different users of an Infrastructure as a Services (IaaS) system while maintaining security separation between the users is provided. A controller 150 configured for use in the computer system and a corresponding method and computer program are also provided. The computer system 100 comprises a logic block 101 that comprises one or more processing units that execute instructions, the logic block 101 configured to issue requests to read from and write to storage over a first interface 102; and a controller 150 that is configured to implement a communications link to storage 500; implement a communications link 300 to a second computer system 200 and to receive information identifying a current user of the logic block 101 from the second computer system 200; and receive the requests to read from and write to storage from the logic block 101 over the first interface 102, and to complete the requests.

Abstract: A computing device, such as a personal computing device (e.g., laptop, smartphone, etc.) or server, is configured to utilize environmental factors in generating public/private key pairs to access restricted data or operations. The environmental factors can include location, time, barometric pressure, acceleration, temperature, humidity, and the like. An initial key pair may be used to encrypt data and enable other conventional security features. A key pair can be subsequently generated based on the same environmental factors as with the initial key pair generation and used to access the data or operations which have been restricted using the initial key pair.

Abstract: Before a composition is ingested into a runtime environment at a runtime device, the composition may be verified at an authoring trusted execution environment (TEE) operating on an authoring device. A user can operate an untrusted computing platform (e.g., a personal computer, laptop computer, tablet computer, etc.) to write code, generate data, or create some other composition. Since this composition is created on an untrusted device, the authoring TEE may output the composition on a trusted peripheral device to a user for review and approval. Responsive to receiving approval at the trusted peripheral device, the authoring TEE can sign the composition with a local key and forward the composition for execution by the runtime device. The signature can be utilized by the runtime device to prove that it was reviewed and verified by an authorized user operating the authoring device.

Abstract: A computing device, such as a personal computing device (e.g., laptop, smartphone, etc.) or server, is configured to utilize environmental factors in generating public/private key pairs to access restricted data or operations. The environmental factors can include location, time, barometric pressure, acceleration, temperature, humidity, and the like. An initial key pair may be used to encrypt data and enable other conventional security features. A key pair can be subsequently generated based on the same environmental factors as with the initial key pair generation and used to access the data or operations which have been restricted using the initial key pair.

Abstract: A secure terminal configured to support a trusted execution environment that utilizes policy enforcement to filter and authorize transmissions received from a host device and destined for a remote device. Upon receiving a transmission from the host device, the secure terminal verifies that the instruction, message, or request contained within the transmission satisfy parameters set by a policy. If the transmission satisfies the parameters, then the secure terminal signs the transmission with a key unique to the trusted platform module associated with the secure terminal and forwards the signed transmission to the remote device. If the transmission fails one or more parameters within the policy, a message that details the instruction or operation contained within the transmission is exposed to a user at an output device, in which the user can authorize or reject the transmission using an input device.

Abstract: A computer system 100 that allows a storage facility 500 to be shared by multiple different users of an Infrastructure as a Services (IaaS) system while maintaining security separation between the users is provided. A controller 150 configured for use in the computer system and a corresponding method and computer program are also provided. The computer system 100 comprises a logic block 101 that comprises one or more processing units that execute instructions, the logic block 101 configured to issue requests to read from and write to storage over a first interface 102; and a controller 150 that is configured to implement a communications link to storage 500; implement a communications link 300 to a second computer system 200 and to receive information identifying a current user of the logic block 101 from the second computer system 200; and receive the requests to read from and write to storage from the logic block 101 over the first interface 102, and to complete the requests.

Abstract: A mobile local computing device is configured to access memories or storage devices associated with a remote computing device using remote direct memory access (RDMA) over a wireless fifth generation (5G) network link that provides high bandwidth and low latency relative to previous wireless network protocols. The mobile local computing device utilizes a local compute context that is unique to the local environment and which may be facilitated by devices, components, or functionalities that are local to the mobile local computing device, but which are not available with the same context to the remote computing device. The 5G network link supports high bandwidth and low latency so that the mobile local computing device can access and utilize the remote data in large datasets in a similar manner to how it would for locally stored data, while still being able to leverage the local I/O and maintain its unique local compute context.

Abstract: A computing device, such as a personal computing device (e.g., laptop, smartphone, etc.) or server, is configured to utilize environmental factors in generating public/private key pairs to access restricted data or operations. The environmental factors can include location, time, barometric pressure, acceleration, temperature, humidity, and the like. An initial key pair may be used to encrypt data and enable other conventional security features. A key pair can be subsequently generated based on the same environmental factors as with the initial key pair generation and used to access the data or operations which have been restricted using the initial key pair.

Abstract: A mobile local computing device is configured to access memories or storage devices associated with a remote computing device using remote direct memory access (RDMA) over a wireless fifth generation (5G) network link that provides high bandwidth and low latency relative to previous wireless network protocols. The mobile local computing device utilizes a local compute context that is unique to the local environment and which may be facilitated by devices, components, or functionalities that are local to the mobile local computing device, but which are not available with the same context to the remote computing device. The 5G network link supports high bandwidth and low latency so that the mobile local computing device can access and utilize the remote data in large datasets in a similar manner to how it would for locally stored data, while still being able to leverage the local I/O and maintain its unique local compute context.

Abstract: Before a composition is ingested into a runtime environment at a runtime device, the composition may be verified at an authoring trusted execution environment (TEE) operating on an authoring device. A user can operate an untrusted computing platform (e.g., a personal computer, laptop computer, tablet computer, etc.) to write code, generate data, or create some other composition. Since this composition is created on an untrusted device, the authoring TEE may output the composition on a trusted peripheral device to a user for review and approval. Responsive to receiving approval at the trusted peripheral device, the authoring TEE can sign the composition with a local key and forward the composition for execution by the runtime device. The signature can be utilized by the runtime device to prove that it was reviewed and verified by an authorized user operating the authoring device.

Abstract: A secure terminal configured to support a trusted execution environment that utilizes policy enforcement to filter and authorize transmissions received from a host device and destined for a remote device. Upon receiving a transmission from the host device, the secure terminal verifies that the instruction, message, or request contained within the transmission satisfy parameters set by a policy. If the transmission satisfies the parameters, then the secure terminal signs the transmission with a key unique to the trusted platform module associated with the secure terminal and forwards the signed transmission to the remote device. If the transmission fails one or more parameters within the policy, a message that details the instruction or operation contained within the transmission is exposed to a user at an output device, in which the user can authorize or reject the transmission using an input device.

Abstract: A brownfield security gateway is configured to support a trusted execution environment (TEE) that employs cryptographic and physical security—which forms a trusted cyber physical system—to protect sensitive transmissions on route to a controllable device. The gateway may be implemented with a System on Chip (SoC) that utilizes an application layer gateway to filter content within a transmission. When the application layer gateway authorizes the transmission, the transmission is forwarded to a trusted peripheral device that is configured with communication transport protocols, and the trusted peripheral device transfers the transmission to the controllable device. The trusted peripheral device and the controllable device are physically protected by, for example, protected distribution systems. Accordingly, the trusted peripheral device functions as a gateway between the SoC and the controllable device.