Abstract: Techniques described herein leverage a trusted entity within a domain to enable devices to establish trust with one another so they can securely discover each other and connect to one another. In various examples discussed herein, a device is configured to provide trust information to, and/or receive trust information from, the trusted entity. The trust information may include, for example, a public key of an encryption key pair, a certificate signed by the trusted entity proving authenticity, and/or a hash function and a hash seed used to compute a series of results that form a hash chain. The device may use the trust information to discover another device and to connect to the other device securely and automatically (e.g., with no user involvement or limited user involvement). Moreover, the device may use the trust information to dynamically change a MAC address being used to communicate with the other device.

Abstract: Techniques described herein leverage a trusted entity within a domain to enable devices to establish trust with one another so they can securely discover each other and connect to one another. In various examples discussed herein, a device is configured to provide trust information to, and/or receive trust information from, the trusted entity. The trust information may include, for example, a public key of an encryption key pair, a certificate signed by the trusted entity proving authenticity, and/or a hash function and a hash seed used to compute a series of results that form a hash chain. The device may use the trust information to discover another device and to connect to the other device securely and automatically (e.g., with no user involvement or limited user involvement). Moreover, the device may use the trust information to dynamically change a MAC address being used to communicate with the other device.

Abstract: Techniques described herein leverage a trusted entity within a domain to enable devices to establish trust with one another so they can securely discover each other and connect to one another. In various examples discussed herein, a device is configured to provide trust information to, and/or receive trust information from, the trusted entity. The trust information may include, for example, a public key of an encryption key pair, a certificate signed by the trusted entity proving authenticity, and/or a hash function and a hash seed used to compute a series of results that form a hash chain. The device may use the trust information to discover another device and to connect to the other device securely and automatically (e.g., with no user involvement or limited user involvement). Moreover, the device may use the trust information to dynamically change a MAC address being used to communicate with the other device.

Abstract: Presence based content access control techniques are described in which presence of users is used as a basis for enforcing content restrictions. In an implementation, applications are registered to receive feedback regarding users' presence in relation to a presentation of content via a computing device. The presence of users is recognized independently of authentication of the users to access user accounts. For example, an imaging sensor such as camera may be employed for recognition of multiple users engaged with the computing device. In addition or alternatively, presence devices associated with users such as badges, key fobs, or access cards may be detected to ascertain the presence of users. Feedback indicative of the one or more users that are recognized may then be supplied to the registered applications. The feedback enables the applications to control the presentation of content by enforcing content restrictions and/or taking other presence based actions.

Abstract: Techniques described herein leverage a trusted entity within a domain to enable devices to establish trust with one another so they can securely discover each other and connect to one another. In various examples discussed herein, a device is configured to provide trust information to, and/or receive trust information from, the trusted entity. The trust information may include, for example, a public key of an encryption key pair, a certificate signed by the trusted entity proving authenticity, and/or a hash function and a hash seed used to compute a series of results that form a hash chain. The device may use the trust information to discover another device and to connect to the other device securely and automatically (e.g., with no user involvement or limited user involvement). Moreover, the device may use the trust information to dynamically change a MAC address being used to communicate with the other device.

Abstract: Presence based content access control techniques are described in which presence of users is used as a basis for enforcing content restrictions. In an implementation, applications are registered to receive feedback regarding users' presence in relation to a presentation of content via a computing device. The presence of users is recognized independently of authentication of the users to access user accounts. For example, an imaging sensor such as camera may be employed for recognition of multiple users engaged with the computing device. In addition or alternatively, presence devices associated with users such as badges, key fobs, or access cards may be detected to ascertain the presence of users. Feedback indicative of the one or more users that are recognized may then be supplied to the registered applications. The feedback enables the applications to control the presentation of content by enforcing content restrictions and/or taking other presence based actions.

Abstract: Presence based content access control techniques are described in which presence of users is used as a basis for enforcing content restrictions. In an implementation, applications are registered to receive feedback regarding users' presence in relation to a presentation of content via a computing device. The presence of users is recognized independently of authentication of the users to access user accounts. For example, an imaging sensor such as camera may be employed for recognition of multiple users engaged with the computing device. In addition or alternatively, presence devices associated with users such as badges, key fobs, or access cards may be detected to ascertain the presence of users. Feedback indicative of the one or more users that are recognized may then be supplied to the registered applications. The feedback enables the applications to control the presentation of content by enforcing content restrictions and/or taking other presence based actions.

Abstract: Techniques for providing security policy for device data are described. In implementations, data on a device is stored in an encrypted form. To protect the encrypted data from being decrypted by an unauthorized entity, techniques enable a decryption key to be occluded if an attempt to gain unauthorized access to device data is detected. In implementations, a decryption key can be occluded in a variety of ways, such as by deleting the decryption key, overwriting the encryption key in memory, encrypting the encryption key, and so on. Embodiments enable an occluded decryption key to be recovered via a recovery experience. For example, a recovery experience can include an authentication procedure that requests a recovery password. If a correct recovery password is provided, the occluded decryption key can be provided.

Abstract: Techniques described herein leverage a trusted entity within a domain to enable devices to establish trust with one another so they can securely discover each other and connect to one another. In various examples discussed herein, a device is configured to provide trust information to, and/or receive trust information from, the trusted entity. The trust information may include, for example, a public key of an encryption key pair, a certificate signed by the trusted entity proving authenticity, and/or a hash function and a hash seed used to compute a series of results that form a hash chain. The device may use the trust information to discover another device and to connect to the other device securely and automatically (e.g., with no user involvement or limited user involvement). Moreover, the device may use the trust information to dynamically change a MAC address being used to communicate with the other device.

Abstract: Techniques described herein leverage a trusted entity within a domain to enable devices to establish trust with one another so they can securely discover each other and connect to one another. In various examples discussed herein, a device is configured to provide trust information to, and/or receive trust information from, the trusted entity. The trust information may include, for example, a public key of an encryption key pair, a certificate signed by the trusted entity proving authenticity, and/or a hash function and a hash seed used to compute a series of results that form a hash chain. The device may use the trust information to discover another device and to connect to the other device securely and automatically (e.g., with no user involvement or limited user involvement). Moreover, the device may use the trust information to dynamically change a MAC address being used to communicate with the other device.

Abstract: Presence based content access control techniques are described in which presence of users is used as a basis for enforcing content restrictions. In an implementation, applications are registered to receive feedback regarding users' presence in relation to a presentation of content via a computing device. The presence of users is recognized independently of authentication of the users to access user accounts. For example, an imaging sensor such as camera may be employed for recognition of multiple users engaged with the computing device. In addition or alternatively, presence devices associated with users such as badges, key fobs, or access cards may be detected to ascertain the presence of users. Feedback indicative of the one or more users that are recognized may then be supplied to the registered applications. The feedback enables the applications to control the presentation of content by enforcing content restrictions and/or taking other presence based actions.

Abstract: Techniques described herein leverage a trusted entity within a domain to enable devices to establish trust with one another so they can securely discover each other and connect to one another. In various examples discussed herein, a device is configured to provide trust information to, and/or receive trust information from, the trusted entity. The trust information may include, for example, a public key of an encryption key pair, a certificate signed by the trusted entity proving authenticity, and/or a hash function and a hash seed used to compute a series of results that form a hash chain. The device may use the trust information to discover another device and to connect to the other device securely and automatically (e.g., with no user involvement or limited user involvement). Moreover, the device may use the trust information to dynamically change a MAC address being used to communicate with the other device.

Abstract: Presence based content access control techniques are described in which presence of users is used as a basis for enforcing content restrictions. In an implementation, applications are registered to receive feedback regarding users' presence in relation to a presentation of content via a computing device. The presence of users is recognized independently of authentication of the users to access user accounts. For example, an imaging sensor such as camera may be employed for recognition of multiple users engaged with the computing device. In addition or alternatively, presence devices associated with users such as badges, key fobs, or access cards may be detected to ascertain the presence of users. Feedback indicative of the one or more users that are recognized may then be supplied to the registered applications. The feedback enables the applications to control the presentation of content by enforcing content restrictions and/or taking other presence based actions.

Abstract: Techniques for providing security policy for device data are described. In implementations, data on a device is stored in an encrypted form. To protect the encrypted data from being decrypted by an unauthorized entity, techniques enable a decryption key to be occluded if an attempt to gain unauthorized access to device data is detected. In implementations, a decryption key can be occluded in a variety of ways, such as by deleting the decryption key, overwriting the encryption key in memory, encrypting the encryption key, and so on. Embodiments enable an occluded decryption key to be recovered via a recovery experience. For example, a recovery experience can include an authentication procedure that requests a recovery password. If a correct recovery password is provided, the occluded decryption key can be provided.

Abstract: Techniques described herein leverage a trusted entity within a domain to enable devices to establish trust with one another so they can securely discover each other and connect to one another. In various examples discussed herein, a device is configured to provide trust information to, and/or receive trust information from, the trusted entity. The trust information may include, for example, a public key of an encryption key pair, a certificate signed by the trusted entity proving authenticity, and/or a hash function and a hash seed used to compute a series of results that form a hash chain. The device may use the trust information to discover another device and to connect to the other device securely and automatically (e.g., with no user involvement or limited user involvement). Moreover, the device may use the trust information to dynamically change a MAC address being used to communicate with the other device.

Abstract: Presence based content access control techniques are described in which presence of users is used as a basis for enforcing content restrictions. In an implementation, applications are registered to receive feedback regarding users' presence in relation to a presentation of content via a computing device. The presence of users is recognized independently of authentication of the users to access user accounts. For example, an imaging sensor such as camera may be employed for recognition of multiple users engaged with the computing device. In addition or alternatively, presence devices associated with users such as badges, key fobs, or access cards may be detected to ascertain the presence of users. Feedback indicative of the one or more users that are recognized may then be supplied to the registered applications. The feedback enables the applications to control the presentation of content by enforcing content restrictions and/or taking other presence based actions.

Abstract: Techniques for providing security policy for device data are described. In implementations, data on a device is stored in an encrypted form. To protect the encrypted data from being decrypted by an unauthorized entity, techniques enable a decryption key to be occluded if an attempt to gain unauthorized access to device data is detected. In implementations, a decryption key can be occluded in a variety of ways, such as by deleting the decryption key, overwriting the encryption key in memory, encrypting the encryption key, and so on. Embodiments enable an occluded decryption key to be recovered via a recovery experience. For example, a recovery experience can include an authentication procedure that requests a recovery password. If a correct recovery password is provided, the occluded decryption key can be provided.

Abstract: Techniques for providing security policy for device data are described. In implementations, data on a device is stored in an encrypted form. To protect the encrypted data from being decrypted by an unauthorized entity, techniques enable a decryption key to be occluded if an attempt to gain unauthorized access to device data is detected. In implementations, a decryption key can be occluded in a variety of ways, such as by deleting the decryption key, overwriting the encryption key in memory, encrypting the encryption key, and so on. Embodiments enable an occluded decryption key to be recovered via a recovery experience. For example, a recovery experience can include an authentication procedure that requests a recovery password. If a correct recovery password is provided, the occluded decryption key can be provided.

Abstract: Systems management navigation and focus collection is described. In one implementation computing-based managed items which are part of a systems management environment are navigated to locate one or more computing-based managed items. In another implementation, the computing-based managed items are indexed, and then searched to locate one or more of the computing-based managed items from among the computing-based managed items which have been indexed. The searching can be based on one or more search requests. Each of the one or more computing-based managed items located by the navigating and/or the searching is identified by a respective unique identifier, and selected ones of the unique identifiers can be collected in a focus collection where they are at least temporarily maintained for a user.

Abstract: Systems management navigation and focus collection is described. In one implementation computing-based managed items which are part of a systems management environment are navigated to locate one or more computing-based managed items. In another implementation, the computing-based managed items are indexed, and then searched to locate one or more of the computing-based managed items from among the computing-based managed items which have been indexed. The searching can be based on one or more search requests. Each of the one or more computing-based managed items located by the navigating and/or the searching is identified by a respective unique identifier, and selected ones of the unique identifiers can be collected in a focus collection where they are at least temporarily maintained for a user.