Abstract: Embodiments are directed to the providing a cloud keying and signing service and to securing software package distribution on the cloud. In an embodiment, a computer system instantiates a signing service configured to sign software packages. The computer system receives a signing request from a computer user requesting that a selected software package be signed. The signing request includes a computed hash of the selected software package. The computer system generates a private and public key pair on behalf of the computer user and stores the private key of the generated key pair in a secure data store.

Abstract: Sending installation information. A method may be performed, for example, in a network computing environment including one or more servers connected to one or more clients. The method includes signing a package including installation information. A hash of the package is created. A metadata data set is created. The metadata data set includes a description of the package, an identification for the package, applicability rules describing intended recipients of the installation information, the hash of the package, and installation instructions for the package. The metadata data set is sent to a target group of systems in the network computing environment.

Abstract: An electronic device may be reported as potentially compromised (e.g., by a user or by the electronic device itself). An instruction to initiate remediation of the electronic device may be queued. Upon reaching the end of the queue, the instruction is transmitted to the electronic device to initiate remediation of the electronic device. The instruction is received by the electronic device. The remediation policy is performed, which may include performing operations such as deleting an encryption key, deleting data, disabling a login capability, disabling a boot up functionality, disabling a function associated with the electronic device, transmitting data from the electronic device, transmitting a message from the electronic device, or generating information that indicates of a user of the electronic device.

Abstract: Embodiments are directed to the providing a cloud keying and signing service and to securing software package distribution on the cloud. In an embodiment, a computer system instantiates a signing service configured to sign software packages. The computer system receives a signing request from a computer user requesting that a selected software package be signed. The signing request includes a computed hash of the selected software package. The computer system generates a private and public key pair on behalf of the computer user and stores the private key of the generated key pair in a secure data store.

Abstract: Embodiments are directed to the providing a cloud keying and signing service and to securing software package distribution on the cloud. In an embodiment, a computer system instantiates a signing service configured to sign software packages. The computer system receives a signing request from a computer user requesting that a selected software package be signed. The signing request includes a computed hash of the selected software package. The computer system generates a private and public key pair on behalf of the computer user and stores the private key of the generated key pair in a secure data store.

Abstract: Embodiments are directed to the providing a cloud keying and signing service and to securing software package distribution on the cloud. In an embodiment, a computer system instantiates a signing service configured to sign software packages. The computer system receives a signing request from a computer user requesting that a selected software package be signed. The signing request includes a computed hash of the selected software package. The computer system generates a private and public key pair on behalf of the computer user and stores the private key of the generated key pair in a secure data store.

Abstract: A regulation service can deliver software packages to client computer systems while minimizing the overall effect on network (internet or LAN) traffic and/or server loads. In one implementation, the regulation service assigns acceptance rates to different software packages based on any number of different factors. Upon request for a software package, the regulation service can provide the acceptance rate and a refresh rate that differs for each software package. A client computer system can then calculate an access value, and if the access value is within an acceptance rate, the client computer system can access (e.g., download) a corresponding software package. If the access value is outside of the acceptance rate, the client computer system can refresh its requests until it identifies that the acceptance rate has changed, and the calculated value is within the new acceptance rate. Additional implementations include delivering bandwidth management policies to client computer systems.

Abstract: Described is a technology by which encrypted content is pre-distributed to recipients during a pre-distribution timeframe, for example to distribute protected content to many clients in a controlled manner. At a release moment, a key for decrypting the encrypted content is released. For example, a software update may be pre-distributed in this manner, whereby many clients may receive the updates over time but the update cannot be analyzed for hacking purposes, e.g., to use the update to figure out a prior vulnerability. By rapidly and widely disseminating the key at the release moment, the update is installed on a large percentage of client systems before those systems can be exploited. The content may be allowed to expire before the key is released, or may be canceled or replaced. The content may include a complete file, and/or a delta file that changes another file into a resultant piece of content.

Abstract: Location-aware methods and systems are described. In one embodiment, a portable computing device determines its location by accessing one or more hierarchical tree structures each of which comprising multiple nodes that represent physical or logical locations, and traversing at least one node on the one or more hierarchical tree structures to ascertain the location. The device then acquires digital data associated with the determined location and that can permit the device to interact with a location environment. The device then enables interaction with the location environment based, at least in part, on the acquired digital data.

Abstract: Location-aware methods and systems are described. In one embodiment, a portable computing device determines its location by accessing one or more hierarchical tree structures each of which comprising multiple nodes that represent physical or logical locations, and traversing at least one node on the one or more hierarchical tree structures to ascertain the location. The device then acquires digital data associated with the determined location and that can permit the device to interact with a location environment. The device then enables interaction with the location environment based, at least in part, on the acquired digital data.

Abstract: Context-aware systems and methods, location-aware systems and methods, context-aware vehicles and methods of operating the same, and location-aware vehicles and methods of operating the same are described. In various embodiments, a context or location service module, implemented in software, determines a vehicle context or a vehicle location based upon information that it receives from various context providers or location providers respectively. Software executing on a vehicle's computer can then cause one or more applications that are associated with a vehicle computer to be modified in a manner that changes their behavior. The behavior modification is based on the current context or location of the vehicle and thus provides a context-specific or location-specific user experience. The context or location can be ascertained through the use of one or more hierarchical tree structures that comprises individual nodes. Each node is associated with a context or location.

Abstract: An electronic device may be reported as potentially compromised (e.g., by a user or by the electronic device itself). An instruction to initiate remediation of the electronic device may be queued. Upon reaching the end of the queue, the instruction is transmitted to the electronic device to initiate remediation of the electronic device. The instruction is received by the electronic device. The remediation policy is performed, which may include performing operations such as deleting an encryption key, deleting data, disabling a login capability, disabling a boot up functionality, disabling a function associated with the electronic device, transmitting data from the electronic device, transmitting a message from the electronic device, or generating information that indicates of a user of the electronic device.

Abstract: Context-aware systems and methods, location-aware systems and methods, context-aware vehicles and methods of operating the same, and location-aware vehicles and methods of operating the same are described. In various embodiments, a context or location service module, implemented in software, determines a vehicle context or a vehicle location based upon information that it receives from various context providers or location providers respectively. Software executing on a vehicle's computer can then cause one or more applications that are associated with a vehicle computer to be modified in a manner that changes their behavior. The behavior modification is based on the current context or location of the vehicle and thus provides a context-specific or location-specific user experience. The context or location can be ascertained through the use of one or more hierarchical tree structures that comprises individual nodes. Each node is associated with a context or location.

Abstract: Context-aware computing systems and methods are described. In particular embodiments, location aware systems and methods are described. In the described embodiments, hierarchical tree structures are utilized to ascertain a device context or location. The tree structures can be stored on or accessible to mobile computing devices so that the devices can determine their own particular context or location. A computing device can automatically determine its context or location by ascertaining a node on one or more of the tree structures and then traversing the tree structure to ascertain the complete context.

Abstract: Context-aware computing systems and methods are described. In particular embodiments, location aware systems and methods are described. In the described embodiments, hierarchical tree structures are utilized to ascertain a device context or location. The tree structures can be stored on or accessible to mobile or stationary computing devices so that the devices can determine their own particular context or location. In one embodiment, one of the tree structures comprises a Master World tree structure that contains nodes that represent geographical divisions of the Earth. Another of the tree structures can comprise a so-called Secondary World that contains nodes that represent physical or logical entities that are organization or company specific views of the world. A computing device can automatically determine its context or location by ascertaining a node on one or more of the tree structures and then traversing the tree structure to ascertain the complete context.

Abstract: In a domain containing one of many computing devices, the computing device transmits a query and receives back a response from one or more neighbor-casting groups in the domain each including one or more of the computing devices. Predetermined criteria are applied by the computing device to select one of the groups to which it is joined as a group member. The predetermined criteria can be the number of computing devices in the selected group, a length of time between the query and the response from the selected group, or a combination of thereof. When the selected group has few computing devices, the computing device can send a query and receive back a response from one or more groups. By applying criteria similar to the predetermined criteria, the computing device can select one other group, remove itself from its current group, and join the other selected group.

Abstract: In various embodiments, a context or location service module, implemented in software, determines a vehicle context or a vehicle location based upon information that it receives from various context providers or location providers respectively. Software executing on a vehicle's computer can then cause one or more applications that are associated with a vehicle computer to be modified in a manner that changes their behavior.

Abstract: Described is a technology by which encrypted content is pre-distributed to recipients during a pre-distribution timeframe, for example to distribute protected content to many clients in a controlled manner. At a release moment, a key for decrypting the encrypted content is released. For example, a software update may be pre-distributed in this manner, whereby many clients may receive the updates over time but the update cannot be analyzed for hacking purposes, e.g., to use the update to figure out a prior vulnerability. By rapidly and widely disseminating the key at the release moment, the update is installed on a large percentage of client systems before those systems can be exploited. The content may be allowed to expire before the key is released, or may be canceled or replaced. The content may include a complete file, and/or a delta file that changes another file into a resultant piece of content.

Abstract: A method is provided for transferring a set of data over a network by monitoring the level of actual network bandwidth utilization. The method identifies a maximum monitored level of actual utilization and calculates a size for data blocks to be transferred as a function of the maximum monitored level of utilization. The data blocks represent a segment of a set of data, such as a software update that may be transferred or downloaded over the network without interfering with other network activity.

Abstract: Context-aware systems and methods, location-aware systems and methods, context-aware vehicles and methods of operating the same, and location-aware vehicles and methods of operating the same are described. In various embodiments, a context or location service module, implemented in software, determines a vehicle context or a vehicle location based upon information that it receives from various context providers or location providers respectively. Software executing on a vehicle's computer can then cause one or more applications that are associated with a vehicle computer to be modified in a manner that changes their behavior. The behavior modification is based on the current context or location of the vehicle and thus provides a context-specific or location-specific user experience. The context or location can be ascertained through the use of one or more hierarchical tree structures that comprises individual nodes. Each node is associated with a context or location.