Abstract: A semiconductor device includes: a substrate; a first buried insulation layer disposed on the substrate; a first well which is disposed on the first buried insulation layer in a first region defined by a first element separation film, and includes a first portion extending along an upper surface of the first buried insulation layer, and a second portion extending from the first portion in a direction from the substrate toward the first buried insulation layer; a second buried insulation layer disposed on the first portion of the first well; a first semiconductor film disposed on the second buried insulation layer; a first transistor on the first semiconductor film; and a second element separation film which separates the second buried insulation layer and the first semiconductor film from the second portion of the first well, on the first portion of the first well, wherein an upper surface of the second portion of the first well is placed on the same plane as an upper surface of the first element separation f

Abstract: A method for processing a cryptographic operation request includes receiving, at a hardware security module (HSM), the cryptographic operation request including a cryptographic key and at least one authorization token, determining, by the HSM, whether an access control list (ACL) associated with the cryptographic key of the cryptographic operation request is authorized to govern access to the cryptographic key, and validating, by the HSM, the at least one authorization token. When the at least one authorization token is valid and the ACL is authorized to govern access to the cryptographic key of the cryptographic operation request, the method includes processing, by the HSM, the cryptographic operation request.

Abstract: A method for processing a cryptographic operation request includes receiving, at a hardware security module (HSM), the cryptographic operation request including a cryptographic key and at least one authorization token, determining, by the HSM, whether an access control list (ACL) associated with the cryptographic key of the cryptographic operation request is authorized to govern access to the cryptographic key, and validating, by the HSM, the at least one authorization token. When the at least one authorization token is valid and the ACL is authorized to govern access to the cryptographic key of the cryptographic operation request, the method includes processing, by the HSM, the cryptographic operation request.

Abstract: A method for integrating third-party encryption managers with cloud services includes receiving, at data processing hardware, an operation request requesting a cryptographic operation on data comprising an encryption operation or a decryption operation. When the operation is an encryption operation, the method includes transmitting a data encryption key associated with the data to a remote entity. The remote entity encrypts the data encryption key with a key encryption key and transmits the encrypted data encryption key to the data processing hardware. When the operation is a decryption operation, the method includes transmitting the encrypted data encryption key to the remote entity which causes the remote entity to decrypt the encrypted data encryption key with the key encryption key and transmit the decrypted data encryption key and transmit to the data processing hardware.

Abstract: A method for processing a cryptographic operation request includes receiving, at a hardware security module (HSM), the cryptographic operation request including a cryptographic key and at least one authorization token, determining, by the HSM, whether an access control list (ACL) associated with the cryptographic key of the cryptographic operation request is authorized to govern access to the cryptographic key, and validating, by the HSM, the at least one authorization token. When the at least one authorization token is valid and the ACL is authorized to govern access to the cryptographic key of the cryptographic operation request, the method includes processing, by the HSM, the cryptographic operation request.

Abstract: A method for integrating third-party encryption managers with cloud services includes receiving, at data processing hardware, an operation request requesting a cryptographic operation on data comprising an encryption operation or a decryption operation. When the operation is an encryption operation, the method includes transmitting a data encryption key associated with the data to a remote entity. The remote entity encrypts the data encryption key with a key encryption key and transmits the encrypted data encryption key to the data processing hardware. When the operation is a decryption operation, the method includes transmitting the encrypted data encryption key to the remote entity which causes the remote entity to decrypt the encrypted data encryption key with the key encryption key and transmit the decrypted data encryption key and transmit to the data processing hardware.

Abstract: A method for processing a cryptographic operation request includes receiving, at a hardware security module (HSM), the cryptographic operation request including a cryptographic key and at least one authorization token, determining, by the HSM, whether an access control list (ACL) associated with the cryptographic key of the cryptographic operation request is authorized to govern access to the cryptographic key, and validating, by the HSM, the at least one authorization token. When the at least one authorization token is valid and the ACL is authorized to govern access to the cryptographic key of the cryptographic operation request, the method includes processing, by the HSM, the cryptographic operation request.

Abstract: Systems and methodologies that enhance a Tabular Data Stream (TDS) protocol by enabling efficient transmission of a row(s) with null columns(s). An identification component employs a bit map that can be positioned at beginning of a row, to indicate to the receiving side (e.g., a client) columns that are to be sent. Accordingly, by distinguishing columns that are null from columns that are not null—followed by sending columns that are not null—transmission resources can be effectively employed.

Abstract: Systems and methods are provided, wherein the method includes retrieving and/or storing one or more data types representative of a selected date and/or time value from a server to a client in a server/client SQL environment using a selected wire format. Another aspect provides apparatus including a SQL server, a SQL client operationally coupled to the server, and means to transmit the selected time/date data types between the server and the client according to a selected wire format. In an illustrative implementation, the wire format translates the date/time data into a binary format.

Abstract: Systems and methodologies that enhance a Tabular Data Stream (TDS) protocol by enabling efficient transmission of a row(s) with null columns(s). An identification component employs a bit map that can be positioned at beginning of a row, to indicate to the receiving side (e.g., a client) columns that are to be sent. Accordingly, by distinguishing columns that are null from columns that are not null—followed by sending columns that are not null—transmission resources can be effectively employed.

Abstract: Systems and methodologies that enhance a Tabular Data Stream (TDS) protocol by enabling clients to send tabular formed data as a single parameter to servers. A Table Valued Parameter (TVP) transporting component enables the client servers to transmit entire database tables as a single parameter; when invoking a server side procedure, for example. As such, values can be passed for functions associated with a stored procedure, and a parameter styled Application Program Interface (API) can be implemented.