Abstract: Embodiments include method, systems and computer program products for secure logging of host security module. In some embodiments, an event may be received. The event may include data to be written to a secure log file. A hash may be generated using data of the event. The hash may be stored in a first field of an event record associated with the event. The event record may be stored in the secure log file. The hash may be stored in a second field of a next event record in the secure log file.

Abstract: Embodiments include method, systems and computer program products for secure logging of host security module. In some embodiments, an event may be received. The event may include data to be written to a secure log file. A hash may be generated using data of the event. The hash may be stored in a first field of an event record associated with the event. The event record may be stored in the secure log file. The hash may be stored in a second field of a next event record in the secure log file.

Abstract: An aspect of cipher text translation includes a memory configured to store predetermined conditions for performing an encryption operation, and a processor communicatively coupled to the memory. The processor is configured to execute computer readable instructions. The computer readable instructions include determining through analysis of an inbound key and an outbound key of the encryption operation that the encryption operation includes a translation from a first class of encryption to a second class of encryption. The second class of encryption is determined to be weaker than the first class of encryption. The instructions also include applying the predetermined conditions to the input key and the output key and authorizing the translation via the processor, based on the applying, when aspects of the predetermined conditions are satisfied.

Abstract: An aspect of cipher text translation includes a memory configured to store predetermined conditions for performing an encryption operation, and a processor communicatively coupled to the memory. The processor is configured to execute computer readable instructions. The computer readable instructions include determining through analysis of an inbound key and an outbound key of the encryption operation that the encryption operation includes a translation from a first class of encryption to a second class of encryption. The second class of encryption is determined to be weaker than the first class of encryption. The instructions also include applying the predetermined conditions to the input key and the output key and authorizing the translation via the processor, based on the applying, when aspects of the predetermined conditions are satisfied.

Abstract: A computer system includes memory configured to store information regarding predetermined conditions of an encryption operation and a processor configured to analyze an inbound key and an outbound key of the encryption operation. The processor is also configured to determine that the encryption operation includes a translation from a first class of encryption to a second class of encryption based on the analyzing the inbound key and the outbound key, and to determine whether the translation is permitted based on the predetermined conditions.

Abstract: A computer system includes memory configured to store information regarding predetermined conditions of an encryption operation and a processor configured to analyze an inbound key and an outbound key of the encryption operation. The processor is also configured to determine that the encryption operation includes a translation from a first class of encryption to a second class of encryption based on the analyzing the inbound key and the outbound key, and to determine whether the translation is permitted based on the predetermined conditions.

Abstract: An embedded system post-linker optimization automation method can include connecting to a network file system, coordinating a first handshaking procedure to initiate an embedded application from the network file system, coordinating a second handshaking procedure to initiate a training phase of the embedded application and coordinating a third handshaking procedure to initiate generation of an optimized embedded application from the embedded application during an optimization phase.

Abstract: Providing concurrent embedded application updates comprising a first computer processor for executing a first embedded application, the executing generating a first plurality of processing threads, the first computer processor coupled to a first storage location and a second storage location. The first computer processor configured to accept and process instructions from a host system, receive one or more notifications indicating that a second embedded application has been successfully loaded into one of the first storage location and the second storage location, terminate execution of the first plurality of processing threads in response to receiving the one or more notifications, and execute the second embedded application while continuing to accept instructions from the host system and without restarting in response to receiving the one or more notifications.

Abstract: Providing concurrent embedded application updates comprising a first computer processor for executing a first embedded application, the executing generating a first plurality of processing threads, the first computer processor coupled to a first storage location and a second storage location. The first computer processor configured to accept and process instructions from a host system, receive one or more notifications indicating that a second embedded application has been successfully loaded into one of the first storage location and the second storage location, terminate execution of the first plurality of processing threads in response to receiving the one or more notifications, and execute the second embedded application while continuing to accept instructions from the host system and without restarting in response to receiving the one or more notifications.

Abstract: A method, article, and system for providing an effective implementation of a data structure comprising instructions that are cryptographically protected against alteration or misuse, wherein the instructions further comprise a trusted block that defines specific key management policies that are permitted when an application program employs the trusted block in application programming interface (API) functions to generate or export symmetric cryptographic keys. The trusted block has a number of fields containing rules that provide an ability to limit how the trusted block is used, thereby reducing the risk of the trusted block being employed in unintended ways or with unintended keys.

Abstract: A method, article, and system for providing an effective implementation of data structures, and application programming interface (API) functions that allow secure execution of functions behind a secure boundary. The controlling mechanism is a flexible, extendable, and non-forgeable block that details how values and parameters behind the secure boundary can be changed. The invention allows for one entity to execute a security function that will normally require extensive authorizations or dual or multiple control. The method and system comprise instructions that are cryptographically protected against alteration or misuse, wherein the instructions further comprise a trusted block that defines security policies that are permitted when an application program employs the trusted block in APIs. The trusted block has a number of fields containing rules that provide an ability to limit how the trusted block is used, thereby reducing the risk of the trusted block being employed in unintended ways.

Abstract: A method, article, and system for providing an effective implementation of a data structure comprising instructions that are cryptographically protected against alteration or misuse, wherein the instructions further comprise a trusted block that defines specific key management policies that are permitted when an application program employs the trusted block in application programming interface (API) functions to generate or export symmetric cryptographic keys. The trusted block has a number of fields containing rules that provide an ability to limit how the trusted block is used, thereby reducing the risk of the trusted block being employed in unintended ways or with unintended keys.

Abstract: A method, article, and system for providing an effective implementation of data structures, and application programming interface (API) functions that allow secure execution of functions behind a secure boundary. The controlling mechanism is a flexible, extendable, and non-forgeable block that details how values and parameters behind the secure boundary can be changed. The invention allows for one entity to execute a security function that will normally require extensive authorizations or dual or multiple control. The method and system comprise instructions that are cryptographically protected against alteration or misuse, wherein the instructions further comprise a trusted block that defines security policies that are permitted when an application program employs the trusted block in APIs. The trusted block has a number of fields containing rules that provide an ability to limit how the trusted block is used, thereby reducing the risk of the trusted block being employed in unintended ways.

Abstract: A method and apparatus for handling an interrupt from a real-time clock to increment a program clock in a computer system while compensating for missed interrupts due to contention on a system bus from a DMA controller or the like. In accordance with the invention, a count is stored representing a cumulative interval of time that has elapsed without a corresponding incrementing of the program clock. In response to an interrupt from the real-time clock, the processor transfers control to an interrupt handling routine, which determines the interval of time that has elapsed since the previous real-time clock interrupt and increments the cumulative interval of time by the actual interval of time that has elapsed since the previous real-time clock interrupt.

Abstract: A method and apparatus for handling an interrupt from a real-time clock to increment a program clock in a computer system while compensating for missed interrupts due to contention on a system bus from a DMA controller or the like. In accordance with the invention, a count is stored representing a cumulative interval of time that has elapsed without a corresponding incrementing of the program clock. In response to an interrupt from the real-time clock, the processor transfers control to an interrupt handling routine, which determines the interval of time that has elapsed since the previous real-time clock interrupt and increments the cumulative interval of time by the actual interval of time that has elapsed since the previous real-time clock interrupt.

Abstract: A two-frequency data signal, also known as a biphase or F/2 F signal, is accurately decoded by sampling the signal and digitizing the samples to provide a series of digital values representing the signal. An intelligent digital filter manipulates the digital values to decode the signal, by detecting the peaks in the sampled signal and decoding the signal by analyzing the location and amplitudes of the peaks. Only peaks which are outside a guard band may be detected. If the signal cannot be properly decoded with a wide guard band, the guard band may be repeatedly narrowed, until a minimum guard band is reached.Bits are identified by comparing the displacements between peaks to a bit cell width. An even number of displacements indicates a `0` bit, and an odd number of displacements indicates a `1` bit. After decoding, the bits are converted into bytes. Parity and longitudinal redundancy code checks are used to correct bad bits.During decoding, many indications of a degraded signal may be obtained.

Abstract: A two-frequency data signal, also known as a biphase or F/2F signal, is accurately decoded by sampling the signal and digitizing the samples to provide a series of digital values representing the signal. An intelligent digital filter manipulates the digital values to decode the signal, by detecting the peaks in the sampled signal and decoding the signal by analyzing the location and amplitudes of the peaks. Only peaks which are outside a guard band may be detected. If the signal cannot be properly decoded with a wide guard band, the guard band may be repeatedly narrowed, until a minimum guard band is reached. Bits are identified by comparing the displacements between peaks to a bit cell width. An even number of displacements indicates a `0` bit, and an odd number of displacements indicates a `1` bit. After decoding, the bits are converted into bytes. Parity and longitudinal redundancy code checks are used to correct bad bits. During decoding, many indications of a degraded signal may be obtained.

Abstract: A two-frequency data signal, also known as a biphase or F/2F signal, is accurately decoded by sampling the signal and digitizing the samples to provide a series of digital values representing the signal. An intelligent digital filter manipulates the digital values to decode the signal, by detecting the peaks in the sampled signal and decoding the signal by analyzing the location and amplitudes of the peaks. Only peaks which are outside a guard band may be detected. If the signal cannot be properly decoded with a wide guard band, the guard band may be repeatedly narrowed, until a minimum guard band is reached.Bits are identified by comparing the displacements between peaks to a bit cell width. An even number of displacements indicates a `0` bit, and an odd number of displacements indicates a `1` bit.