Abstract: A secure enclave is hosted by an untrusted host. To securely persist data on the untrusted host, the secure enclave generates or updates a persistent file system, wherein the persistent file system is a collection of logical files. The secure enclave segments the persistent file system into a plurality of sectors. The secure enclave provides a key specification to a key derivation enclave. The secure enclave obtains an encryption key dynamically generated based on the key specification. The secure enclave cryptographically protects each of the plurality of sectors using the key and causes the host to write a plurality of encrypted sectors to a disk as a single physical file.

Abstract: A nerve integrity monitoring device includes a control module and a physical layer module. The control module is configured to generate a payload request. The payload request (i) requests a data payload from a sensor in a wireless nerve integrity monitoring network, and (ii) indicates whether a stimulation probe device is to generate a stimulation pulse. The physical layer module is configured to (i) wirelessly transmit the payload request to the sensor and the stimulation probe device, or (ii) transmit the payload request to a console interface module. The physical layer module is also configured to, in response to the payload request, (i) receive the data payload from the sensor, and (ii) receive stimulation pulse information from the stimulation probe device. The data payload includes data corresponding to an evoked response of a patient. The evoked response is generated based on the stimulation pulse.

Abstract: In some aspects, a computing system may provide a mechanism for periodic communication between the secure enclave and client devices. Specifically, the secure enclave may send a heartbeat message that the client device expects to receive within a threshold time period. The heartbeat message may include an old value that was previously sent to the client device and a new value. The client device can confirm that the old value matches what was previously sent (e.g., in a previous heartbeat message) by the secure enclave to confirm that a rewind attack has not occurred.

Abstract: Central bank digital currency (CBDC) tokens are used for payment in a transaction initiated by a payment card at an acquirer's point-of-sale. To facilitate these transactions, a card issuer node in a distributed ledger environment receives a payment message from a payment terminal. The payment message, comprising a request to conduct a CBDC-based transaction, contains a signature transmitted to the payment terminal by a payment card. The card issuer node generates a signature data structure that contains the signature. The card issuer node also generates a transaction message containing components of the transaction, such as a number of tokens to be transferred, a current owner of the tokens to be transferred, an intended acquirer of the tokens, a currency type of the tokens, and/or instructions for validating the transaction. The transaction is validated based at least in part on the signature data structure in the transaction message.

Abstract: A secure enclave is hosted by an untrusted host and communicatively coupled to at least one client. To detect a rollback attack, the secure enclave generates first hidden data relating to a first persistent data structure and transmits the first hidden data to the at least one client. The secure enclave transmits the first persistent data structure to the host. The secure enclave receives a second persistent data structure from the host and validates that the second persistent data structure is a copy of the first persistent data structure. The validation includes generating second hidden data relating to the second persistent data structure, causing the client to provide the first hidden data, and comparing the first hidden data to the second hidden data to ensure a match.

Abstract: A secure enclave is hosted by an untrusted host. To securely persist data on the untrusted host, the secure enclave generates or updates a persistent file system, wherein the persistent file system is a collection of logical files. The secure enclave segments the persistent file system into a plurality of sectors. The secure enclave provides a key specification to a key derivation enclave. The secure enclave obtains an encryption key dynamically generated based on the key specification. The secure enclave cryptographically protects each of the plurality of sectors using the key and causes the host to write a plurality of encrypted sectors to a disk as a single physical file.

Abstract: A system is provided for detecting whether an application program executing in a secure enclave of a host computing system may be the target of a rewind attack. The system ensures that state information is consistent with messages that are received. The messages contain current ordering information, previous ordering information, and a related message identifier. When a message is received, the system determines whether the previous ordering information of the message and previous ordering information of the state information associated with the related message identifier are consistent. If not consistent, the system may indicate that a rewind attack is in progress because a malicious actor may have provided an out-of-date version of the state information. If consistent, the system updates previous ordering information of the state information that is associated with the related message identifier based on the current ordering information.

Abstract: A system is provided for reissuing obligations whose ownership is recorded in a distributed ledger to preserve the identity of prior owners of the obligations. The system accesses a target transaction in which an issuer has a target obligation to a target owner specified in the target transaction. The target transaction has one or more ancestor transactions that each specify an owner. The system retires the target transaction so that the issuer no longer has the target obligation. The system then receives an indication that the issuer created a reissue transaction in which the issuer has a reissued obligation to the target owner that is specified in the reissue transaction. The reissue transaction does not have any ancestor transactions.

Abstract: A system is provided for reissuing obligations whose ownership is recorded in a distributed ledger to preserve the identity of prior owners of the obligations. The system accesses a target transaction in which an issuer has a target obligation to a target owner specified in the target transaction. The target transaction has one or more ancestor transactions that each specify an owner. The system retires the target transaction so that the issuer no longer has the target obligation. The system then receives an indication that the issuer created a reissue transaction in which the issuer has a reissued obligation to the target owner that is specified in the reissue transaction. The reissue transaction does not have any ancestor transactions.

Abstract: A system is provided for detecting whether an application program executing in a secure enclave of a host computing system may be the target of a rewind attack. The system ensures that state information is consistent with messages that are received. The messages contain current ordering information, previous ordering information, and a related message identifier. When a message is received, the system determines whether the previous ordering information of the message and previous ordering information of the state information associated with the related message identifier are consistent. If not consistent, the system may indicate that a rewind attack is in progress because a malicious actor may have provided an out-of-date version of the state information. If consistent, the system updates previous ordering information of the state information that is associated with the related message identifier based on the current ordering information.

Abstract: A system is provided for reissuing obligations whose ownership is recorded in a distributed ledger to preserve the identity of prior owners of the obligations. The system accesses a target transaction in which an issuer has a target obligation to a target owner specified in the target transaction. The target transaction has one or more ancestor transactions that each specify an owner. The system retires the target transaction so that the issuer no longer has the target obligation. The system then receives an indication that the issuer created a reissue transaction in which the issuer has a reissued obligation to the target owner that is specified in the reissue transaction. The reissue transaction does not have any ancestor transactions.

Abstract: A system is provided for reissuing obligations whose ownership is recorded in a distributed ledger to preserve the identity of prior owners of the obligations. The system accesses a target transaction in which an issuer has a target obligation to a target owner specified in the target transaction. The target transaction has one or more ancestor transactions that each specify an owner. The system retires the target transaction so that the issuer no longer has the target obligation. The system then receives an indication that the issuer created a reissue transaction in which the issuer has a reissued obligation to the target owner that is specified in the reissue transaction. The reissue transaction does not have any ancestor transactions.

Abstract: The present invention is related to the use of a non-cellulosic cationically modified polysaccharide in cleaning compositions and more particularly to a surfactant based cleansing composition comprising, a surfactant, a non-cellulosic cationically modified polysaccharide and a solvent for use in personal care composition, household care composition or an institutional care composition.

Abstract: The present invention is related to the use of a non-cellulosic cationically modified polysaccharide in cleaning compositions and more particularly to a surfactant based cleansing composition comprising, a surfactant, a non-cellulosic cationically modified polysaccharide and a solvent for use in personal care composition, household care composition or an institutional care composition.

Abstract: A Fluidized Polymer Suspension (FPS) thickener comprising a hydroxyethylcellulose and/or alkyl or arylalkyl hydrophobically modified hydroxyethylcellulose added continuously to an aqueous dispersion increases productivity for manufacture of aqueous coating compositions. The FPS can be stored and metered without delays associated with dry powders. A latex paint is continuously produced by simultaneously or sequentially mixing latex binder, dispersed pigment and FPS thickener along with other ingredients.