Abstract: A beam delivery system is provided that includes a beam delivery photonic integrated circuit. The beam delivery photonic integrated circuit includes one or more optical inputs; a plurality of waveguide outputs; and a plurality of beam paths. Each beam path connects one of the plurality of waveguide outputs to at least one of the optical inputs. The plurality of waveguide outputs are configured to emit a plurality of parallel beams. The beam delivery photonic integrated circuit is on a chip. The beam delivery system further includes a telecentric optical relay assembly. The telecentric optical relay assembly is configured to receive the plurality of parallel beams provided by the waveguide outputs and focus each received beam on a corresponding one of a plurality of positions of an atomic object confinement apparatus in a telecentric manner.

Abstract: Multilayer films and adhesive tapes that include such films, wherein the multilayer films include plasticized polyvinyl chloride and optionally one or more fillers.

Abstract: An accessory device receives authentication information from a host computing device connected thereto and determines whether the authentication information is valid. If the authentication information is valid, the accessory device applies a first access policy that specifies whether the accessory device can provide the host computing device with access to none, some, or all of various computing resources of the accessory device. If the authentication information is not valid, the accessory device applies a second access policy that is different than the first access policy. The accessory device can also be provisioned with access policies by a host computing device if the host computing device successfully authenticates with the accessory device. In either case, authenticating the host computing device may include verifying a digital signature of a certificate provided by the host computing device using a public key of a certificate authority that has been provisioned to the accessory device.

Abstract: An accessory device receives authentication information from a host computing device connected thereto and determines whether the authentication information is valid. If the authentication information is valid, the accessory device applies a first access policy that specifies whether the accessory device can provide the host computing device with access to none, some, or all of various computing resources of the accessory device. If the authentication information is not valid, the accessory device applies a second access policy that is different than the first access policy. The accessory device can also be provisioned with access policies by a host computing device if the host computing device successfully authenticates with the accessory device. In either case, authenticating the host computing device may include verifying a digital signature of a certificate provided by the host computing device using a public key of a certificate authority that has been provisioned to the accessory device.

Abstract: An accessory device receives authentication information from a host computing device connected thereto and determines whether the authentication information is valid. If the authentication information is valid, the accessory device applies a first access policy that specifies whether the accessory device can provide the host computing device with access to none, some, or all of various computing resources of the accessory device. If the authentication information is not valid, the accessory device applies a second access policy that is different than the first access policy. The accessory device can also be provisioned with access policies by a host computing device if the host computing device successfully authenticates with the accessory device. In either case, authenticating the host computing device may include verifying a digital signature of a certificate provided by the host computing device using a public key of a certificate authority that has been provisioned to the accessory device.

Abstract: In an embodiment described herein, a method for a mechanism to turn a post processing feature in the Device Media Foundation Transform is described. The method comprises managing, at a device integration service executing on a computing device, a current setting of a feature and updating the current setting as stored in a registry in response to a changed setting of the feature and asserting a setting changed event. The method also includes applying the updated current setting to captured media samples via the Device Media Foundation Transform in response to the asserted setting changed event.

Abstract: In an embodiment described herein, a method for a mechanism to turn a post processing feature in the Device Media Foundation Transform is described. The method comprises managing, at a device integration service executing on a computing device, a current setting of a feature and updating the current setting as stored in a registry in response to a changed setting of the feature and asserting a setting changed event. The method also includes applying the updated current setting to captured media samples via the Device Media Foundation Transform in response to the asserted setting changed event.

Abstract: An accessory device receives authentication information from a host computing device connected thereto and determines whether the authentication information is valid. If the authentication information is valid, the accessory device applies a first access policy that specifies whether the accessory device can provide the host computing device with access to none, some, or all of various computing resources of the accessory device. If the authentication information is not valid, the accessory device applies a second access policy that is different than the first access policy. The accessory device can also be provisioned with access policies by a host computing device if the host computing device successfully authenticates with the accessory device. In either case, authenticating the host computing device may include verifying a digital signature of a certificate provided by the host computing device using a public key of a certificate authority that has been provisioned to the accessory device.

Abstract: A device includes a reset resistant store and a trusted key service. The reset resistant store maintains data across various different device reset or data invalidation operations. The trusted key service maintains, for each of one or more operating systems that run on the device from a boot configuration, an encrypted key associated with the boot configuration. The device also has a master key that is specific to the device. Each of the keys associated with a boot configuration is encrypted using the master key. When booting the device, the boot configuration being run on the device is identified, and the key associated with that boot configuration is obtained (e.g., from the reset resistant store or the encrypted key vault). The master key is used to decrypt the obtained key, and the obtained key is used to decrypt secrets associated with the operating system run from the boot configuration.

Abstract: A device includes a reset resistant store and a trusted key service. The reset resistant store maintains data across various different device reset or data invalidation operations. The trusted key service maintains, for each of one or more operating systems that run on the device from a boot configuration, an encrypted key associated with the boot configuration. The device also has a master key that is specific to the device. Each of the keys associated with a boot configuration is encrypted using the master key. When booting the device, the boot configuration being run on the device is identified, and the key associated with that boot configuration is obtained (e.g., from the reset resistant store or the encrypted key vault). The master key is used to decrypt the obtained key, and the obtained key is used to decrypt secrets associated with the operating system run from the boot configuration.

Abstract: A firmware update system is described that collectively handles secure firmware updates for hardware resources in a defined and consistent manner. The firmware update system may be configured to manage at least some firmware updates in a pre-boot environment (e.g., before an operating system is loaded). By doing so, the firmware update system exercises control over the updates and reduce entry points exposed to attackers. In one approach, update states are defined for hardware resources that are managed by the firmware update system. In a pre-boot environment, the update states for the managed hardware resources are set to enable firmware updates. The firmware update system may then detect and apply firmware updates available for the managed hardware resources. Update states may be set to disable before loading the operating so that firmware updates for managed resources are disabled outside of the secure pre-boot environment.

Abstract: Device enumeration support techniques are described for busses that do not natively support enumeration. In one or more embodiments, an intermediate controller of a computing device is configured to interconnect and manage various hardware devices associated with the computing device. The intermediate controller may detect connection and disconnection of hardware devices in association with one or more communication busses employed by the computing device. In response to such detection, the intermediate controller may send appropriate notifications to an operating system to alert the operating system when hardware devices come and go. This enables the operating system to enumerate and denumerate hardware devices within a device configuration and power management system implemented by the operating system that facilitates interaction with the hardware devices through corresponding representations.

Abstract: Accessory device authentication techniques are described. In one or more embodiments, connection of an accessory device to a host computing device is detected. Responsive to the detection, an authentication sequence may occur to verify an identity and/or capabilities of the accessory device. Upon successful authentication of the accessory device, the host device may authorize the accessory device for power exchange interactions with the host device. The host device may then draw supplemental power from a power source associated with the authorized accessory device, such as a battery or power adapter. The host device may also enable the accessory device to obtain and use power supplied by the host device in some scenarios. Power exchange between a host device and an authorized accessory may be managed in accordance with capabilities of the accessory device that are identified during authentication.

Abstract: A firmware update system is described that collectively handles secure firmware updates for hardware resources in a defined and consistent manner. The firmware update system may be configured to manage at least some firmware updates in a pre-boot environment (e.g., before an operating system is loaded). By doing so, the firmware update system exercises control over the updates and reduce entry points exposed to attackers. In one approach, update states are defined for hardware resources that are managed by the firmware update system. In a pre-boot environment, the update states for the managed hardware resources are set to enable firmware updates. The firmware update system may then detect and apply firmware updates available for the managed hardware resources. Update states may be set to disable before loading the operating so that firmware updates for managed resources are disabled outside of the secure pre-boot environment.

Abstract: Accessory device authentication techniques are described. In one or more embodiments, connection of an accessory device to a host computing device is detected. Responsive to the detection, an authentication sequence may occur to verify an identity and/or capabilities of the accessory device. Upon successful authentication of the accessory device, the host device may authorize the accessory device for power exchange interactions with the host device. The host device may then draw supplemental power from a power source associated with the authorized accessory device, such as a battery or power adapter. The host device may also enable the accessory device to obtain and use power supplied by the host device in some scenarios. Power exchange between a host device and an authorized accessory may be managed in accordance with capabilities of the accessory device that are identified during authentication.

Abstract: A firmware update system is described that collectively handles secure firmware updates for hardware resources in a defined and consistent manner. The firmware update system may be configured to manage at least some firmware updates in a pre-boot environment (e.g., before an operating system is loaded). By doing so, the firmware update system exercises control over the updates and reduce entry points exposed to attackers. In one approach, update states are defined for hardware resources that are managed by the firmware update system. In a pre-boot environment, the update states for the managed hardware resources are set to enable firmware updates. The firmware update system may then detect and apply firmware updates available for the managed hardware resources. Update states may be set to disable before loading the operating so that firmware updates for managed resources are disabled outside of the secure pre-boot environment.

Abstract: A firmware update system is described that collectively handles secure firmware updates for hardware resources in a defined and consistent manner. The firmware update system may be configured to manage at least some firmware updates in a pre-boot environment (e.g., before an operating system is loaded). By doing so, the firmware update system exercises control over the updates and reduce entry points exposed to attackers. In one approach, update states are defined for hardware resources that are managed by the firmware update system. In a pre-boot environment, the update states for the managed hardware resources are set to enable firmware updates. The firmware update system may then detect and apply firmware updates available for the managed hardware resources. Update states may be set to disable before loading the operating so that firmware updates for managed resources are disabled outside of the secure pre-boot environment.

Abstract: Techniques involving management of a heat transfer device are described. In one or more implementations, a device includes a housing, a heat-generating device disposed within the housing, and a heat transfer device disposed within the housing. The heat transfer device has a powered active cooling device. The device also includes one or more modules that are configured to adjust operation of the powered active cooling device based on a likely orientation of the heat transfer device.

Abstract: A system, device, and method for virtually connecting a media device to a computing device are disclosed. One embodiment comprises a method to operate a virtual media device in a computing device, wherein the virtual media device that is controlled by a remote media device. In this manner, a computing device may stream media data to and from the remote media device.

Abstract: Various embodiments related to a host computing device for rendering and sending image data to a peripheral device for display at the peripheral device. For example, one embodiment comprises a host computing device, the host computing device comprising a data storage subsystem and a logic subsystem. The host computing device further comprises instructions stored in the data storage subsystem and executable by the logic subsystem to output to the peripheral device a frame of image data representing a difference between a currently rendered image and an (N?1)-th previously rendered image, N being an integer and having a value of 3 or more.