Abstract: Instantiating an attestation facilitation component that allows a remote application to attest to a secure state of a secure memory application executing upon a secure platform of a computer system regardless of a type of either the secure platform or a health attestation service. Instantiation comprises identifying a property that includes at least one of the secure platform type and the health attestation service type. The instantiation is customized with the identified property. The attestation facilitation component verifies that a report generated by the secure platform represents that the secure memory application is operating in a secure state, and accesses a token generated by the health attestation service that represents that the secure platform is operating in a secure state. The attestation facilitation component generates a quote that allows the remote application to verify that the secure platform and the secure memory application are both operating in secure states.

Abstract: A “Hypervisor Secure Container” (HSC) is a block of memory space that resides inside of a regular process, but is secured from the operating system of the computer it runs on. The HSC is a software container that runs on a hypervisor directly. Data and code within one HSC can only be accessed by the hypervisor itself and the code that belongs to the same HSC. The HSC can run in user mode or kernel mode. Advantageously, even if the operating system or user of the computer the HSC runs on is malicious, the data inside the HSC is still secure. The HSC allows software based isolation of code/data and can be used in various security contexts including securely storing certificates and passwords, performing Digital Rights Management (DRM) for media and games, and confidential computing in a computing cloud.

Abstract: Instantiating an attestation facilitation component that allows a remote application to attest to a secure state of a secure memory application executing upon a secure platform of a computer system regardless of a type of either the secure platform or a health attestation service. Instantiation comprises identifying a property that includes at least one of the secure platform type and the health attestation service type. The instantiation is customized with the identified property. The attestation facilitation component verifies that a report generated by the secure platform represents that the secure memory application is operating in a secure state, and accesses a token generated by the health attestation service that represents that the secure platform is operating in a secure state. The attestation facilitation component generates a quote that allows the remote application to verify that the secure platform and the secure memory application are both operating in secure states.

Abstract: One or more techniques and/or systems are provided for generating a bundle package, digitally signing the bundle package, selectively disturbing the bundle package, and/or indexing one or more resource packages retrieved from the bundle package. That is, a bundle package (e.g., an application or game bundle package) comprises one or more app packages comprising application code configured to execute on various computing environments (e.g., operating systems, processors, etc.). The bundle package may comprise one or more resource packages comprising supplemental data used to provide optional user experience functionality for the application (e.g., French language support, high resolution textures, a gaming pad support, etc.). In this way, a client device may selectively download portions of the bundle package that may be relevant, which may mitigate download bandwidth, storage space, or resources otherwise used to obtain unnecessary portions of the bundle package (e.g.

Abstract: One or more techniques and/or systems are provided for generating a bundle package, digitally signing the bundle package, selectively disturbing the bundle package, and/or indexing one or more resource packages retrieved from the bundle package. That is, a bundle package (e.g., an application or game bundle package) comprises one or more app packages comprising application code configured to execute on various computing environments (e.g., operating systems, processors, etc.). The bundle package may comprise one or more resource packages comprising supplemental data used to provide optional user experience functionality for the application (e.g., French language support, high resolution textures, a gaming pad support, etc.). In this way, a client device may selectively download portions of the bundle package that may be relevant, which may mitigate download bandwidth, storage space, or resources otherwise used to obtain unnecessary portions of the bundle package (e.g.

Abstract: One or more techniques and/or systems are provided for generating a bundle package, digitally signing the bundle package, selectively disturbing the bundle package, and/or indexing one or more resource packages retrieved from the bundle package. That is, a bundle package (e.g., an application or game bundle package) comprises one or more app packages comprising application code configured to execute on various computing environments (e.g., operating systems, processors, etc.). The bundle package may comprise one or more resource packages comprising supplemental data used to provide optional user experience functionality for the application (e.g., French language support, high resolution textures, a gaming pad support, etc.). In this way, a client device may selectively download portions of the bundle package that may be relevant, which may mitigate download bandwidth, storage space, or resources otherwise used to obtain unnecessary portions of the bundle package (e.g.

Abstract: One or more techniques and/or systems are provided for dynamically maintaining a service profile. That is, a user may be associated with a variety of services, such as an email service, a social network service, a photo sharing service, etc. An operating system may dynamically provide support for services by maintaining service profiles. For example, a service provider application may specify a service definition defining a service not yet supported (e.g., a social network app may describe functionality and/or information about a new social network service). A service profile may be generated for the service based upon the service definition. The service profile may be exposed to system components and/or applications that may utilize the service profile to access information and/or functionality provided by service (e.g., a camera system component may allow a user to upload a photo to the new social network service utilizing the service profile).

Abstract: Systems and methods are disclosed for recovering data. The disclosed systems and methods may include locating a central directory in a file archive. Furthermore, the disclosed systems and methods may include determining that a local header located in the file archive is authentic if at least one of a plurality of records in the local header match at least one of a corresponding record in the central directory. The local header may be located in the file archive using an offset specified in the central directory. Moreover, the disclosed systems and methods may include determining that the local header is valid and recovering item data associated with the local header if the local header is authentic and valid.

Abstract: A monitoring and management system may use a plugin mechanism to add or update an interface to a managed service or device. The plugin may have capability to interface with the managed service or device, as well as an interface to a status database that may be populated by the managed service or device as well as other services or devices. The plugin may have rules that may be used to determine a status for the monitored service or device based on the statuses of several services or devices, and may also have rules that define a multi level query into the database to determine those services and devices.

Abstract: Systems and methods are disclosed for recovering data. The disclosed systems and methods may include locating a central directory in a file archive. Furthermore, the disclosed systems and methods may include determining that a local header located in the file archive is authentic if at least one of a plurality of records in the local header match at least one of a corresponding record in the central directory. The local header may be located in the file archive using an offset specified in the central directory. Moreover, the disclosed systems and methods may include determining that the local header is valid and recovering item data associated with the local header if the local header is authentic and valid.