Abstract: Techniques are described herein that are capable of establishing system integrity using attestation for a virtual trusted platform module (vTPM). For instance, an endorsement key certificate, including an endorsement key associated with the vTPM, may be signed to issue the endorsement key certificate to the vTPM. The endorsement key certificate may be used to establish a chain of trust with regard to the vTPM. For instance, the endorsement key certificate may be used to attest the vTPM (and measurements provided by the vTPM).

Abstract: Techniques are described herein that are capable of establishing system integrity using attestation for a virtual trusted platform module (vTPM). For instance, an endorsement key certificate, including an endorsement key associated with the vTPM, may be signed to issue the endorsement key certificate to the vTPM. The endorsement key certificate may be used to establish a chain of trust with regard to the vTPM. For instance, the endorsement key certificate may be used to attest the vTPM (and measurements provided by the vTPM).

Abstract: During booting of a computing device, multiple security boundaries are generated. A security boundary refers to a manner of operation of a computing device or a portion of the computing device, with a program executing in one security boundary being prohibited from accessing data and programs in another security boundary. As part of booting the computing device measurements of (e.g., hash values or other identifications of) various modules loaded and executed as part of booting the computing device are maintained by a boot measurement system of the computing device. Additionally, as part of booting the computing device, public/private key pairs of one of the security boundaries is generated or otherwise obtained. Private keys of the public/private key pairs are provided to the one security boundary, and the public keys of the public/private key pairs are provided to the boot measurement system.

Abstract: A facility for booting a virtual machine hosted on a host is described. In one example facility, the facility boots the virtual machine in accordance with a policy instance associated with the virtual machine. As part of the booting, the facility extracts information needed to complete the booting from a virtual trusted platform module associated with the virtual machine, the extraction based upon the policy instance associated with the virtual machine. At the completion of the booting, the facility copies contents of a policy instance associated with the host into the policy instance associated with the virtual machine.

Abstract: In one embodiment, a data storage client may establish a virtual replay protected storage system with an agnostic data storage. The virtual replay protected storage system may maintain a trusted counter and a secret key in a trusted client environment. The virtual replay protected storage system may encode a hash message authentication code signature based on the trusted counter, the secret key, and a data set. The virtual replay protected storage system may send a write request of the data set with the hash message authentication code signature to an agnostic data storage.

Abstract: During booting of a computing device, multiple security boundaries are generated. A security boundary refers to a manner of operation of a computing device or a portion of the computing device, with a program executing in one security boundary being prohibited from accessing data and programs in another security boundary. As part of booting the computing device measurements of (e.g., hash values or other identifications of) various modules loaded and executed as part of booting the computing device are maintained by a boot measurement system of the computing device. Additionally, as part of booting the computing device, public/private key pairs of one of the security boundaries is generated or otherwise obtained. Private keys of the public/private key pairs are provided to the one security boundary, and the public keys of the public/private key pairs are provided to the boot measurement system.

Abstract: During booting of a computing device, multiple security boundaries are generated. A security boundary refers to a manner of operation of a computing device or a portion of the computing device, with a program executing in one security boundary being prohibited from accessing data and programs in another security boundary. As part of booting the computing device measurements of (e.g., hash values or other identifications of) various modules loaded and executed as part of booting the computing device are maintained by a boot measurement system of the computing device. Additionally, as part of booting the computing device, a public/private key pair of one of the security boundaries is generated or otherwise obtained. The private key of the public/private key pair is provided to the one security boundary, and the public key of the public/private key pair is provided to the boot measurement system.

Abstract: In one embodiment, a data storage client may establish a virtual replay protected storage system with an agnostic data storage. The virtual replay protected storage system may maintain a trusted counter and a secret key in a trusted client environment. The virtual replay protected storage system may encode a hash message authentication code signature based on the trusted counter, the secret key, and a data set. The virtual replay protected storage system may send a write request of the data set with the hash message authentication code signature to an agnostic data storage.

Abstract: A facility for booting a virtual machine hosted on a host is described. In one example facility, the facility boots the virtual machine in accordance with a policy instance associated with the virtual machine. As part of the booting, the facility extracts information needed to complete the booting from a virtual trusted platform module associated with the virtual machine, the extraction based upon the policy instance associated with the virtual machine. At the completion of the booting, the facility copies contents of a policy instance associated with the host into the policy instance associated with the virtual machine.

Abstract: During booting of a computing device, multiple security boundaries are generated. A security boundary refers to a manner of operation of a computing device or a portion of the computing device, with a program executing in one security boundary being prohibited from accessing data and programs in another security boundary. As part of booting the computing device measurements of (e.g., hash values or other identifications of) various modules loaded and executed as part of booting the computing device are maintained by a boot measurement system of the computing device. Additionally, as part of booting the computing device, a public/private key pair of one of the security boundaries is generated or otherwise obtained. The private key of the public/private key pair is provided to the one security boundary, and the public key of the public/private key pair is provided to the boot measurement system.

Abstract: A searchable index is created using a query process and an indexing process. The query process cooperates with the indexing process to catalogue items that are located within a specified search scope. Previously indexed items are evaluated to ensure that their indexes are up-to-date. Items that are out-of-date have unreliable indexes that should be updated. Items to be indexed within the specified search scope are grouped in batches for processing. As processing of each batch is completed their respective indexing results become available such that partially indexed search scopes are useable while the indexing process continues. Since indexing results trickle in on an ongoing basis, users are permitted to process and/or view indexing results without waiting for the complete indexing process to be completed.

Abstract: Documents are indexed in accordance with a process that separates the filtering and word breaking portions of the process so that they are performed under a restricted security setting. When a document is requested by an indexer, the document is retrieved and then passed to the higher security process. The document is then filtered one or more filters and tokenized by one or more wordbreakers under the restricted security setting before being passed to the indexer. The restricted security setting prevents security vulnerabilities from being exploited during the filtering and word breaking processes.

Abstract: An improved system and method for building a large index is provided. The system and method may be used by many applications to build a large index, including a search engine for crawling the World Wide Web. An indexing engine with an index merger may build an index of content by using a staged pipeline for merging sub-indexes. The index merger may concurrently merge sub-indexes created at multiple stages during indexing of content by using threads from a merging thread pool. When all the content has been indexed, the system may proceed to perform a final merge of all available sub-indexes to form a master index. The system and method may build a large index of any type of content including documents, images, audio streams, video streams and other types of content.

Abstract: Computer resources are dynamically adjusted based on the frequency of user input. A process monitors the user input and adjusts the resource utilization level for a managed process based on the period of time since the last user input. The more recent the user input, the less processing is performed by the managed process and the more the process sleeps. The more distant the user input, the more processing is performed by the background process and the process sleeps less. Even during constant and frequent user input, however, the managed process continues to perform some work.

Abstract: Indexing documents is performed using low priority I/O requests. This aspect can be implemented in systems having an operating system that supports at least two priority levels for I/O requests to its filing system. Low priority I/O requests can be used for accessing documents to be indexed. Low priority I/O requests can also be used for writing information into the index. Higher priority requests can be used for I/O requests to access the index in response queries from a user. I/O request priority can be set on a per-thread basis as opposed to being set on a per-process basis (which may generate two or more threads for which it may be desirable to assign different priorities).

Abstract: Documents are indexed in accordance with a process that separates the filtering and word breaking portions of the process so that they are performed under a restricted security setting. When a document is requested by an indexer, the document is retrieved and then passed to the higher security process. The document is then filtered one or more filters and tokenized by one or more wordbreakers under the restricted security setting before being passed to the indexer. The restricted security setting prevents security vulnerabilities from being exploited during the filtering and word breaking processes.

Abstract: A searchable index is created using a query process and an indexing process. The query process cooperates with the indexing process to catalogue items that are located within a specified search scope. Previously indexed items are evaluated to ensure that their indexes are up-to-date. Items that are out-of-date have unreliable indexes that should be updated. Items to be indexed within the specified search scope are grouped in batches for processing. As processing of each batch is completed their respective indexing results become available such that partially indexed search scopes are useable while the indexing process continues. Since indexing results trickle in on an ongoing basis, users are permitted to process and/or view indexing results without waiting for the complete indexing process to be completed.

Abstract: An improved system and method for building a large index is provided. The system and method may be used by many applications to build a large index, including a search engine for crawling the World Wide Web. An indexing engine with an index merger may build an index of content by using a staged pipeline for merging sub-indexes. The index merger may concurrently merge sub-indexes created at multiple stages during indexing of content by using threads from a merging thread pool. When all the content has been indexed, the system may proceed to perform a final merge of all available sub-indexes to form a master index. The system and method may build a large index of any type of content including documents, images, audio streams, video streams and other types of content.