Abstract: A transfer case includes a primary shaft, a secondary shaft radially offset from the primary shaft, and a torque transfer mechanism. The primary shaft includes a central channel and an inclined fluid channel. The torque transfer mechanism is configured to selectively transfer torque from the primary shaft to the secondary shaft, and includes a primary sprocket coupled to the primary shaft for transferring torque to the secondary shaft. The inclined fluid channel is associated with the primary sprocket, and includes an outlet that axially overlaps the primary sprocket.

Abstract: A computing device can perform operations to unlock encrypted volumes of the computing device while the computing device is in a recovery environment. In some examples, the computing device can work in conjunction with a test computing device to unlock the encrypted volumes using an unlock token and a PIN. In other examples, the computing device can perform operations without a test computing device. For example, the computing device can, while in the recovery environment, use credentials associated with a user of the computing device to obtain a recovery password to unlock keys for interpreting the encrypted volumes. In some examples, the computing device can use a shortened recovery password in conjunction with anti-hammering capabilities of a Trusted Platform Module in order to unlock keys for interpreting the encrypted volumes. These and other operations can facilitate secure unlock of volumes of encrypted data on a consumer device.

Abstract: A computing device can perform operations to unlock encrypted volumes of the computing device while the computing device is in a recovery environment. In some examples, the computing device can work in conjunction with a test computing device to unlock the encrypted volumes using an unlock token and a PIN. In other examples, the computing device can perform operations without a test computing device. For example, the computing device can, while in the recovery environment, use credentials associated with a user of the computing device to obtain a recovery password to unlock keys for interpreting the encrypted volumes. In some examples, the computing device can use a shortened recovery password in conjunction with anti-hammering capabilities of a Trusted Platform Module in order to unlock keys for interpreting the encrypted volumes. These and other operations can facilitate secure unlock of volumes of encrypted data on a consumer device.

Abstract: A computing device can perform operations to unlock encrypted volumes of the computing device while the computing device is in a recovery environment. In some examples, the computing device can work in conjunction with a test computing device to unlock the encrypted volumes using an unlock token and a PIN. In other examples, the computing device can perform operations without a test computing device. For example, the computing device can, while in the recovery environment, use credentials associated with a user of the computing device to obtain a recovery password to unlock keys for interpreting the encrypted volumes. In some examples, the computing device can use a shortened recovery password in conjunction with anti-hammering capabilities of a Trusted Platform Module in order to unlock keys for interpreting the encrypted volumes. These and other operations can facilitate secure unlock of volumes of encrypted data on a consumer device.

Abstract: A computing device can perform operations to unlock encrypted volumes of the computing device while the computing device is in a recovery environment. In some examples, the computing device can work in conjunction with a test computing device to unlock the encrypted volumes using an unlock token and a PIN. In other examples, the computing device can perform operations without a test computing device. For example, the computing device can, while in the recovery environment, use credentials associated with a user of the computing device to obtain a recovery password to unlock keys for interpreting the encrypted volumes. In some examples, the computing device can use a shortened recovery password in conjunction with anti-hammering capabilities of a Trusted Platform Module in order to unlock keys for interpreting the encrypted volumes. These and other operations can facilitate secure unlock of volumes of encrypted data on a consumer device.

Abstract: A rotor lamination for an electric motor includes a body and a plurality of tangs. The body defines a shaft aperture, which defines a rotor axis, a plurality of flux directing aperture (FDA) sets, and a plurality of mass reduction apertures that are formed through the body. The FDA sets are spaced circumferentially about the body and each includes one or more apertures that are configured to receive a permanent magnet therein and/or form a flux barrier. The mass reduction apertures are disposed radially between the shaft aperture and the plurality of flux directing aperture sets. Each of the tangs is coupled to the body and extends radially inward into the shaft aperture. Each of the tangs has a pair of side walls that are disposed about a first centerline that intersects the rotor axis and an associated one of the mass reduction apertures that is disposed radially outwardly therefrom.

Abstract: An electric motor can include a stator positioning device. First and second housing bodies can define a motor cavity. The stator can be disposed about the rotor within the motor cavity. The stator positioning device can include a plurality of contact members, and a plurality of cover members. The contact members can cooperate to form an annular contact ring that is coaxial with an output axis and has a first side and a second side. The first side can be in contact with a first end of the stator core. The cover members can cooperate to form an annular cover ring that is coaxial with the axis and coupled to the second side of the contact ring. The cover ring can include a flange that extends radially outward of the contact ring and is axially between the first and second housing bodies to inhibit axial movement of the cover ring.

Abstract: An electric motor can include a stator positioning device. First and second housing bodies can define a motor cavity. The stator can be disposed about the rotor within the motor cavity. The stator positioning device can include a plurality of contact members, and a plurality of cover members. The contact members can cooperate to form an annular contact ring that is coaxial with an output axis and has a first side and a second side. The first side can be in contact with a first end of the stator core. The cover members can cooperate to form an annular cover ring that is coaxial with the axis and coupled to the second side of the contact ring. The cover ring can include a flange that extends radially outward of the contact ring and is axially between the first and second housing bodies to inhibit axial movement of the cover ring.

Abstract: A system for changing policy information of a process is provided. When a process is to execute, the system stores policy information for the process in association with the process code. The system also creates a token for the process. The token provides evidence of the policy for the process and includes at least a reference to the stored policy information. The system provides the token to the process for use by the process as evidence of the policy for the process. When the process provides the token to a service provider, the service provider uses the reference to access the policy information for the process. While the process is executing, the system modifies the stored policy information. When the process subsequently provides the token to a service provider, the service provider uses the reference to access the modified policy information for the process.

Abstract: A computing device can perform operations to unlock encrypted volumes of the computing device while the computing device is in a recovery environment. In some examples, the computing device can work in conjunction with a test computing device to unlock the encrypted volumes using an unlock token and a PIN. In other examples, the computing device can perform operations without a test computing device. For example, the computing device can, while in the recovery environment, use credentials associated with a user of the computing device to obtain a recovery password to unlock keys for interpreting the encrypted volumes. In some examples, the computing device can use a shortened recovery password in conjunction with anti-hammering capabilities of a Trusted Platform Module in order to unlock keys for interpreting the encrypted volumes. These and other operations can facilitate secure unlock of volumes of encrypted data on a consumer device.

Abstract: A transfer case includes a primary shaft, a secondary shaft radially offset from the primary shaft, and a torque transfer mechanism. The primary shaft includes a central channel and an inclined fluid channel. The torque transfer mechanism is configured to selectively transfer torque from the primary shaft to the secondary shaft, and includes a primary sprocket coupled to the primary shaft for transferring torque to the secondary shaft. The inclined fluid channel is associated with the primary sprocket, and includes an outlet that axially overlaps the primary sprocket.

Abstract: A computing device can perform operations to unlock encrypted volumes of the computing device while the computing device is in a recovery environment. In some examples, the computing device can work in conjunction with a test computing device to unlock the encrypted volumes using an unlock token and a PIN. In other examples, the computing device can perform operations without a test computing device. For example, the computing device can, while in the recovery environment, use credentials associated with a user of the computing device to obtain a recovery password to unlock keys for interpreting the encrypted volumes. In some examples, the computing device can use a shortened recovery password in conjunction with anti-hammering capabilities of a Trusted Platform Module in order to unlock keys for interpreting the encrypted volumes. These and other operations can facilitate secure unlock of volumes of encrypted data on a consumer device.

Abstract: A rotor lamination for an electric motor includes a body and a plurality of tangs. The body defines a shaft aperture, which defines a rotor axis, a plurality of flux directing aperture (FDA) sets, and a plurality of mass reduction apertures that are formed through the body. The FDA sets are spaced circumferentially about the body and each includes one or more apertures that are configured to receive a permanent magnet therein and/or form a flux barrier. The mass reduction apertures are disposed radially between the shaft aperture and the plurality of flux directing aperture sets. Each of the tangs is coupled to the body and extends radially inward into the shaft aperture. Each of the tangs has a pair of side walls that are disposed about a first centerline that intersects the rotor axis and an associated one of the mass reduction apertures that is disposed radially outwardly therefrom.

Abstract: A data protection policy is implemented on a computing device, the data protection policy indicating how organization data on the computing device is to be protected. Protection of the organization data includes encrypting the organization data, and allowing the organization data to be decrypted only by particular programs and/or under particular circumstances (as indicated by the data protection policy). When implementing a data protection policy, files already stored on the computing device are encrypted using a passive encryption technique. The passive encryption technique can include one or more of an encrypt on close technique, an encrypt on open technique, an encrypt without exclusive access technique, and an encrypt location technique.

Abstract: Content on a device is encrypted and protected based on a data protection key. The protected content can then be copied to cloud storage, and from the cloud storage the protected content can be transferred to various other ones of the user's devices. A key used to retrieve plaintext content from the protected content is associated with an identifier of a particular device that provides the key, the device providing the key being the device that generated the key, or another managed device to which the protected content was transferred. A wipe command can similarly be transferred to the various ones of the user's devices, causing any keys associated with a particular device to be deleted from each of the various ones of the user's devices.

Abstract: Content on a device is encrypted and protected based on a data protection key corresponding to a particular identity of the user of the device. The protected content can then be stored to cloud storage, and from the cloud storage the protected content can be transferred to various other ones of the user's devices. A data protection key that is used to retrieve the plaintext content from the protected content is maintained by the user's device. This data protection key can be securely transferred to other of the user's devices, allowing any of the user's devices to access the protected content.

Abstract: A program on a device communicates with services of an organization and obtains data associated with the organization (also referred to as organization data). The organization data is optionally encrypted using one or more encryption keys, in which case the program has access to one or more decryption keys allowing the organization data to be decrypted and used at the device. Situations can arise in which the organization data stored on the device is to no longer be accessible to a user and/or the device, which is also referred to as the data being revoked. In response to organization data being revoked at the device, various techniques are used to intelligently delete the data, which refers to determining, based on the revocation that occurred and the nature of the data on the device, which data on the device is to be deleted from the device.

Abstract: Data files are encrypted based on a key associated with an entity that sets a data protection policy controlling access to the data files. The data protection policy identifies various restrictions on how the plaintext data of the encrypted data in the data files can be used. The data files have corresponding metadata identifying the entity that sets the data protection policy, and processes that are running instances of applications that are allowed to access the plaintext data are also associated with the identifier of the entity. These identifiers of the entity, as well as the data protection policy, are used by an operating system of a computing device to protect the data in accordance with the data protection policy, including having the protection be transferred to other devices with the protected data, or preventing the protected data from being transferred to other devices.

Abstract: A system for changing policy information of a process is provided. When a process is to execute, the system stores policy information for the process in association with the process code. The system also creates a token for the process. The token provides evidence of the policy for the process and includes at least a reference to the stored policy information. The system provides the token to the process for use by the process as evidence of the policy for the process. When the process provides the token to a service provider, the service provider uses the reference to access the policy information for the process. While the process is executing, the system modifies the stored policy information. When the process subsequently provides the token to a service provider, the service provider uses the reference to access the modified policy information for the process.

Abstract: A computing device can perform operations to unlock encrypted volumes of the computing device while the computing device is in a recovery environment. In some examples, the computing device can work in conjunction with a test computing device to unlock the encrypted volumes using an unlock token and a PIN. In other examples, the computing device can perform operations without a test computing device. For example, the computing device can, while in the recovery environment, use credentials associated with a user of the computing device to obtain a recovery password to unlock keys for interpreting the encrypted volumes. In some examples, the computing device can use a shortened recovery password in conjunction with anti-hammering capabilities of a Trusted Platform Module in order to unlock keys for interpreting the encrypted volumes. These and other operations can facilitate secure unlock of volumes of encrypted data on a consumer device.