Abstract: A client application, when executed by a processor, is operative to create a HyperText Transfer Protocol (HTTP) request containing a target header that includes a confidential value. The HTTP request is to be sent over a Secure Sockets Layer (SSL) 3.0 connection or a Transport Layer Security (TLS) 1.0 connection to a web server. The client application implements at its HTTP layer a countermeasure to a blockwise chosen-boundary attack. The client application generates an additional header having a header name that is not recognizable by the web server and inserts the additional header into the HTTP request ahead of the target header, thus creating a modified HTTP request. The modified HTTP request is to be sent, instead of the unmodified HTTP request, over the SSL 3.0 connection or the TLS 1.0 connection to the web server.

Abstract: A method, product and system for selective encryption in a mobile device. The method comprising: selectively encrypting requests issued by the mobile device, wherein said selectively encrypting comprises: obtaining a request issued by an application executed by the mobile device, the request having one or more characteristics, the request has a destination; determining, based on the one or more characteristics, whether to encrypt the request; and in response to a determination to encrypt the request, re-routing the request to be transmitted to the destination through a secure channel; whereby the request is encrypted regardless of the destination being a priori associated with the secure channel.

Abstract: A method and system for allowing a single-sign on to access independently purveyed applications with a highly secure single-sign methodology which permits wide area public access, such as through the Internet, to private access weaker credentialed sign-on applications without a need to upgrade the credential requirements for access to the applications.

Abstract: Aspects of the present invention provide a mechanism to utilize IMS media security mechanisms in a CS network and, thereby, provide end-to-end media security in the case where the media traffic travels across both a CS network and a PS network.

Abstract: An authentication apparatus includes an accepting unit and an instructing unit. The accepting unit accepts a request, which requests to issue an authentication medium for a second user, from a first user who is authenticated. The instructing unit instructs to issue the authentication medium for the second user.

Abstract: Session-specific information stored to a cookie or other secure token can be selected and/or caused to vary over time, such that older copies will become less useful over time. Such an approach reduces the ability of entities obtaining a copy of the cookie from performing unauthorized tasks on a session. A cookie received with a request can contain a timestamp and an operation count for a session that may need to fall within an acceptable range of the current values in order for the request to be processed. A cookie returned with a response can be set to the correct value or incremented from the previous value based on various factors. The allowable bands can decrease with age of the session, and various parameter values such as a badness factor for a session can be updated continually based on the events for the session.

Abstract: A comprehensive solution for providing secure mobile communication is provided. The system includes techniques for authentication and control of communication end-points; chain of trust to ensure devices are certified as authentic; contact list management; peer-to-peer encrypted voice, email, and texting communication; and a technique for bypassing an IP PBX to ensure high levels of security. The system is able to support use of commodity mobile communication devices (e.g., smart phones, laptops) over public carrier networks.

Abstract: A current version certificate is stored that includes a corresponding current version identifier. A current instance certificate is received from the certificate authority, wherein the current instance certificate includes the current version identifier of the current version certificate and a current instance public key corresponding to the current instance private key. The current instance certificate is sent to a local station, during a registration with the local station. A request is generated and sent to the local station. First encrypted data is received from the local station, wherein the first encrypted data includes a content key that is encrypted via the current instance public key.

Abstract: The current application is directed to computationally efficient attribute-based access control that can be used to secure access to stored information in a variety of different types of computational systems. Many of the currently disclosed computationally efficient implementations of attribute-based access control employ hybrid encryption methodologies in which both an attribute-based encryption or a similar, newly-disclosed policy-encryption method as well as a hierarchical-key-derivation method are used to encrypt payload keys that are employed, in turn, to encrypt data that is stored into, and retrieved from, various different types of computational data-storage systems.

Abstract: According to the present invention, there is provided a data processing system comprising: a dedicated physical device for access by a single client only; a shared physical device for shared access by multiple clients; a partition of a first type associated with the dedicated physical device, the first type partition comprising said single client and a first device driver for accessing the dedicated physical device; a partition of a second type associated with the shared physical device, the second type partition comprising a second device driver for accessing the shared physical device, and a back end driver for accessing the second device driver; and multiple partitions of the third type each comprising a respective one of said multiple clients and a front end driver for accessing the shared physical device via the second type partition.

Abstract: A computer system includes memory storing an operating system. An agent executive runs within the operating system. The agent executive receives an agent identity token from a grid computer system. The agent identity token includes a unique cryptographic key assigned to the agent executive. The agent executive collects information about the computer system for an evaluation of integrity of the agent executive, according to a plurality of agent self-verification factors. The agent executive encrypts the collected information using the cryptographic key and transmits the encrypted information to the grid computer system. The agent executive retrieves an encrypted set of commands from the grid computer system, which are selected by the grid computer system in response to the transmitted information. The agent executive decrypts the encrypted set of commands and executes, at the computer system, each command in the set of commands.

Abstract: Computer-executable instructions that are directed to the performance of consequential actions and automatically elevate to execute at a higher privilege level to do so can perform such consequential actions only after user notification. Doing so can enable monitoring processes to avoid presenting duplicative user notification upon detection of such auto-elevation. In addition, prior to presenting user notification, input from the execution environment can be ignored and access to DLLs for performing consequential actions can be avoided. A static analyzer can identify non-conforming computer-executable instructions. A wrapper can be utilized to provide compliance by otherwise unknown or non-conforming computer-executable instructions.

Abstract: The present invention provides methods and apparatuses for verifying that a transaction is legitimate. The methods and apparatuses use protected memory space, such as kernel space of an operating system, or a separate memory space, such as is available on a SIM card of a cellular phone. The method of the invention proceeds by creating a transaction identification string (TID) and associating the TID with a transaction. The TID contains data relevant to or associated with the transaction and is typically readable by an end-user. The transaction is then interrupted until a user responds in the affirmative to allow completion of the transaction. Methods and devices used in the invention are particularly well suited to M-commerce, where transactions originating from a device are typically recognized by a merchant as coming from the owner of the device without further authentication.

Abstract: A vehicle communication authentication system performs mutual authentication with an authentication subject by performing a user subscriber identify module (USIM)-based authentication protocol in a wireless network, mounts a USIM card in which mutual authentication is succeeded in a vehicle terminal, and performs authentication of vehicle communication with a server that provides a vehicle service.

Abstract: A system and method for converting a device between an authorized device and an unauthorized device may include a crypto ignition key (CIK) and a mission module. The CIK may store an original device number corresponding to a device. The mission module typically loads a local mission and a key, decrypts the local mission with the key to produce a decrypted local mission, and generates an internal file encryption key (IFEK) and an internal split. The mission module may then encrypt the decrypted local mission to produce an encrypted local mission and then erase the IFEK. The mission module, when attached to the device, may read an additional device number from the device and recreate the IFEK based on the additional device number and the internal split. The mission module may decrypt the encrypted local mission and install the results in the device to convert the device into an authorized device.

Abstract: A method for protecting recorded multimedia content and enabling the recorded multimedia content to be shared between recorders and readers of multimedia content connected to one another via a wide area information transmission network.

Abstract: A method and system for generating ciphertext and message authentication codes utilizing shared hardware are disclosed. According to one embodiment, a method is provided of generating ciphertext message data and message authentication codes utilizing shared authenticated encryption unit hardware. In the described embodiment, plaintext message data is received at an authenticated encryption unit which comprises first and second authenticated encryption hardware modules. Thereafter, a first message authentication code (MAC) associated with a first authenticated encryption mode and a second MAC associated with a second authenticated encryption mode are generated. More specifically, the first MAC is generated utilizing the plaintext message data and first authenticated encryption hardware module and ciphertext message data and the second MAC are generated utilizing the plaintext message data and second authenticated encryption hardware module.

Abstract: The invention discloses a contactless seed programming method, belonging to information security field. In the method, a seed programming device obtains a token ID of a dynamic token, obtains corresponding first seed data according to the token ID, communicates with the dynamic token contactlessly, obtains first seed data from the dynamic token, decrypts the first seed data so as to obtain second seed data, encrypts the second seed data with the first data so as to obtain third seed data and sends the third seed data to the dynamic token; and the dynamic token decrypts the seed and updates seed stored in itself. By the invention, programming operation is simplified and programming efficiency is improved by communicating with the dynamic token contactlessly and security is ensured by transferring the encrypted seed during communication between the programming device and the token.

Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session with. The server transmits the encrypted premaster secret to the different server for decryption along with other information necessary to compute a master secret. The different server decrypts the encrypted premaster secret, generates the master secret, and transmits the master secret to the server. The server receives the master secret and continues with the handshake procedure including generating one or more session keys that are used in the secure session for encrypting and decrypting communication between the client device and the server.

Abstract: A method for authorizing an access to a table of address correspondence between a multitask CPU and at least one memory containing several programs, consisting of calculating, on each task change of the CPU, a signature of at least part of the program instruction lines, and checking the conformity of this signature with a signature recorded upon previous execution of the involved program.

Abstract: Malware that is signed with multiple, valid credentials is detected. A central computer such as a server receives secure hashes of signed application bodies and immutable portions of corresponding digital signatures for a plurality of signed applications from a plurality of client computers. Received secure hashes of signed application bodies are compared. Multiple instances of a single signed application are identified based on the comparing of multiple received secure hashes of signed application bodies. Responsive to identifying multiple instances of the single signed application, received secure hashes of immutable portions of digital signatures corresponding to identified multiple instances of the single signed application are compared. Responsive to the results of this comparing, a potential maliciousness of the signed application is adjudicated.

Abstract: Systems and methods are provided to allow a smart phone or any terminal to reserve and activate an electric vehicle charger using a web site or server computer system. An access control system is provided that includes a server and an access device. The access device includes an electrical vehicle charger. A reservation request is accepted from a first terminal using the server. A reservation certificate is provided to a portable second terminal in response to the request using the server. The reservation certificate is accepted from the portable second terminal using the access device. The reservation certificate is determined to be authentic using the access device. The electric vehicle charger is activated in response to accepting an authentic reservation certificate using the access device.

Abstract: An electronic device generates identifying values which are used in authenticating the electronic device. The device comprises an interface, a private key generator for generating a private key, a non-volatile memory for storing at least the private key, an index source, a hash engine, and a logical interconnection between the private key generator, the non-volatile memory, the index source, the hash engine and the interface. The hash engine generates identifying values provided to the interface via the logical interconnection. The identifying values are provided to a verifying device for use in authenticating the electronic device. Alternatively or in addition, devices may be paired to share a root key to cryptographically communicate between each other and/or to authenticate each other.

Abstract: A method for controlling an analysis system is presented. The method comprises receiving, by an encryption unit, authentication data of a user. In the case of a successful authentication, a user-specific security code is generated by the encryption unit. The security code is outputted by the encryption unit to the authenticated user. The security code and the user-ID are received by an authentication unit coupled to the analysis system via a user-interface coupled to the authentication unit. The security code is decrypted by the authentication unit. If the decrypted security code matches with the user-ID, the user is authenticated at the authentication unit and an authentication signal is generated by the authentication unit for permitting the user to initialize at least one function of the analysis system.

Abstract: A method, apparatus, system, and computer program product for user identity attestation in mobile commerce. The method may include obtaining a photograph of a user of a mobile device via a camera integrated with the mobile device; identifying a first set of fiducial points from the photograph; causing the first set of fiducial points from the photograph to be compared to a second set of fiducial points associated with an authorized user of the mobile device; and determining that the user is the authorized user if the first set of fiducial points matches the second set of fiducial points.

Abstract: An information handling system includes a memory and a detector circuit. The memory is configured to store a first electrocardiogram measurement. The detector circuit is configured to receive a second electrocardiogram measurement in response to a specific combination of keys of a keyboard being pressed for a specific period of time, wherein each key in the specific key combination includes an electrocardiogram sensor on a top surface of the key, to authorize a user and log the user onto the information handling system when the second electrocardiogram measurement matches the first electrocardiogram measurement, and otherwise: to deny access to the information handling system; to increase a counter; to determine whether the counter has exceeded a threshold; and to request that an input window is displayed when the counter has exceeded the threshold.

Abstract: Various embodiments for preserving data redundancy in a data deduplication system in a computing environment are provided. A selected data segment, to be written through the data deduplication system, is encrypted such that the selected data segment is not subject to a deduplication operation. Other system and computer program product embodiments are disclosed and provide related advantages.

Abstract: The present invention provides an execution method of a .NET program after encryption. An operating system allocates a process address space to a .NET program process and maps PE files into the process address space respectively. After the .NET program process runs, it is judged whether a currently running program module is encrypted. The .NET program process continues to run after the encrypted program module is decrypted. If the current program module calls a subroutine module, it is judged whether the subroutine module is encrypted. If the subroutine module is encrypted, a decryption operation is performed, and the .NET program process continues to run. With the method, encryption management can be performed on the .NET program based on modules, thereby providing diversified functions for protecting .NET software.

Abstract: A series of touch panel key entries may be secured by shuffling touch entry coordinates. In one embodiment, the entries may be secured by applying a shuffling algorithm that replaces the true coordinates with other incorrect coordinates. Then the correct data may be reassembled in a secure environment.

Abstract: Systems and methods for providing privacy of file synchronization with sharing functionality are presented. In embodiments, a file synchronization system comprises one or more folders associated with one or more non-shared encryption keys, which may be a managed key shared across an organization, and/or a personal key that is not shared or has limited third-party sharing. The one or more non-shared encryption keys are not known to the data storage service. The file synchronization system may also include one or more folders associated with a shared encryption key that is shared with the data storage service, and in embodiments, with a set of users of the service. The system may include a mapping correlating folders to encryption type so items in each folder can be handled appropriately. The system may have additional folders, such as one or more public folders that may be available with limited or no restrictions.

Abstract: Secure processing systems providing host-isolated security are provided. An exemplary secure processing system includes a host processor and a virtual machine instantiated on the host processor. A virtual unified security hub (USH) is instantiated on the virtual machine to provide security services to applications executing on the host processor. The virtual USH may further include an application programming interface (API) operable to expose the security services to the applications. A further exemplary secure processing system includes a host processor running a windows operating system for example, a low power host processor, and a USH processor configured to provide secure services to both the host processor and the low power host processor isolating the secure services from the host processor and the low power processor. The USH processor may also include an API to expose the security services to applications executing on the host processor and/or the low power host processor.

Abstract: Aspects of the present invention provide a solution for managing and retrieving encrypted biometric data. A plurality of biometric entries is obtained and each one is encrypted with a unique non-invertible encryption function to get a plurality of encrypted biometric entries. A biometric measurement to be compared against the biometric entries is obtained, a predetermined noise is applied to the biometric measurement, and then the biometric measurement if encrypted using the non-invertible encryption function, resulting in a scrambled encrypted biometric. For each comparison, one of the encrypted biometric entries is subtracted from the scrambled encrypted biometric to get a calculated noise. This calculated noise is then compared with the predetermined noise to determine whether a match exists. Based on a determination that a match exists any information associated with the encrypted biometric entry is forwarded to the requestor.

Abstract: Methods, systems, and apparatus, including a method for providing data. The method comprises receiving a first request from a first virtual machine (VM) to store data, obtaining the data and an access control list (ACL) of authorized users, obtaining a data key that has a data key identifier, encrypting the data key and the ACL using a wrapping key to generate a wrapped blob, encrypting the data, storing the wrapped blob and the encrypted data, and providing the data key identifier to users on the ACL. The method further comprises receiving a second request from a second VM to obtain a data snapshot, obtaining an unwrapped blob, obtaining the data key and the ACL from the unwrapped blob, authenticating a user associated with the second request, authorizing the user against the ACL, decrypting the data using the data key, and providing a snapshot of the data to the second VM.

Abstract: A mobile device includes an application processor, an RF modem for connection to cellular networks, wireless device for connection to wireless networks, a display coupled to the application processor, audio devices coupled to the application processor, power management for providing power through a main battery; and charging the battery, a hybrid memory including a magnetic memory, the magnetic memory further including a parameter area configured to store parameters used to authenticate access to certain areas of the main memory, and a parameter memory that maintains a first area, used to store protected zone parameters, and a second area used to store authentication parameters, the protection zone parameters and the authentication parameters being associated with access to the certain areas in the main memory that requires authentication. Upon modification of any of the parameters stored in the parameter memory by a user, a corresponding location of the parameter area of the main memory is also modified.

Abstract: A portable computing device with methodologies for client-side analytic data collection are described. In one embodiment, for example, a method performed by a portable computing device having volatile and non-volatile memory includes obtaining a plurality of events to be logged; serializing the events to be logged; storing the serialized events in the volatile memory; encrypting the serialized events to produce serialized and encrypted events; storing the serialized and encrypted events in the non-volatile memory; decrypting the serialized and encrypted events to produce serialized and decrypted events; storing the serialized and decrypted events in the volatile memory; compressing the serialized and decrypted events to produce compressed, serialized, and decrypted events; encrypting the compressed, serialized, and decrypted events to produce encrypted, compressed, and serialized events and storing the encrypted, compressed, and serialized events in the non-volatile memory.

Abstract: A system and method for enabling power conservation when making placement and relocation decisions. More specifically, a virtualized environment power conservation module enables power conservation when making placement and relocation decisions within a virtual environment. The virtualized environment power conservation module assigns virtual machines among a group of physical hosts in order to minimize the net power consumption. The virtualized environment power conservation module makes use of server power profile or real time power consumption data to make power consumption aware Virtual Machine assignment decisions. In certain embodiments, a server system exposes real power consumption (e.g. System Watts, Cumulative kWh. etc.) via system management interfaces. Additionally, in certain embodiments, the server systems may expose real power consumption via standard power profiles. These systems leverage PMBus-enabled power supplies to read the power metric information.

Abstract: According to another general aspect, a method for displaying the system resource usage of a computer may include identifying the number of open tabs in one or more tabbed based browsers running on the computer. The method may include determining the system resource usage of each tab. The method may further include displaying the system resource usage of each tab in a system resource meter.

Abstract: A peripheral device includes a host interface, a power interface, a switch, a control module, and a regulator. The host interface transfers data between the peripheral device and a host. The power interface receives power from a power source. The power source is separate from the peripheral device and the host. The control module monitors the host interface and generates a control signal to transition the switch from a first state to a second state when the host interface does not receive an expected signal from the host. The regulator powers the control module and a circuit of the peripheral device based on the power received from the power source. The control module is separate from the circuit. The switch activates the control module, the regulator and the circuit when in the first state and deactivates the control module, the regulator and the circuit when in the second state.

Abstract: Provided is a power supply circuit capable of suppressing a power supply voltage to be input to an integrated circuit device to low level. A power supply circuit (10) controls power supply to an integrated circuit device (30) having a built-in IC chip (31). The power supply circuit (10) acquires a value of a current flowing in the integrated circuit device, and changes a power supply voltage to be input to the integrated circuit device (30), in accordance with the acquired value of the current.

Abstract: The present invention discloses a server and a booting method thereof. The booting method includes the following steps. A motherboard and a hard disk driver backplane coupled to multiple hard disk drivers are provided, and a working voltage is provided for the hard disk driver backplane, wherein a power-up normal signal is generated when the hard disk driver backplane is powered up normally, and the motherboard includes a booting control circuit and a controller. In response to the power-up condition of the hard disk driver backplane, the hooting control circuit receives the power-up normal signal and outputs a power-up control signal to the controller. When receiving the power-up control signal, the controller controls the motherboard to be booted or maintained as off by determining the condition of the power-up control signal, for the data exchange between the motherboard and the hard disk driver.

Abstract: A processor may include power management techniques to, dynamically, chose an optimal C-state for the processing core. The measurement of real workloads on the OSes exhibit two important observations (1) the bursts of high interrupt rate are interspersed between the low interrupt rate periods and long periods of high activity levels; and (2) the interrupt rate may, suddenly, fall below an interrupt rate (of 1 milli-second, for example) that is typical of the current operating systems (OS). Instead of determining the C-state based on the stale data stored in the counters, the power control logic may determine an optimal C-state by overriding the C-state determined by the OS or any other power monitoring logic. The power control logic may, dynamically, determine an optimal C-state based on the CPU idle residency times and variable rate wakeup events to match the expected wakeup event rate.

Abstract: An Optimized Personal Computer (OPC) system may be a multi-functional processing unit with ultra-low power consumption and may consist of a single chip having a plurality of processors thereon. Each processor may be specialized for tasks including computing, graphic processing and audio processing. The OPC may be connected to a mother board, a memory unit and an I/O interface. The OPC may be connected to a primary PC (either in an expansion slot or in a drive bay) via a USB connection, for example, and be configured to run continuously and take over certain tasks from the primary PC as needed while the primary PC hibernates. The OPC may also be embedded in a monitor or other peripheral devices.

Abstract: A method includes monitoring, through a battery driver component of a embedded operating system executing on a data processing system deriving power from a battery, a state of the battery. The method also includes modifying, through a backlight driver component of the embedded operating system, an intensity level of a backlight of one or more Input/Output (I/O) devices of the data processing system from a current level associated with a normal operation thereof to an intensity level lower than the current level when the battery is detected to be in a critical state to prolong a lifetime thereof. The critical state is associated with a remaining charge on the battery being below a threshold required to maintain the data processing system in a powered on state.

Abstract: This disclosure relates to an alarm-based power saving mode and associated system implemented on a device for a microprocessor or a telematics circuitry, and more particularly, to an alarm and powered-up microprocessor-driven power latch for disabling a power source to a microprocessor or telematics circuitry at a power switch. A microprocessor and/or telematics circuitry are powered down by an instruction step from the microprocessor or the telematics circuitry by using a power switch to cut off power. The switch is controlled by a power latch, which is regulated by a wake-up value given to an alarm to enable the power latch and exercise power switch control, as well as by a value given directly by the microprocessor to enter the powered down mode.

Abstract: Independent power control of two or more processing cores. More particularly, at least one embodiment of the invention pertains to a technique to place at least one processing core in a power state without coordinating with the power state of one or more other processing cores.

Abstract: An example method includes communicating a first signal to a remote computer element, the first signal can be used to establish a link between the remote computer element and a local computer element. The method also includes evaluating whether the remote computer element is configured to support a low-power protocol in which low-power IDLE signals are exchanged between the local computer element and the remote computer element, the evaluating occurs using a link layer protocol. In detailed embodiments, the method includes negotiating a wake-up time for the remote computer element to shift from a low-power mode to an active mode. The method can also include evaluating buffer parameters to confirm the wake-up time for the remote computer element to shift to the active mode. In still other embodiments, the method can include delaying a data transmission on the link for at least the wake-up time that was negotiated.

Abstract: An electronic device, such as an e-book, for displaying information includes a power source; a display having a high power mode and a low power mode, said display being powered by said power source; and a power control arrangement for switching the display to a low power mode when no changes to selected regions of the display are required for at least a predetermined time. The power control arrangement switches said display from said low power mode to said high power mode when changes of said display are required in display portions other than said selected portions. A method for operating the electronic device. A computer readable medium having computer readable instructions thereon for implementing the method.

Abstract: Various embodiments of methods and systems for mode-based reallocation of workloads in a portable computing device (“PCD”) that contains a heterogeneous, multi-processor system on a chip (“SoC”) are disclosed. Because individual processing components in a heterogeneous, multi-processor SoC may exhibit different performance capabilities or strengths, and because more than one of the processing components may be capable of processing a given block of code, mode-based reallocation systems and methodologies can be leveraged to optimize quality of service (“QoS”) by allocating workloads in real time, or near real time, to the processing components most capable of processing the block of code in a manner that meets the performance goals of an operational mode. Operational modes may be determined by the recognition of one or more mode-decision conditions in the PCD.

Abstract: A Multi-Tile Power Management Integrated Circuit (MTPMIC) includes tiles including an MCU/ADC tile and a power manager tile. The power manager tile includes a hibernate circuit and a set of Configurable Switching Power Supply Pulse Width Modulator (CSPSPWM) components. The CSPSPWM, in combination with other circuitry external to the integrated circuit, form a switching power supply. The hibernate circuit is operable in a hibernate mode where the CSPSPWM is disabled and the switching power supply no longer generates a supply voltage. A processor in the MCU/ADC tile writes across a standardized bus to configure the hibernate circuit to wake up after a timer determines a configurable amount of time has lapsed, or to wake up in response to a signal present on a terminal of MTPMIC. The processor enables the hibernate mode causing the switching power supply to no longer provide power to the processor and other circuitry of MTPMIC.

Abstract: In transferring data between a first computing device having a first clock generator component and a second computing device having a second clock generator component, timing information is generated by at least the first clock generator component and is shared over a communication channel with the second computing device to synchronize the first and second clock generator components. Upon detecting that power available to the first computing device has fallen below a designated threshold level, the first computing device enters a power loss mode. Upon entering the power loss mode, the first computing device selectively inactivates one or more designated components by a power module while continuing operation of at least the first clock generator component to maintain the synchronizing timing information associated with the second clock generator component.