Abstract: An information processing apparatus includes a verification unit that performs verification of software to be executed by an execution unit, a retaining unit that retains information indicating a voltage supposed to be applied to the execution unit, a power supply unit that applies a predetermined voltage to the execution unit on the basis of the information, and a clock signal output unit that outputs clock signals having frequencies, and the clock signal output unit outputs a clock signal having a first frequency to the verification unit when verification of the software is performed, outputs a clock signal having a second frequency lower than the first frequency to the execution unit before the predetermined voltage is applied to the execution unit, and outputs a clock signal having a third frequency higher than the second frequency to the execution unit after the predetermined voltage is applied to the execution unit.

Abstract: An apparatus and a method for preserving the privacy of at least a user, wherein the method includes an authentication phase during which authentication information specifying a first level of access and a second level of access are detected, a determination phase during which it is determined, on the basis of the authentication information, whether the first or the second level of access is enabled, a first output phase during which at least one first set of personal information (P1) is outputted, through the output apparatus, if either the first level of access or the second level of access is enabled, and a second output phase during which at least one second set of personal information (P2) is outputted, through the output apparatus, only if the second level of access is enabled.

Abstract: An application-specific integrated circuit (ASIC) and method are provided for executing a memory-hard algorithm requiring reading generated data. A processor or state machine executes one or more steps of the memory-hard algorithm and requests the generated data. At least one specialized circuit is provided for generating the generated data on demand in response to a request for the generated data from the processor. Specific embodiments are applied to memory-hard cryptographic algorithms, including Ethash and Equihash.

Abstract: Disclosed is an electronic device that receives a first input received through a stylus pen connected with the electronic device through wireless communication in a lock state of the electronic device, identifies unlock history information by at least one user authentication method in response to receiving the first input, and changes a state of the electronic device to an unlock state, based at least partially on an existence of the identified unlock history information.

Abstract: Embodiments of the present application provide an acoustic sensing-based text input method, comprising: obtaining audio information corresponding to text to be input; dividing the audio information to obtain an audio segment for each letter to be recognized in the text to be input; sending to the server, a type of the text to be input, the audio segments for letters to be recognized, and arrangement of the audio segment for the letter to be recognized in the audio information; receiving input result returned by the server, and displaying, based on the input result, text information corresponding to the text to be input on the display screen of the mobile terminal. The method allows effective text input without relying on a display screen.

Abstract: A first fraction of an electrical stimulation is allocated to a first electrode. In response to user input, the first fraction of the electrical stimulation is fixed to the first electrode such that the first fraction is user-adjustable but cannot be automatically changed. In response to the first fraction being fixed to the first electrode, a respective second fraction of the electrical stimulation is automatically allocated to a plurality of second electrodes. The second fraction is a function of the first fraction and a total number of the second electrodes. Thereafter, a new electrode is added to, or deleting from, the second electrodes, while the first fraction is still fixed to the first electrode. The respective second fractions are automatically adjusted in response to the adding or the deleting, without affecting the first fraction of the electrical stimulation that has been fixed to the first electrode.

Abstract: Magnetic PUFs (Physical Unclonable Function) may utilizes a single 3-axis Hall-effect sensor for enrollment. When a PUF is manufactured, a Hall-effect sensor is used to model the PUF disk and store that data where it may be accessed. This process is called “enrollment.” This invention improves upon the PUF implementation by introducing controlled variability into the enrollment, the reading of the PUF data from the Hall-effect sensors (the number and position of read sensors), the sampling method of the read sensor(s), and the processing of the PUF data.

Abstract: A request is received from a security tool, the request relating to an event involving data records in a storage device. An application programming interface (API) is used to interface with secure storage functionality of the storage device, the secure storage functionality enabling a set of secure storage operations. A security operation is caused to be performed at the storage device involving the data records based at least in part on the request. In one aspect, the set of secure storage operations can include a direct read operation, a direct write operation, a copy-on-write operation, and a save-attempted-write operation.

Abstract: An authentication tag and a method for producing the same are disclosed. For example, the authentication tag includes a substrate, a correlation mark printed on a first part of the substrate, a key printed on the second part of the substrate, wherein a portion of the substrate is transparent, and at least one raised feature is printed on the substrate.

Abstract: Examples herein disclose monitoring an expected functionality upon execution of a system management mode (SMM) code. The examples detect whether a change has occurred to the SMM code based on the monitoring of the expected functionality. The change indicates that the SMM code is compromised.

Abstract: Methods and systems are presented for providing enriched technical security data to a risk engine of an online service provider, and for adjusting security settings based on the enriched data. The enriched security data may be generated by recursively deriving additional security information from an initial security data input. The initial security data input may be associated with a risk source, such as a person or a device that submits an electronic request to the online service provider. Based on the initial security data input, the risk engine may recursively derive additional security information that enriches the initial security data input. The risk engine may then use the derived security information as well as the initial security data input to assess a risk level of the risk source, and then adjust a security setting of the online service provider based on the assessed risk level of the risk source.

Abstract: A mobile device allows transmission of additional outgoing application data requests in response to occurrence of receipt of data transfer from a remote entity, user input in response to a prompt displayed to the user, and a change in a background status of an application executing on the mobile device. Additional outgoing application data requests are foreground application requests.

Abstract: An electronic system includes a plurality of hardware devices and an authenticated circuit. The authenticated circuit is integrated, as fixed hardware, in the electronic system together with the plurality of hardware devices during a manufacturing process of the electronic system, the authenticated circuit configured to verify system integrity based on a system identification code provided from inside of the electronic system by at least one of the plurality of hardware devices, the system integrity indicating that a combination of the authenticated circuit and the plurality of hardware devices has not been modified since the manufacturing process, the authenticated circuit configured to perform a mining operation to generate a next block, the next block to be linked to a blockchain only in response to the authenticated circuit verifying the system integrity. Indiscriminate mining competition may be prevented or reduced in likelihood of occurrence.

Abstract: The secure chain of trust steps to boot-up a computing device are split between the shutdown procedure of the computing device and the boot-up procedure of the computing device to reduce the time required for the computing device to boot-up. The main image associated with a central processing unit of the computing device is validated during the shutdown procedure of the computing device such that the operating system for the central processing unit is available when the computing device receives an action to power on. The boot-up time for the computing device is reduced, which allows the computing device to boot-up within an established time frame.

Abstract: Techniques are described for energy scoring of a monitored property and users of the monitored property. A system provides users with information related to the efficiency of the monitored property and aggregates data over multiple monitored properties. The system computes and outputs a score for a monitored property that reflects efficiency of the property and/or the users of the property. The system may track how that score changes through time, and how it relates to neighboring properties. The score may be expressed as both a number and a percentile.

Abstract: At the start of an I/O cutover process that changes host computer access to a logical volume from a source data storage appliance to a destination data storage appliance, and during which processing of host I/O operations directed to the logical volume is frozen, at least one I/O freeze timer is set. In response to expiration of the I/O freeze timer, and prior to completion of the I/O cutover process, processing of host I/O operations directed to the logical volume is resumed.

Abstract: A device includes a memory. The device also includes a controller. The controller includes a register configured to store an indication of whether an ability of a received command to alter an access protection scheme of the memory is enabled. The received command may alter the access an access protection scheme of the memory responsive to the indication.

Abstract: A method for secure boot includes, in a processor, retrieving from a memory device a firmware boot code for bootstrapping a firmware of the processor. The firmware boot code is authenticated using an authentication key. In response to failing to authenticate the firmware boot code using the authentication key, an attempt is made to authenticate a recovery firmware code, which has reduced functionality relative to the firmware boot code, using a recovery key. Upon successfully authenticating the recovery firmware code using the recovery key, the firmware boot code is restored from a host, the restored firmware boot code is authenticated by executing the recovery firmware code, and the firmware is bootstrapped using the authenticated firmware boot code.

Abstract: Customers of a service provider are able to provision compartments of the accounts. The both the accounts and the compartments, in some embodiments, may have associated computing resources and identities. One or more identities of the account may be authorized to perform administrative operations in the compartment. Identities of the compartment may lack the ability to perform any administrative actions outside of the compartment but inside of the account.

Abstract: A method for processing data in a plurality of processing acts includes: configuring a plurality of processing circuits in a first configuration, in such a way that both a first and a second of the plurality of processing circuits execute a first of the plurality of processing acts; and configuring the plurality of processing circuits in a second configuration, in such a way that the first processing circuit executes a second processing act and the second processing circuit executes a third processing act, which is different than the second processing act. An apparatus is designed for carrying out the method.

Abstract: An electronic device and a method for processing an image by the electronic device according to various embodiments of the present invention are provided. The method may comprise: generating password information for a first image using security information of a user; changing the first image to a second image using the generated password information; and transmitting the second image and the password information in response to a transmission request of the first image. Various other embodiments may be available.

Abstract: Some embodiments described herein include a method to validate supply chains for electronic devices using side-channel information in a signature analysis. The method includes sending, to a target device, a first signal associated with a set of codes to be executed by the target device, and then receiving first side-channel information associated with the target device in response to the target device executing the set of codes. The method also includes determining second side-channel information associated with a simulated device in response to the set of codes. The method further includes comparing a discriminatory feature of the first side-channel information with a discriminatory feature of the second side-channel information to determine a characteristic of the target device based on a pre-determined characteristic of the simulated device. Finally, the method includes sending, to a user interface, a second signal associated with the characteristic of the target device.

Abstract: One example provides, on a USB input device, a method comprising receiving an unlock request to change a firmware lock state of a controller of the USB input device from a locked state to an unlocked state, determining whether the unlock request is valid or invalid, when the unlock request is valid, updating the firmware lock state from the locked state to the unlocked state and sending a process completion message, when the unlock request is invalid, sending the process completion message without updating the firmware lock state, receiving a firmware update request, determining whether the firmware lock state is in the locked state or the unlocked state, receiving a firmware payload, authenticating data of the firmware payload, and when the firmware lock state is determined to be in the unlocked state and when the data of the firmware payload is authenticated, then installing the firmware payload.

Abstract: A film includes: a first electrode facing a desired position in a screen of a display device, a capacitive touch panel being included in or externally attached to the display device; a second electrode electrically connected to the first electrode; and an optical layer that refracts light from the screen of the display device in a desired direction.

Abstract: The present disclosure includes a method for authenticating a field device of automation technology with respect to a destination device. A telegram is created by the field device, which telegram includes a first data field and at least a second data field. The first data field includes information on the status of the field device and/or of the device components of the field device and/or information on the device parameterization/configuration, and a sequence counter or a time stamp. Security data are generated from the first data field via a cryptographic method, which security data are stored in the second data field. The telegram is transmitted from the field device to the destination device, wherein the destination device verifies the second data field as to authenticity or integrity upon receipt of the telegram, and wherein a first alarm is generated if the authenticity or the integrity of the second data field is not successfully verified.

Abstract: In one embodiment, a method includes accessing, by a stylus, data indicating a customization of a device for the particular user. The stylus is associated with a particular user and is configured to transmit signals wirelessly to the device through a touch sensor of the device. The data indicating the customization is stored in a memory of the stylus. The method also includes wirelessly transmitting the data by the stylus to the device through the touch sensor of the device to affect the customization of the device for the particular user.

Abstract: Systems and methods are provided for control of a personal computing device based on user face detection and recognition techniques.

Abstract: A battery cell for a battery of a motor vehicle with a battery cell housing, in which a galvanic element is accommodated. The battery cell can be electrically connected to at least one other battery cell by way of two electrical connection terminals. A control device of the battery cell is operatively connected to at least one functional unit of the battery cell. The control device of the battery cell is designed for the purpose of receiving a command issued by an external control device. The control device includes a verification unit, which is designed for the purpose of verifying an authorization of the external control device to issue the command.

Abstract: A system includes a storage medium enterprise and a processing component. The storage medium enterprise includes a first storage medium configured to store data and a second storage medium configured to store data. The processing component external to the storage medium enterprise is configured to receive and process data received from the storage medium enterprise. The first storage medium is configured to transmit a first operational data associated with the first storage medium to the processing component and the second storage medium is configured to transmit a second operational data associated with the second storage medium to the processing component. The first operational data is formed into a block of a block chain prior to transmission to the processing medium and the second operational data is formed into another block of the block chain prior to transmission to the processing medium.

Abstract: Disclosed in some examples are systems, methods, memory devices, and machine readable mediums for a fast secure data destruction for NAND memory devices that renders data in a memory cell unreadable. Instead of going through all the erase phases, the memory device may remove sensitive data by performing only the pre-programming phase of the erase process. Thus, the NAND doesn't perform the second and third phases of the erase process. This is much faster and results in data that cannot be reconstructed. In some examples, because the erase pulse is not actually applied and because this is simply a programming operation, data may be rendered unreadable at a per-page level rather than a per-block level as in traditional erases.

Abstract: Described are techniques for determining a qualification status of a device in a system. An occurrence of a trigger event for the device is determined. The trigger event is caused by an occurrence of any of a time-based event, a performance-based event, a usage-based event, and an unscheduled event. A user notification is provided to perform a first action responsive to the occurrence. The first action is an action to perform any of a maintenance activity, a repair activity, and a test for the device. The qualification status of the device is updated in accordance with said first action. Also described are techniques for more generally determining a compliance status of a device where the compliance status may be related to any one or more of qualification, verification, validation and/or calibration of the device.

Abstract: Protecting an encryption key for data stored in a storage system that includes a plurality of storage devices, including: reading, from at least a majority of the storage devices, a portion of an apartment key; reconstructing the apartment key using the portions of the apartment key read by the majority of the storage devices; unlocking the main portion of each of the storage devices utilizing the apartment key; reading, from the main portion of one of the storage devices, a portion of a third-party resource access key; requesting, from the third-party resource utilizing the third-party resource access key, an encryption key; receiving, from the third-party resource, the encryption key; and decrypting the data stored on the storage devices utilizing the encryption key.

Abstract: A tracking device can securely communicate with a secondary device. The secondary device can provide locations associated with the tracking device to a tracking system. When the secondary device determines that the tracking device is lost (for instance, in response to no longer receiving communications from the tracking device), the secondary device can provide additional locations associated with the secondary device to the tracking system. The tracking system can store locations received before and after the tracking device was lost, and can provide these locations to the user for display within a map interface, enabling a user to digitally retrace the user's steps in order to aid the user in locating the lost tracking device.

Abstract: A tracking device can securely communicate with a secondary device. The secondary device can provide locations associated with the tracking device to a tracking system. When the secondary device determines that the tracking device is lost (for instance, in response to no longer receiving communications from the tracking device), the secondary device can provide additional locations associated with the secondary device to the tracking system. The tracking system can store locations received before and after the tracking device was lost, and can provide these locations to the user for display within a map interface, enabling a user to digitally retrace the user's steps in order to aid the user in locating the lost tracking device.

Abstract: Systems and methods for providing and verifying customer-owned trust of device firmware are described. In some embodiments, an Information Handling System (IHS), may include a processor and a Basic Input/Output System (BIOS) coupled to the processor, the BIOS having program instructions stored thereon that, upon execution, cause the IHS to: receive, from a user, selection of a pre-boot code module; export a digest of the pre-boot code module to the user; and import the digest signed by the user.

Abstract: A method for voltage regulation includes reducing a power consumption of a voltage regulator during an IDLE phase, by disabling a feedback loop configured to regulate an internal voltage to a multiple of a reference voltage in response to the voltage regulator receiving a digital signal from a digital circuit. The internal voltage is proportional to an external voltage supplied to the digital circuit. A regulated accuracy of the external voltage is increased during a MEASUREMENT phase by enabling the feedback loop in response to the voltage regulator receiving the digital signal from the digital circuit.

Abstract: A system and device for adding electronics to materials of a wallet to form a smart wallet. A smart wallet stows and retrieves information stored or displayed on various transaction cards and other information typically carried within the wallet. Electronic and physical features of a smart wallet include devices and techniques for attaching electronics to accessories, and also for attaching accessories, to primary devices to form a smart wallet. The user can then interact with the smart wallet and its cards, information and accessories using an interface that governs that interaction while retaining the security of the information. Mechanical features include techniques for integrating electronics within materials to add electronic functionality to make any device a smart wallet. Several accessory styles and devices for attaching same to electronics are also disclosed.

Abstract: A system and an apparatus for controlling electric power supply and methods therefor are described. In particular, a system and an apparatus for powering down an electronic device and methods therefor include a device for communicating with a user, a processor for determining electric power supply to the device, and a sensor for monitoring presence of the user.

Abstract: Technologies for securely binding a manifest to a platform include a computing device having a security engine and a field-programmable fuse. The computing device receives a platform manifest indicative of a hardware configuration of the computing device and a manifest hash. The security engine of the computing device blows a bit of a field programmable fuse and then stores the manifest hash and a counter value of the field-programmable fuse in integrity-protected non-volatile storage. In response to a platform reset, the security engine verifies the stored manifest hash and counter value and then determines whether the stored counter value matches the field-programmable fuse. If verified and current, trusted software may calculate a hash of the platform manifest and compare the calculated hash to the stored manifest hash. If matching, the platform manifest may be used to discover platform hardware. Other embodiments are described and claimed.

Abstract: In a general aspect, a method of generating a protected implementation of an algorithm includes: expanding an original source code implementing the algorithm into a single set of real operations; combining each real operation using real data with the real data it uses, to obtain a combination represented in a way which uses an actual real data fragment in a form different from an original form; producing a set of duplicated and mutated decoy operations representing an alternative implementation of the algorithm, applied to decoy data; combining the set of decoy operations with the set of real operations including the combinations, to obtain an implementation where the decoy operations interact with the real operations and the real data processed by the real operations, such that a real data flow of in the implementation is difficult to analyze; and transforming the implementation into a resulting code that can be executed.

Abstract: The disclosure relates to a motor vehicle having a communications device. The communications device comprises at least one wireless communications module, which facilitates a wireless communications link between at least one vehicle component, which is connected via a communications line to the wireless communications module, and a communications partner. The motor vehicle also comprises an isolator that can be manually actuated and disconnects in hardware the wireless communications link between the vehicle component and the communications partner.

Abstract: Provided are an application processor and a semiconductor system including the same. The semiconductor system includes the application processor, which may include a first register value and of which an operation is controlled by the first register value. The semiconductor system also includes a semiconductor device, which may include a second register value and of which an operation is controlled by the second register value, and a memory storing a third register value that is a copy of the first register value and a fourth register value that is a copy of the second register value. If the stored third register value is changed, the changed third register value is mapped onto the first register value of the processor, and if the fourth register value is changed, the changed fourth register value is mapped onto the second register value.

Abstract: A system for reseeding a pseudo random number generator to generate pseudo random numbers includes a true random number generator generating a true random number, a storage device storing the generated true random number, a pseudo random number generator generating pseudo random numbers using the stored true random number as a seed, and a controller coupled to the true random number generator and the pseudo random number generator to (1) generate a new true random number concurrently with the operation of the pseudo random number generator, and storing the new true random number, and (2) reseed the pseudo random number generator with the new true random number.

Abstract: An electronic hardware assembly including at least a first and second laminar component, wherein the first laminar components includes a die, the die including a substrate, a functional region and a first protective layer, and the second laminar component includes a second protective layer, wherein the first and second laminar components are arranged in a stack such that the functional region of the first laminar component is arranged within the assembly substantially between first and second protective layers.

Abstract: A point-of-sale (POS) system is provided. The POS system may include an adjustable housing configured to receive a computing device. The POS system housing may be adjustable so that a screen of the computing device can be viewed by a merchant and a customer. The computing device may be removable from the housing for use as a mobile POS system. The POS system may also include electronics for accepting various forms of payment and for connecting the computing device to a network.

Abstract: Methods and apparatus to allocating and/or configuring persistent memory are described. In an embodiment, memory controller logic configures non-volatile memory into a plurality of partitions at least in part based on one or more attributes. One or more volumes (visible to an application or operating system) are formed from one or more of the plurality of partitions. Each of the one or more volumes includes one or more of the plurality of partitions having at least one similar attribute from the one or more attributes. In another embodiment, memory controller logic configures a Non-Volatile Memory (NVM) Dual Inline Memory Module (DIMM) into a persistent region and a volatile region. Other embodiments are also disclosed and claimed.

Abstract: A trusted time service is provided that can detect resets of a real-time clock and re-initialize the real-time clock with the correct time. The trusted time service provides a secure communication channel from an application requesting a timestamp to the real-time clock, so that malicious code (such as a compromised operating system) cannot intercept a timestamp as it is communicated from the real-time clock to the application. The trusted time service synchronizes wall-clock time with a trusted time server, as well as protects against replay attacks, where a valid data transmission (such as transmission of a valid timestamp) is maliciously or fraudulently repeated or delayed.

Abstract: A random byte generator comprising a noise source configured to generate a noise signal, a digitizer with a resolution of no less than two bits and configured to digitize the noise signal from the noise source, and a processor configured to apply pre-defined rules for selecting bits captured by said digitizer and to generate random bit strings by combining the selected bits.

Abstract: Provided is an authentication apparatus that performs user authentication, using a wearable terminal worn by a user, whereby allowing a high security to be achieved. It includes a storage part that stores a piece of authentication information in which a piece of terminal information that identifies the wearable terminal worn by the user is registered, a communication part that makes communication with the wearable terminal worn by the user to acquire a piece of terminal information, and an authenticating part that performs user authentication in the case where the same piece of terminal information as that registered in the authentication information has been acquired by the communication part.

Abstract: Systems and methods may provide implementing one or more device locking procedures to block access to a device. In one example, the method may include receiving an indication that a user is no longer present, initiating a timing mechanism to set a period to issue a first device lock instruction to lock a peripheral device, relaying timing information from the timing mechanism to a controller module associated with the peripheral device; and locking the peripheral device upon expiration of the period.