摘要:
A technique allows a parentally attested security token to serve as authentication for a minor using identifying attributes of the minor child. The security token may include personally identifiable information about the child, a description of authorized activity as well as specifications of intended use of the security token. The security token may include provisions for authentication to be revoked by a parent or guardian and/or expire after a predetermined time. The security token may be stored inside a trusted execution environment of a portable computing device that may be carried by the minor and presented at physical locations where authentication is required.
摘要:
An embodiment of the invention provides for an authenticated launch of VMs and nested VMMs. The embodiment may do so using an interface that invokes a VMM protected launch control mechanism for the VMs and nested VMMs. The interface may be architecturally generic. Other embodiments are described herein.
摘要:
An embodiment of the invention provides for an authenticated launch of VMs and nested VMMs. The embodiment may do so using an interface that invokes a VMM protected launch control mechanism for the VMs and nested VMMs. The interface may be architecturally generic. Other embodiments are described herein.
摘要:
The present disclosure is related to managing a caching system based on object fetch costs, where the fetch cost are based on the access latency, cache misses, and time to reuse of individual objects. The caching system may be a multi-tiered caching system that includes multiple storage tiers, where an object management system determines whether to retain or evict an object from a cache of a particular storage tier based on the object's fetch cost. Additionally, eviction can include moving objects from a current storage tier to another storage tier based on the current storage tier and fetch costs.
摘要:
System and techniques for fault tolerant telemetry of distributed devices are described herein. A node includes a hardware component that receives telemetry from an entity resident on the node. The hardware component signs the telemetry with a cryptographic key to create signed telemetry and stores the signed telemetry in memory of the hardware component. Then, upon request from a remote entity, the hardware component provides the signed telemetry.
摘要:
Systems and techniques for transparent dynamic reassembly of computing resource compositions are described herein. An indication may be obtained of an error state of a component of a computing system. An offload command may be transmitted to component management software of the computing system. An indication may be received that workloads to be executed using the component have been suspended. An administrative mode command may be transmitted to the component. The administrative mode command may place the component in partial shutdown to prevent the component from receiving non-administrative workloads. Data of the component may be synchronized with a backup component. Workloads from the component may be transferred to the backup component. An offload release command may be transmitted to the software of the computing system.
摘要:
System and techniques for information centric network tunneling are described herein. At an ICN router, a data handle for data—that includes an indication of security metadata—is received. The security metadata is obtained based on the data handle and the data is cached based on the security metadata. An ICN node at an interface of the ICN router is tested for compatibility with the security metadata and a version of the data is transmitted to the ICN node based on the compatibility of the ICN node with the security metadata.
摘要:
System and techniques for decentralized key generation and management are described herein. An information centric network (ICN) node receives a first ICN interest packet for public encryption parameters of an identity based encryption (IBE) key generation center (KGC). Public encryption parameters for the KGC are received in a first ICN data packet in response to the first ICN interest packet. The public encryption parameters are cached and used to respond a second ICN interest packet for the public parameters. A third ICN data packet may be received from the KGC in response to a key generation request. Here, the third data packet includes an indication that the third ICN data packet is part of a one-time session. Then, the third ICN data packet is transmitted without caching the third ICN data packet content based on the indication.
摘要:
Systems and techniques for adaptive limited-duration edge resource management are described herein. Available capacity may be calculated for a resource for a node of the edge computing network based on workloads executing on the node. Available set-aside resources may be determined based on the available capacity. A service request may be received from an application executing on the edge computing node. A priority category may be determined for the service request. Set-aside resources from the available set-aside resources may be assigned to a workload associated with the service request based on the priority category.
摘要:
Systems and techniques for information centric network (ICN) high definition (HD) map distribution are described herein. For example, a vehicle may detect a map tile event (e.g., moving into an area for which the vehicle does not have an up-to-date map tile). The vehicle may transmit an interest packet a name for the map tile via an ICN and receiving the map tile in a data packet sent in response to the interest packet.