Abstract: A system is provided. The system comprises a processing circuit communicably coupled with various circuits, and the processing circuit having at least one processor coupled to at least one memory storing instructions that, when executed by the at least one processor, cause the processing circuit to receive an input from a user identifying an experience provider for data sharing, configure a permission set for the experience provider, receive a request for access to data of the user from a computing system, authenticate the request for access to data of the user, generate an access token that serves as a proxy to the stored permission set associated with the experience provider, provide the generated access token to the computing system, receive a subsequent request for data of the user from the computing system, and provide data of the user as identified by the access token.

Abstract: Improved techniques for secure access to cloud-based services via a gateway proxy. The improved techniques can efficiently manage remote access to cloud-based services by local processing agents in a secure manner using an intermediate authentication token issued by a gateway proxy to authorized local processing agents. The intermediate authentication token can be used to obtain authentication credentials of service providers that are needed to access the cloud-based services that are offered by service providers. In some embodiments, the authentication credentials of service providers need only be distributed to the gateway proxy and need not be distributed beyond the gateway proxy. The improved techniques are well suited for used with robotic process automation systems in which local processing agents, such as software agents, perform user tasks in an automated fashion.

Abstract: Methods, systems, and apparatuses for risk analysis of web pages using a machine learning model are described herein. A computing device may receive a risk detection machine learning model trained to receive input corresponding to a web page and output an indication of risk associated with the web page. The computing device may execute a web browser application and collect user activity data by monitoring user activity associated with the web browser application. The computing device may access, via the web browser application, a first web page, and collect page data associated with the first web page. The computing device may calculate a risk level of the first web page. The risk level may be calculated by processing, using the risk detection machine learning model, both the user activity data and the page data. A security recommendation may be output based on the risk level.

Abstract: A technique of proofing against tampering with a computer including a chassis with a plurality of fasteners. The technique includes obtaining by the computer data indicative of a sequence of implication events associated with the fasteners of the plurality of fasteners, generating a pattern corresponding to the sequence of implication events, matching between data corresponding to the generated pattern and a reference data, and initiating one or more anti-tampering actions responsive to a mismatching result. The method can further include generating a cryptographic signature corresponding to the generated pattern, wherein matching between data corresponding to the generated pattern and the reference data includes matching the generated cryptographic signature to a cryptographic reference corresponding to the reference data. Alternatively, or additionally, the generated cryptographic signature can be usable for secure access to information stored on the computer.

Abstract: Provided is a method for authenticating a device. The method may include coupling a first device to an interaction database that is connected to a second device. The first and second devices store first group public and private keys. The second device also stores second device public and private keys. The first device transmits to a remote computer system a first message encrypted with a remote computer system public key that includes challenge data and response data encrypted with the first group public key and authentication data. The second device receives from the remote computer system a second message including the encrypted challenge data. The second device transmits to the remote computer system a third message including the response data. In response to receiving an authentication message, interaction may be permitted between the first device and remote computer system. A system and computer program product are also disclosed.

Abstract: A method includes receiving an update biometric reference sample and a user identifier by a computing system and retrieving a previous biometric reference template record in a storage location based on the user identifier by the computing system. The previous biometric reference template record includes a previous biometric reference template generated using a previous biometric reference sample. The method further includes comparing the update biometric reference sample to the previous biometric reference template by the computing system and, responsive to determining that a biometric data type of the update biometric reference sample is different than that of the previous biometric reference template, generating an update biometric reference template by the computing system. The method further includes generating an update biometric reference template record by the computing system.

Abstract: Techniques are disclosed relating to sharing a user credential between computing devices. In some embodiments, a first computing device stores a set of user credentials usable to authenticate a user and receives, from a second computing device, a request for a user credential to be provided responsive to an authentication prompt associated with the second computing device. In such an embodiment, the request includes an indication of a service for which the authentication prompt is being presented. Based on the indication, the first computing device determines whether the stored set of user credentials includes a user credential relevant to the authentication prompt and presents a selection prompt asking a user of the first computing device to select a one of the stored set of user credentials to provide to the second computing device for authentication to the service, the relevant user credential being identified in the selection prompt.

Abstract: The disclosure provides an approach for cryptographic agility. Embodiments include establishing, by a proxy component associated with a cryptographic agility system, a first secure connection with an application. Embodiments include receiving, by the proxy component, via the first secure connection, a communication from the application directed to an endpoint. Embodiments include selecting, by the cryptographic agility system, a cryptographic technique based on contextual information related to the communication. Embodiments include establishing, by the proxy component, a second secure connection with the endpoint based on the cryptographic technique. Embodiments include transmitting, by the proxy component, a secure communication to the endpoint via the second secure connection based on the communication.

Abstract: A method for securely connecting and providing access to an onboard web service, between an item of client equipment, including a screen, and a mobile device, equipped with a camera. The method, is implemented by the mobile device and includes: establishing a wireless connection with the item of client equipment; transmitting a unique pictogram onto the screen of the item of client equipment; reading the pictogram, displayed on the screen of the item of client equipment, using the camera of the mobile device; authenticating the item of client equipment, by comparing data from the transmitted pictogram with the data from the pictogram that was read by the camera; and opening a secure connection and access to an onboard web service on the mobile device, for the item of client equipment.

Abstract: A controller and method of controlling a mobile device. The controller is coupled to a mobile device through a mobile communications environment. The controller is coupled to the mobile communications environment at a location remote from the mobile device, and includes a receiver that receives data from the mobile device, a processor that evaluates the data received from the mobile device based upon rules for the mobile device, and a transmitter that sends data to the mobile device to at least one of alert the user to a condition and modify current operating parameters on the mobile device.

Abstract: [Problem] To provide a terminal registration system and a terminal registration method for improving user convenience in registration of a new terminal to a plurality of service sites. [Solution] The registered terminal 1 includes an Authenticator 10 including service site list information 110 that associates private keys and URLs for access to service sites with each other. A Registration Manager 100 acquires the service site list information 110 from the Authenticator 10 of the registered terminal 1. Then, the Registration Manager 100 performs FIDO authentication for a registration target service site using a private key of the registered terminal 1, on the basis of the acquired service site list information 110, and performs Registration of a newly generated cryptographic key at the new terminal 2.

Abstract: An encryption device (20) generates a ciphertext by setting, in the ciphertext, one of a predicate vector of arithmetic branching programs (ABP) and an attribute vector over a basis B of the basis B and a basis B*, which are dual bases in dual vector spaces. A key generation device (30) generates a decryption key by setting, in the decryption key, the other one of the predicate vector and the attribute vector over the basis B*. A decryption device (40) decrypts the ciphertext by performing a pairing operation on the ciphertext generated by the encryption device (20) and the decryption key generated by the key generation device (30).

Abstract: A dynamical hierarchical tagging system connected to a user site through a remote communications network. The system may comprise a master controller, a job management server connected to the master controller, one or more scanners in communication with the job management server, wherein the one or more scanners are configured to scan for one or more user assets located at the user site, resulting in scan results, a scan logic processor connected to the master controller, wherein the scan logic processor is configured to store the scan results in a user database, a tagging logic engine connected to the master controller, wherein the tagging logic engine is configured to tag the scan results stored in the user database, and an indexing logic processor connected to the master controller, wherein the indexing logic processor is configured to search and index the tagged scan results stored in the user database.

Abstract: The verification method includes: acquiring a value of at least one type of to-be-verified configuration information of a hardware device of a user; generating to-be-verified information of the user according to the value of the to-be-verified configuration information; and comparing the to-be-verified information with stored identity verification information of the user to verify identity of the user.

Abstract: An electronic device for aggregating electronic medical records, in which electronic medical records are aggregated from multiple electronic repositories and displayed as a single set of records. The multiple electronic repositories may store records for a particular patient using varying identifying/access information to facilitate anonymous access to the electronic medical records. Emergency medical services providers may be able to access medical records for a patient using the electronic device after being authenticated as a valid/licensed medical services provider.

Abstract: Provided is a method and system for digital voting. A digital voting system includes a Voting Administration (VA), a Trusted Third Party (TTP), a Voter and a digital voting platform which implements a Voting Chain (VC) as a Blockchain containing multiple blocks that have “roles”. These blocks include a Genesis block, a Campaign block, a Voter block, a Voting block, and a Legitimacy block. The VC contains data that is linked to an operation in the voting cycle, assigns tasks to a specific entity and establishes rules to ensure a highly secure pattern of actions and roles. The VA declares itself to the TTP, enrolls voters, releases ballots, starts election cycles using different blocks, and authenticates Voter IDs. The Voter discloses its Public Key to the TTP, casts and checks votes. The TTP registers Public Keys on the VC, verifies signatures, ensures anonymity, and registers ballots and votes.

Abstract: A method for tracing a digital information element in a computer system including electronic devices of users and a system for archiving digital information elements including a blockchain-type distributed database, the method including a step of making the digital information element from the electronic device of one of the users, a step of archiving the digital information element, the archiving step including a substep of generating an identification element of the version of the digital information element, the method including a step of adding the identification element signed with a secure element associated to this user and/or to their electronic device in the distributed database, the addition step including a substep of encrypting the identification element from a cryptographic algorithm and the secure element, the cryptographic algorithm including at least one metric variable associated to the user.

Abstract: A system, method, and computer-readable medium are disclosed for performing a data center connectivity management operation.

Abstract: This disclosure relates to generating location event measurements. In one aspect, a method includes presenting, by a client device, a digital component comprising geofence data that defines one or more physical locations corresponding to the digital component. In response to presenting the digital component, a trusted program of the client device stores, in a presentation event data structure, a presentation event data element specifying the geofence data. The trusted program detects, based on location information indicating a current location of the client device and the geofence data that the client device is within one of the one or more physical locations. In response to detecting that the client device is within one of the one or more physical locations, an event report is transmitted to a reporting system for the digital component. The event report indicates that a location event for the digital component has occurred.

Abstract: Techniques for enforcing trust policies for payload data transmitted through a data provisioning layer include: receiving, by a node in the data provisioning layer, payload data to be delivered to a recipient; obtaining, by the node, a trust policy indicating multiple attributes used to determine trustworthiness of payloads; determining, by the node, a set of values of the attributes associated with the payload data; generating, by the node, a trustworthiness opinion based at least on the trust policy and the set of values of the attributes; transmitting, by the node, the payload data and the trustworthiness opinion via the data provisioning layer toward the recipient; computing, by the recipient, a trustworthiness metric associated with the payload data based at least on the trustworthiness opinion; and determining, by the recipient, an action to take with respect to the payload data based at least on the trustworthiness metric.