Abstract: A method comprises receiving vehicle data comprising information associated with a plurality of sensors of autonomous vehicle and segmenting the received vehicle data into non-public data and public data. The method further comprises partitioning the public data into a plurality of data partitions and generating a plurality of data levels of the public data. Each data level of the plurality of data levels is generated according to an access level of a plurality of access levels and includes one or more data partitions of the plurality of data partitions in an encrypted form. The method further comprises transmitting the generated plurality of data levels to a group of electronic devices. Each electronic device of the group of electronic devices retrieves, according to one of the plurality of access levels, at least a portion of the public data from the transmitted plurality of data levels.

Abstract: In some embodiments, a method can include detecting, at a first circuit, the first circuit being operatively coupled to a memory device having a set of memory portions. The method can include receiving, from the memory device and at the first circuit, a set of encryption key portions after the detecting, each encryption key portion from the encryption key portions being a unique portion of an encryption key. The method can include assembling the encryption key by ordering each encryption key portion from the set of encryption key portions based on (1) a first previously defined list and (2) a second previously defined list. The first previously defined list and the second previously defined list each is stored at or accessible by the first circuit but not stored at or accessible by the memory device. The method can include authorizing access to a second circuit based on the encryption key.

Abstract: Various aspects and embodiments of dwelling automation administration are described. Among other aspects or features of the embodiments, a dwelling automation system in a computing device authenticates a user. A management interface in the dwelling automation system generates a user interface for administering a plurality of automation devices at different dwellings based on access and control rights of the user. The user interface can grant the user access to at least one automation device associated with a hub associated with at least one dwelling.

Abstract: Techniques are described for providing access to anonymized user data derived from external data providers. A persona management system generates a searchable data store containing metadata related to a plurality of users of the persona management system. The metadata includes entries indicating: a first identifier of a user of the plurality of users of the persona management system, a second identifier of an external data provider of a plurality of external data providers that possess data related to users of the persona management system, a third identifier of an algorithm that is used to transform data possessed by the external data provider related to the user of the persona management system into one or more transformed data values, and the one or more transformed data values. In response to requests from various data consumers, the persona management system uses the metadata to identify users matching specified search criteria.

Abstract: In some implementations, a system may receive a first credential associated with a first account and a second credential associated with a second account and may instruct a cloud service, using the first credential, to generate a first snapshot of structured source data associated with the first account. The system may authorize the first account and the second account to use a master encryption key and instruct the cloud service to encrypt the first snapshot using the master encryption key. The system may instruct the cloud service, using the second credential, to copy the first snapshot to a second snapshot associated with the second account and to decrypt the second snapshot into structured target data using the master encryption key. The system may deauthorize the first account and the second account from using the master encryption key and output an indicator of completion to a user device.

Abstract: A requester device 12 registers inspection target data in a file server 18. An inspector device 14 operated by an inspector who inspects whether the inspection target data is illegitimate or not acquires, from the file server 18, the inspection target data registered by the requester device 12 and registers an inspection result of the inspection target data in a blockchain network 22. A viewer device 16 acquires, from the blockchain network 22, the inspection result registered by the inspector device 14 and executes data processing based on the inspection result.

Abstract: An illustrative embodiment disclosed herein is a non-transitory computer readable medium. In some aspects, the non-transitory computer readable medium includes instructions for providing a mobile user monitoring solution that, when executed by a processor, cause the processor to capture a transaction transmitted over an N12 interface, extract, from the transaction, one of an expected response (XRES) or an authentication token (AUTN), a user identifier (ID), and a cipher key, capture a first message transmitted over an N1 interface, and determine that the first message is associated with the user ID and the cipher key extracted from the transaction.

Abstract: Provided is a personal authentication device capable of simply securing security with little psychological and physical burden of a user to be authenticated.

Abstract: A method that is performed to access data nodes of a data cluster. The method includes obtaining, by a data access gateway (DAG), a first request from a host; and in response to the first request, obtaining first bidding counters from the data nodes; obtaining first metadata mappings from the data nodes; making a first determination that the first request may not be served using any data node in an accelerator pool of the data cluster; and in response to the first determination, identifying, based on the bidding counters and metadata mappings, a data node in a non-accelerator pool of the data cluster associated with a first highest bidding counter of the bidding counters and a first appropriate metadata mapping of the metadata mappings; and sending the first request to the data node in the non-accelerator pool of the data cluster.

Abstract: Systems and methods are described for securing confidential content in a virtual meeting. In an example, a host can create a meeting agenda that identifies attendees and access restrictions for the meeting. A server can generate encryption keys corresponding to different confidentiality levels of content identified in the agenda. The encryption keys can be provided to user devices of the attendees based on the access permissions of the attendees. As the virtual meeting takes place, the server can encrypt confidential portions of the content stream for the meeting using the encryption keys. In an example, the server can also apply a machine learning algorithm to identify any confidential content in the content stream not previously identified. The server can encrypt additional confidential content where appropriate using encryption keys corresponding to the confidentiality level of the content.

Abstract: A system for automatic collection and analysis of digital forensic evidence by a cloud service provider is disclosed. The system utilizes machine learning models to identify and store digital forensic evidence relating to cybercrimes committed using a cloud service. Particularly, if an image or video file uploaded to the cloud service provider is determined to relate to illicit, illegal, or malicious activity, relevant digital forensic evidence is extracted and stored for later provision to law enforcement. The digital forensic evidence that is collected may be used to assist law enforcement in their investigations of criminal activity, as well as aid in the successful prosecution of criminals in court proceedings.

Abstract: Techniques are described for providing session management functionalities using an access token (e.g., an Open Authorization (OAuth) access token). Upon successful user authentication, a session (e.g., a single sign-on session) is created for the user along with a user identity token that includes information identifying the session. The user identity token is presentable in an access token request sent to an access token issuer authority (e.g., an OAuth server). Upon receiving the access token request, the user identity token is parsed to identify and validate the session against information stored for the session. The validation can include various session management-related checks. If the validation is successful, the token issuer authority generates the access token. In this manner, the access token that is generated is linked to the session. The access token can then be used by an application to gain access to a protected resource.

Abstract: Systems, apparatuses, and methods to establish a secure channel of communication with a remote computer using a memory device having a host system. The memory device stores a first cryptographic key representative of an identity of the host system and a second cryptographic key usable to validate an identity of the remote computer. The memory device controls, based on cryptography and independent of the file system, access to the first cryptographic key and the second cryptographic key. To establish the secure channel, an application running in the host system communicates with the memory device to generate, using the first cryptographic key, a first verification code for a first message of the remote computer without revealing the first cryptographic key to the host system, and to validate, using the second cryptographic key, a second verification code generated by the remote computer for a second message from the application.

Abstract: Embodiments of an apparatus and method are disclosed. In an embodiment, a method of executing multi-link operations in a multi-link communications system comprises performing a single frame exchange between a first multi-link device and a second multi-link device to execute a multi-link operation for multiple links between the first and second multi-link devices using a frame transmitted on a first link among the multiple links, wherein the frame includes an element that carries other link information on at least one link of the multiple links other than the first link, wherein the frame includes per-link value information that has different values for different links of the multiple link, and wherein successful execution of the single frame exchange completes the multi-link operation for at least two links of the multiple links between the first and second multi-link devices.

Abstract: An example method of managing rights in a cloud computing system includes: creating a role template having a role template set of rights to resources in the cloud computing system; assigning a tenant set of rights to the resources to each of a plurality of tenants of the cloud computing system, respectively; and creating a role instance for each respective tenant based on the role template and assigning the role instance to each respective tenant, where the role instance is linked to the role template in the cloud computing system and where the role instance includes a role instance set of rights that includes an intersection of the role template set of rights and the tenant set of rights for the respective tenant.

Abstract: A charging control method, performed by an electric vehicle supply equipment (EVSE), is provided. The method includes performing a charging session initiation procedure with an EV and calculating a session script hash associated with a charging session. A session access request is received from a user device and confirmed. Based on a result of the confirmation, session authentication is requested to the user device and a session script authentication value is received as a result of the session authentication from the user device. The method also includes determining whether to allow a user access to the charging session according to the session script authentication value.

Abstract: Provided is an information processing apparatus including a physical unclonable function (PUF) to generate a unique key using a process variation in a semiconductor manufacturing process, and an encryption unit to encrypt a password and/or bio-information received from a user using the unique key.

Abstract: A system and method is provided to allow access to centralized patient data captured from a medical device across an open network to a third party. The system and method receives the request based upon patient-specific information, checks the request and allows access if the request matches stored information.

Abstract: A system and method provide access to a remote resource locally by requesting content from an original address and receiving a first requested content and a first redirect uniform resource locator in response. The first redirect uniform resource locator reroutes the navigation from the original address requested to a redirect destination address that serves an access token. The system and method unlock access to a second application programming interface in response to validating the access token served by the redirect destination address and receives a second requested content and a second redirect uniform resource locator in response to transmitting the access token to the original address. The second redirect uniform resource locator transfers a user to an environment residing at an address different from the original address and the redirect destination address.

Abstract: Systems and methods for storing and recovering data for a device are described. In one embodiment, factory generated calibration data can be generated, sealed and restored securely even if two sensors in two different devices, such as a first ambient light sensor and a second ambient light sensor have the same sensor identifier. In one embodiment, a device transmits a database key to cause storage or recovery of the calibration data, and the database key includes a sensor identifier and a public cryptographic key of the device.