Abstract: A computer-implemented method, system and computer program product for applying a unified governance and integration platform to social media data. Data integration definitions for managing and protecting social media data are received. After receiving the data integration definitions for social media data, data integration externalization, governance catalog externalization or lineage externalization may be performed. For example, social media data may be extracted from a database system by a governance and integration unit (“unit”) using the data integration definitions. The extracted social media data is then transformed and loaded to the social media data system via a connector linking the data from the unit to the social media data system. In another example, social media data is extracted from the social media data system by the unit, such as via the connector, using the data integration definitions and then transformed and loaded to the database system for analysis.

Abstract: Server-side authentication of user accounts by using multiple authentication tokens and transmission of update statement to users for updates to applications installed on their devices. Prompting users that updates are available upon determining that a threshold event has occurred and if requisite network and situational conditions exist. Batching and sending notifications or requests for authentications that are required for each application update that is currently ready for download.

Abstract: A message authentication code, for a message transmitted and received over a communications network, is formed by applying inputs to an integrity algorithm acting on the message. The inputs comprise: an integrity key; a value indicating a transfer direction; and a frame-dependent integrity input, wherein the frame-dependent integrity input is a frame-dependent modulo count value that also depends on a random value and on a frame-specific sequence number.

Abstract: A method of providing a distributed messaging system to aggregate particular types of messages regarding a client from customers of said client and for generating response and informational messages to the customers is provided. The method is performed in a distributed system comprising one or more processors executing computer instructions and one or more non-transitory computer readable media with computer executable instructions stored thereon executed by the one or more processors to provide the method.

Abstract: A security incident is detected at a first location; a risk of the security incident is evaluated. A first security scores is generated for the first location. A set of security scores are generated for a set of alternative locations; the set of security scores excludes the first security score. A second security score within the set of security scores is determined to be the best security score among a plurality of security scores; the plurality of security scores comprises the set of security scores and the first security score. A workload associated with the first location is migrated to a second location, where the second location is associated with the second security score.

Abstract: A method for monitoring and limiting access to a data connection by an electronic which has means for enabling/disenabling selectively the data connection is disclosed. The method includes a) detecting the initial and final time of each access to data connection during a predetermined time interval; b) counting the overall duration of the accesses to the data connection during the predetermined time interval; and c) if the overall duration reaches a value equal to a maximum duration value pre-set before the end of the predetermined time interval, actuating the means for disenabling the data connection until the end of the predetermined time interval. The method can provide a detailed report and a check in real time, by remote access, of the accesses and durations of a web site, of the time use of installed applications on the device, telephone calls, texts and screenshots of the devices placed under control.

Abstract: Various embodiments employ technology solutions to enable isolated client device interaction with building automation and control (BAC) networks, for example including configuration of a third-party application access framework which enables access to physical devices in a built environment. For example, a data exchange gateway interfaces a system with a BAC (Building Automation and Control) network, wherein the BAC network provides via the gateway, on a periodic basis, data values presented by each of a plurality of physical devices on the BAC network. A data exchange module receives periodic data values and causes recording of those values in a BAC database isolated from the BAC network. A permissions rules module control access to data in the BAC database. An API request handling module handles requests from third-party software platforms via an API.

Abstract: There is provided a method and system for supporting secure data routing for artificial intelligence services in a communication network. According to embodiments there is provided a system including a platform controller for managing artificial intelligence (AI) services and a coordinator for managing data transmission of the AI services. The platform controller is configured to obtain, from an AI controller, a first security credential used for re-encryption of uplink data for an AI service, wherein the uplink data includes encrypted data from a device and obtain, from the device, a second security credential for re-encryption of downlink data for the AI service, wherein the second downlink data includes encrypted data from an AI server. The platform controller is further configured to provide, to the coordinator, both the first security credential and the second security credential.

Abstract: A computer-implemented method includes receiving permission data from an application server. The permission data is for an account to access a software application of a plurality of software applications, and the application server is configured to provide the software application. Responsive to receiving the permission data from the application server, storing the permission data in a native database. Receiving a request to grant the account access to the software application. Determining whether the database stores the permission data for the account to access the software application. In response to determining that the database stores the permission data, granting access to the account to access the software application.

Abstract: The present disclosure involves systems, software, and computer implemented methods for verifying encrypted data provider data on a public storage medium. One example method includes receiving a verification request to verify encrypted data provider data stored on a public storage medium. Public storage medium entries relevant to the verification request are identified and retrieved. A homomorphic cryptosystem is used to homomorphically calculate a first encrypted target function result based on encrypted data provider data. The homomorphic cryptosystem and a verifying entity cryptosystem are used to re-encrypt the first encrypted target function result to generate a second encrypted target function result that is encrypted under the verifying entity cryptosystem and not encrypted under the homomorphic cryptosystem.

Abstract: A garbled circuit and two garbled inputs are received by a server from each pair of a plurality of clients. The garbled circuit encodes a comparison function and the garbled inputs encode a respective data value from each of the clients in each pair. Thereafter, the server evaluates the garbled circuits using the corresponding garbled inputs to result in a plurality of comparison bits. The server can then sort the datasets in an ascending or descending order by using the comparison bits to compute the rank of each data value. Using the sorted datasets, the server determines a median value for the datasets and transmits data characterizing the median value to each of the clients.

Abstract: Aspects of the disclosure relate to account lineage tracking and automatically executing responsive actions upon detecting an account lineage. A computing platform may receive a first account-change message from a source-level interceptor. The first account-change message may include information identifying a source account associated with a first computing device and identifying a first target account. The first target account may be associated with a target application configured to access the target database. The computing platform may receive a second account-change message from a database-level interceptor. The second account-change message may include information identifying the first target account as a database-level source account and identifying a second target account associated with one or more target databases.

Abstract: The present disclosure relates to a device authentication method as a procedure designed for authenticity of an apparatus. A connecting apparatus to be authenticated and an authentication box are connected to a trusted network through which authentication information is received by the connecting apparatus. The connecting apparatus is electrically connected to a non-trusted network through which the connecting apparatus and an intermediary server are electrically connected with each other; a virtual hub network is created by the intermediary server and electrically connected to both the authentication box and the connecting apparatus such that the connecting apparatus is authenticated by authentication box based on the authentication information.

Abstract: An original equipment manufacturer (OEM) human-machine interface (HMI) device operation of a non-OEM handheld mobile device is provided. A non-OEM handheld mobile device can be coupled with a vehicle network of a vehicle. The vehicle can include a head unit with a display. An OEM HMI can be presented on a display of the non-OEM handheld mobile device. Thus, the non-OEM handheld mobile device provides functionality associated with the head unit and/or functionality not associated with the vehicle. Responsive to receiving an input on the OEM HMI presented on the non-OEM handheld mobile device, a setting or control of a vehicle device can be caused to be adjusted. Alternatively or in addition, responsive to receiving an input on a vehicle OEM HMI, a setting or control of the non-OEM handheld mobile device can be caused to be adjusted.

Abstract: According to one aspect, there is provided a server for use in evaluating a monitoring function to determine if a trigger condition is satisfied. The server comprises a processing unit and a memory unit. The memory unit is for storing a current monitoring state (Ss) of the server or an encrypted current monitoring state (S) of the monitoring function, the current monitoring state (Ss) of the server relating to the current monitoring state (S) of the monitoring function that is based on an evaluation of one or more previous events. The processing unit is configured to receive an indication of a first event from a first client node and evaluate the monitoring function to determine if the first event satisfies the trigger condition.

Abstract: A communication device may obtain second security information in a case where a first instruction for establishing a second wireless connection with a second parent station is accepted under a state where a first wireless connection with a first parent station is established, and determine whether a second security level indicated by the second security information is lower than a first security level indicated by first security information in a memory. The communication device may execute at least one process of a notification process or an acceptance process in a case where it is determined that the second security level is lower than the first security level and establish the second wireless connection with the second parent station without executing the at least one process in a case where it is determined that the second security level is not lower than the first security level.

Abstract: A server receives a corresponding data value encrypted using a common threshold public key from each of a plurality of clients. The server distributes the received data values to the clients for evaluating comparison of values. The server receives the encrypted comparison results from each of the clients in response to the distribution of the received encrypted data values. The comparison results are encrypted using the common key. The server homomorphically determines a ciphertext encrypting the rank of each client's data value using the comparison results. Further, the server can compute a ciphertext encrypting the median of the datasets. Thereafter, the server can initiate a threshold decryption to generate a final result.

Abstract: A method and apparatus of monitoring computer devices operating on a network is disclosed. Computer devices are all different and require monitoring settings that are tailored to their specific requirements. One example of the present invention may include a method of monitoring at least one computer device operating on a network. The method may include receiving audit information representing attributes of the computer device and storing the audit information in memory. The method may also include comparing the audit information to a predefined monitor set of objects to be monitored. The method may further include creating a new monitor set based on the comparison of the audit information and the predefined monitor set. The new monitor set is different from the predefined monitor set and is generally used to monitor objects which are included in the audited device. The method may also include monitoring the at least one computer device based on the new monitor set.

Abstract: Systems and methods for using an OAUTH client-secret to encrypt data sent to browser are disclosed. In one embodiment, in an issuer authorization services processing apparatus comprising at least one computer processor, a method for using an OAUTH client-secret to encrypt data may include: (1) receiving, from a client, a registration request; (2) returning, to the client, a client identifier, a client secret, and a nonce; (3) generating an extended client secret using a combination of the client identifier, the client secret, and the nonce; (4) storing the extended client secret; (5) receiving, from the client, encrypted plaintext data; (6) decrypting the encrypted plaintext data using the extended client secret; and (7) providing an encrypted response to the plaintext data, the encrypted response encrypted using the extended client secret.

Abstract: In an information processing apparatus and a method of controlling the same, settings for prohibiting an access to a removable medium is performed, and even if the setting is set, the access to the removable medium is permitted in a case where the information processing apparatus is activated in the maintenance mode.