Abstract: Disclosed are systems and methods for adapting a pattern of dangerous behavior of programs. A teaching module may load into an activity monitor the pattern and establish a first usage mode for it, during which the activity monitor detects threats that correspond to that pattern, but does not perform actions for their removal. Later, in the course of a teaching period, the activity monitor detects threats based on the detection of events from the mentioned pattern. If the events have occurred as a result of user actions, and the events have a recurring nature or are regular in nature, the teaching module adds parameters to the pattern which exclude from subsequent detection those events or similar events. Upon expiration of the teaching period, the teaching module converts the pattern of dangerous behavior of programs to the second usage mode, during which threats are detected using the modified pattern and removed.

Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.

Abstract: Systems, methods, and media for detecting network anomalies are provided. In some embodiments, a training dataset of communication protocol messages having argument strings is received. The content and structure associated with each of the argument strings is determined and a probabilistic model is trained using the determined content and structure of each of the argument strings. A communication protocol message having an argument string that is transmitted from a first processor to a second processor across a computer network is received. The received communication protocol message is compared to the probabilistic model and then it is determined whether the communication protocol message is anomalous.

Abstract: A method and apparatus prevents hacker code from infecting an application program by requiring decryption of the application program prior to running the application program on a computer. The method includes steps of: providing a storage device that is a separate unit from components necessary to operate the computer; storing a symmetric private key on the storage device; using the symmetric private key to produce an encrypted application program upon first installation; thereafter decrypting that part of the encrypted application program needed implement a command to run the application program; precluding the computer from running any part of the application program that has not been first encrypted with the symmetric private key; and, decrypting, on the fly, only those follow-on parts of the encrypted application program needed to perform functions called for during operation of the application program.

Abstract: Improved user authentication of a communication device is provided by expanding voice biometric authentication with a dynamically updated user profile formed of non-voice usage parameters. The non-voice usage parameters are collected during successful voice authentications to establish non-voice compensation controls. When a failed voice biometric authentication attempt is followed by a valid PIN entry, then a false rejection is determined, and a voice biometric threshold is adjusted to reduce the individual user-based false rejection rate along with the enablement of the non-voice usage controls.

Abstract: Aspects of the present disclosure involve systems and methods computing devices to access a public network posing as a user to the network to detect one or more malware programs available for downloading through the network. More particularly, a malware detection control system utilizes a browser executed on a computing device to access a public network, such as the Internet. Through the browser, sites or nodes of the public network are accessed by the control system with the interactions with the sites of the public network designed to mimic or approximate a human user of the browser. More particularly, the control system may apply the one or more personality profiles to the browser of the computing device to access and interact with the nodes of the public network. Further, the control system may monitor the information retrieved from the network sites to detect the presence of malware within the nodes.

Abstract: A data storage system comprising: a detachable data storage device; an alarm device; where the alarm device is connected to the detachable data storage device and where the alarm device is configured to initiate an alarm event if the alarm device is sufficiently far away from the detachable data storage device.

Abstract: A method of performing a Multi-Party Computation (MPC) process between two parties and a server, the parties generating initial garbled labels to an initial garbled circuit and sending the initial garbled labels corresponding to an input to the server, the parties generating a fresh garbled circuit and generating multiple bridge gates for translating the initial garbled labels to garbled values for the inputs to the fresh garbled circuit, where each of the bridge gates is associated with a specific input wire of the fresh garbled circuit and maps a value of the initial garbled labels to a value of garbled labels of the fresh garbled circuit, where the server computes fresh garbled values for the fresh garbled circuit using the bridge gates and the initial garbled values and evaluates the fresh garbled circuit using the fresh garbled labels.

Abstract: There are provided methods and apparatuses for authenticating components in an electric machine. For example, there is provided a method for authenticating parts of an electric machine. The method includes fetching, using a controller, identification data associated with a set of parts and performing a first verification step on the identification data, for each part in the set. The method further includes performing a second verification step on the identification data, in response to the first verification step being successful. The second verification step includes comparing the identification data with data from a database that includes identification information associated with manufactured parts. Furthermore, the method includes, in response to one of the first verification step and the second verification step being unsuccessful, a command to disable the electric machine.

Abstract: A data handling system includes a block-based storage device. An encryption key structure block includes key structure locations that may store encryption key structures. A key structure may take on at least three states: an erased state, an active state, and a zeroized state. The key structure includes error control data fields that are configured to contain error control data that independently protect data of the key structure in the active and the zeroized state. Key structures may be stored to key structure locations within a first encryption key block until each key structure location has stored a key structure in the active or zeroized state. Subsequently, the key structures in the active state may be copied and stored in key structure locations within a second encryption key block.

Abstract: A DDoS attack mitigation system includes a plurality of stateless network devices connected to a network. The system also includes one or more DPI devices connected to the plurality of stateless devices. The system further includes a controller connected to the plurality of stateless devices and connected to the DPI devices. The controller includes logic integrated with and/or executable by a processor. The controller is configured to receive a signal from a first DPI device and analyze the received signal. The controller is further configured to update a network traffic policy to redirect at least some of network traffic destined for the first DPI device to one or more DPI devices different from the first DPI device based on the analyzed signal and to send a signal indicative of the updated network policy to at least some of the plurality of stateless devices.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer-readable storage medium, for automatically providing a user with access to a secured resource. In some implementations, a client device detects that a second device that has been designated as an authentication for a user is within a predetermined level of proximity to the client device. The client device sends data indicating that the second device is within the predetermined level of proximity of the client device to a server system. The client device receives data indicating an attempt to access a resource using the client device while the second device is within the predetermined level of proximity to the client device. The client device sends an authentication request to the server system. The client device receives data indicating approval of the authentication request and provides access to the resource.

Abstract: A computer-implemented method for context-based, fine-grained data access control to microservice data is provided. The method may include retrieving a sensor data snapshot corresponding to the microservice data from a sensor node array of a microservice platform, and encrypting the sensor data snapshot according to a functional encryption scheme to generate an encrypted sensor data snapshot. The method may further include receiving a registration request from a user device, detecting an occurrence of the user-defined event based on sensory event data corresponding to the user event data, and generating a restricted-access functional decryption key in response to detecting the occurrence of the user-defined event. The restricted-access functional decryption key may be communicated to the user device for decryption of the encrypted sensor data snapshot according to an access control policy corresponding to a user-defined event associated with the user device.

Abstract: Systems and methods for local and master management units in a photovoltaic energy system. In one embodiment, a method implemented in a computer system includes sending a first identification code from a local management unit to a master management unit. The first identification code is associated with the first local management unit, and the local management unit controls a solar module. An authentication of the first identification code is received from the master management unit. In response to receiving the authentication, active operation of the local management unit is continued (e.g., for a set time period).

Abstract: A system includes profile control circuitry that may receive a sovereign onboarding command. The sovereign onboarding command may be issued on behalf of a sovereign associated with a profile. The sovereign onboarding command may update a status value in the profile. The profile may be recorded on a data-tamper-protected distributed ledger. Arbitration circuitry may review the recorded profile status value and ensure that status values are enforced against the sovereign during exchanges.

Abstract: Secure subscription based vehicle data services are provided. In one embodiment, a device comprises: a non-volatile memory comprising an embedded public key (EPK) that comprises a public key of a public-private key pair associated with a data service system not onboard the vehicle; a protocol that initiates a communication session that includes a session validation sequence that causes a processor to transmit a session request message and validate an authenticity of a session reply request using the EPK; the protocol includes a session initiation sequence that causes the processor to: transmit an initiation request message to the data service system that includes a key derivation key, and apply the key derivation key to a key derivation function to generate a message authentication key. The processor authenticates uplink messages exchanged with a host data service using the message authentication key.

Abstract: A data processing system, according to various embodiments, may receive a data subject access request that includes a request to delete personal data of a particular data subject, modify personal data of the data subject, and/or provide personal data of the data subject. At least partially in response to receiving the data subject access request, the system may determine whether the data subject access request was initiated by an automated source. At least partially in response to determining that the data subject access request was initiated by an automated source, the system may automatically take at least one action to have the data subject access request reinitiated by a human source. At least partially in response to determining that the data subject access request was initiated by a human, the system may automatically facilitate the fulfillment of the data subject access request.

Abstract: A vendor of virtual machine images accesses a virtual computer system service to upload a digitally signed virtual machine image to a data store usable by customers of the virtual computer system service to select an image for creating a virtual machine instance. If a digital certificate is uploaded along with the virtual machine image, the virtual computer system service may determine whether the digital certificate has been trusted for use. If the digital certificate has been trusted for use, the virtual computer system service may use a public cryptographic key to decrypt a hash signature included with the image to obtain a first hash value. The service may additionally apply a hash function to the image itself to obtain a second hash value. If the two hash values match, then the virtual machine image may be deemed to be authentic.

Abstract: A device for managing multiple accesses to a secure module of a system on chip of an apparatus, and comprises a stream ciphering means arranged for computing on the fly and in a single pass an integrity check for data to be transferred between secure and non secure modules of the system on chip with a seed and an encryption key, and for encrypting/decrypting on the fly and in this single pass these data with the encryption key, and a control means for providing the encryption key and seed to the stream ciphering means and for requesting data transfer and retrieving status to the secure and non secure modules for allowing the transfer of encrypted/decrypted data between the secure and non secure modules.

Abstract: The present disclosure provides a method for an authentication system to provide authentication information for a web page, comprising: receiving a request for authentication information from a web page; judging whether the web page is redirected to through a relevant search engine; judging whether the web page satisfies a condition of displaying the authentication information; and providing the authentication information to the web page satisfying the condition. By providing authentication information to a web site through a search engine, with the combination of the authentication system with the relevant search engine, the reliability and security of authentication information are enhanced. Besides, the user may autonomously edit and manage the displaying pattern of the authentication information, such that the authentication information may be displayed in real time on the web page.