Abstract: A system and associated methods for authenticating physical or digital objects are disclosed. In at least one embodiment, a plurality of authentication devices is initiated, with each of the authentication devices associated with a one of the objects and containing a unique authentication sequence algorithm used to generate a sequence of device sequence values stored on each said authentication device. Upon a user desiring to authenticate a given object via a user application on a user device, the authentication device provides a data set to an authentication server. If the authentication server locates the authentication device in an authentication table, and subsequently processes the data set successfully, the authentication server obtains from the authentication table a server sequence value associated with the authentication device. If the device sequence value is later in the sequence than the server sequence value, the authentication server transmits a success message to the user application.

Abstract: Data is encoded to be incrementally authenticable. A plaintext is used to generate a ciphertext that comprises a plurality of authentication tags. Proper subsets of the authentication tags are usable to authenticate respective portions of plaintexts obtained from the ciphertext. Portions of the plaintext can be obtained and authenticated without decrypting the complete ciphertext.

Abstract: This disclosure relates generally to a method and system for online handwritten signature verification providing a simpler low cost system. The method comprises extracting signature data for the subject from a sensor array for the predefined time window at regular predefined time instants. Further, differentiating the matrix row wise and column wise to generate a row difference matrix and a column difference matrix. Further, determining an idle signature time fraction for the extracted signature data of the subject being monitored from the column difference matrix. Further, determining a plurality of signature parameters based on the row difference matrix and the column difference matrix.

Abstract: A cyber threat intelligence infrastructure allows processing of network data to enrich captured data with data from different sources to identify possible and/or actual cyber threats.

Abstract: A user of a device is authenticated after providing a pass code or other data confirming the user can access data on the device. While the user uses the device, behaviometric data is recorded which includes measures of how the user uses the device. Additional data, however, can only be accessed with a biometric and/or second authentication after collecting at least some behaviometric data, in embodiments of the disclosed technology. Depending on how close of a match the behaviometric data received is to previously recorded behaviometric data for the particular user, a threshold minimum is set for the biometric match in order to grant stepped up authentication and authorization to view the additional data. In this manner, a legitimate user often requires less time to authenticate compared to the prior art and a fraudulent user is rejected from access to sensitive data more accurately.

Abstract: An application-operating organization may delegate a third-party server to serve as an automated contextual authentication responder and an authorization responder. The third-party server may manage a delegated section of the organization's namespace that includes the public identities of various devices controlled by the organization. The third-party server may also dynamically generate interaction control list that is tailored to a requesting device's context based on the interaction control policies set forth by the organization. The interaction control list may include information that determines the authorization of the requesting device to interact with another device. The third-party server may also automatically determine the role of a new device to which existing policies are inapplicable and provide guided workflow for the organization to set up new interaction control policies in governing the new device.

Abstract: Systems and methods for a passive wireless multi-factor authentication approach are provided. According to one embodiment, a user authentication request is received by a first computing device connected to a private network. The user authentication request is sent by an endpoint protection suite running on the first computing device to an authentication device associated with the private network. A proximity of a second computing device, which was previously registered with the authentication device to be used as a factor of a multi-factor authentication process involving the first computing device, is determined by the authentication device in relation to one or more wireless access points of a wireless network of the private network. The user authentication request is then processed by the authentication device based on the proximity.

Abstract: The technology disclosed herein enables micro-segmentation of virtual computing elements. In a particular embodiment, a method provides identifying one or more multi-tier applications comprising a plurality of virtual machines. Each application tier of the one or more multi-tier applications comprises at least one of the plurality of virtual machines. The method further provides maintaining information about the one or more multi-tier applications. The information at least indicates a security group for each virtual machine of the plurality of virtual machines. Additionally, the method provides identifying communication traffic flows between virtual machines of the plurality of virtual machines and identifying one or more removable traffic flows of the communication traffic flows based, at least in part, on the information. The method then provides blocking the one or more removable traffic flows.

Abstract: A request control device, when receiving a request issued from a client to a Web system, causes a sandbox in which an environment of the Web system is reproduced to inspect the request. The request control device transfers the request to the Web system if an inspection result of the request in the sandbox does not indicate detection of an attack. The request control device does not transfer the request to the Web system if the inspection result of the request indicates detection of an attack.

Abstract: Systems and methods for increasing security in a computer system are provided. The system includes one or more logic circuits. The one or more logic circuits receive a plurality of independent first entropy values from a hardware source, apply at least some of the plurality of independent first entropy values to a function to generate a second entropy value, and seed a pseudorandom number generator with the second entropy value. The one or more logic circuits also generate a random number using the pseudorandom number generator seeded with the second entropy value and may produce a block of ciphertext or message authentication code using the random number, or otherwise use the generated numbers as secure random numbers in applications such as cryptographic protocols.

Abstract: Disclosed herein are systems and methods for continuous user authentication during access of a digital service. In an exemplary aspect, a continuous authentication module may receive, at a computing device, initial authentication credentials of the user. The initial authentication credentials enable access to a service via the computing device. While the service is being accessed, the continuous authentication module may continuously monitor whether an unauthorized user has replaced the user in accessing the service by comparing usage attributes of the service with historic usage attributes associated with the user. In response to determining that the unauthorized user has replaced the user, the continuous authentication module may cease the access to the service via the computing device.

Abstract: A dark web monitoring, analysis and alert system comprising a data receiving module configured to receive data collected from the dark web and structured; a Structured Data Database (SDD) connected with the data receiving module, the SDD configured to store the structured data; a Text Search and Analytic Engine (TSAE) connected with the SDD, the TSAE configured to enable advanced search and basic analysis in the structured data; a Knowledge Deduction Service (KDS) connected with the TSAE, the KDS configured to deeply analyze the collected data; the deep analysis comprises extracting insights regarding dark web surfers behavioral patterns and interactions; a Structured Knowledge Database (SKD) connected with the KDS, the SKD configured to store the deep analysis results; and an Alert Service connected with the TSAE and the SKD, the Alert Service configured to provide prioritized alerts based on the deep analysis.

Abstract: A service provider receives a set of credentials from a customer and a request to access one or more services provided by the service provider. An authentication service of the service provider receives the set of credentials and, based at least in part on the received set of credentials, one or more activities performed by the customer, the customer's user profile, and the system configuration of the customer's computing device, calculates a risk score. The authentication service subsequently utilizes the calculated risk score to determine a credential rotation schedule for the set of credentials. The authentication service updates one or more servers to enforce the new credential rotation schedule and enables the customer to utilize the set of credentials to access the one or more services.

Abstract: Techniques for enabling impersonation without requiring an access manager (AM) controlling access to a computing resource to have direct access to user information. The AM receives an impersonation request for a first user to impersonate a second user, the request being received during a first session initiated by the first user. The second user has an access privilege that permits access to the computing resource. The AM causes information to be obtained from an identity provider, the information being stored in a location inaccessible to the AM and indicating whether the first user has been granted permission to impersonate the second user. An impersonation session is initiated based on determining, using the information obtained from the identity provider, that the first user has been granted permission to impersonate the second user. The initiating comprises switching a user associated with the first session from the first user to the second user.

Abstract: A blockchain integrated station initiates a ciphertext request to a server, where the ciphertext request includes first information associated with input data of an off-chain contract. The blockchain integrated station obtains, from the server, an execution result, where the execution result is obtained by the server by executing the off-chain contract using the input data.

Abstract: Distributed firewalls reside at different points across a network. Each distributed firewall can include one or more rules that govern traffic over and/or access to the network. The rules can be discovered, converted into a standardized format, and indexed at a centralized rule database. The rules or data of the rules can be verified. The rules can be certified at the centralized database. The certification process can be based on a direction of traffic to which the rule governs. The certification process may have different levels based on the direction of traffic.

Abstract: A content replication connector receives control data associated with replication of content data from a source system. Based on the control data, the content replication connector fetches the content data from the source system, converts the content data from a first data format to a second data format, and sends the content data to a content replication server. The content replication server replicates the content data, and a target system fetches the content data from the content replication server.

Abstract: Systems and methods involve a database function of an ATM processor on which rules database records for positive transition flows of ATM hardware or software activities are stored, a security agent function of the ATM processor that extracts data points from a transition flow for every succeeding ATM activity, and an algorithm function of the ATM processor that generates a rules database record for the transition flows for succeeding ATM activity based on the extracted data points and discards any generated rules database record that is identical to a rules database record already stored on the rules database function. A discovery phase of the algorithm function stores new rules database records, rules database function, and a protection phase of the algorithm function selects a risk protocol, when a generated record is not identical to a record already stored.

Abstract: A system and associated methods for authenticating an at least one tangible product are disclosed. In at least one embodiment, upon a user desiring to authenticate a given product via a user application on a user device, an authentication request is initiated with an authentication device attached to the product. A device variable count on the authentication device is incremented based on an underlying algorithm, and the authentication device generates a data set containing at least one of a unique device identifier, a unique device key and the device variable count. The authentication device provides the data set and the device identifier to the user application, which then transmits the data to an authentication server. If the authentication server locates the device identifier in an authentication table, and subsequently processes the data set successfully, the authentication server obtains from the authentication table a server variable count associated with the device identifier.

Abstract: A method for accelerating execution of application in a trusted execution environment includes generating a tag based on computer instructions associated with a function of an application and input data, for representation of a computation to be performed by the application; determining whether the tag correspond to an entry in a database having one or more entries of tag and one or more corresponding computation result; and retrieving a corresponding computation result from the database without performing the computation if a corresponding entry of the tag is found in the database.