Abstract: Techniques are disclosed for mitigating network-based attacks, brute-force attacks, enumeration account takeover type attacks, and generally attacks that might result in unauthorized access to user accounts, denial-of-service, loss of functionality to users, etc. Authenticating a user at an end-point of a network may occur using an activator. In some instances, an authentication module (e.g. on a server) receives and validates a key activator. If the key activator is valid, the authentication module is activated. After the authentication module is activated, the authentication module may receive and authenticate a security credential, such as a password, that is associated with the user. If the authentication module receives the security credential without being activated, the authentication module may not authenticate the security credential, even if the security credential is a valid credential.

Abstract: Secure peer-to-peer connection network and/or protocols for a group-based communication system, in which, a peer-to-peer connection request associated with a first identifier for a first client device and a second identifier for a second client device are received. The first identifier and the second identifier are compared to a group-based communication system validation registry associated with the group-based communication system and, based at least in part on a determination that the peer-to-peer connection request is authorized per the group-based communication system validation registry, a peer-to-peer connection between the second client device and the first client device is established.

Abstract: Methods and systems for resetting a digital credential within a digital credential based authentication system. The method includes logging a first administrative user into the digital credential system, receiving, from the first administrative user, a first portion of authentication credentials for a first customer, validating, by the first administrative user using the digital credential system, the first portion, logging a second administrative user into the digital credential system, receiving, from the second administrative user, a second portion of authentication credentials for the first customer, receiving the second portion by the second administrative user, validating, by the second administrative user using the digital credential system, the second portion; and resetting the authentication credentials based on the validation of the first portion and second portion.

Abstract: In the provided platform framework, participants issue requests for registration as members of namespaces supported by the platform framework, where the namespace is a capability of an IHS (Information Handling System) that will be provided by the participant using hardware of the IHS. The platform framework generates an entry in a manifest in response to a participant's registration, wherein the manifest entry identifies a participant as registered within a particular namespace. The platform framework receives, from an operating system application of the IHS, a request for participants registered within one or more namespaces. The platform framework provides the requesting operating system application with an identity of one or more participants that are registered within the first namespace. The requesting operating system application may then choose from registered participants that provide access to platform framework resources that are available for use within a particular namespace.

Abstract: A computerized-method for enabling a mode of interaction to support specially-abled needs of agents, via a web-app, in a contact-center. The computerized-method is operating an Application Programming Interface (API) client. The API-client includes receiving credentials from a user, upon login of the user to the web-app and then communicating with an authentication-server for an authentication-service and forwarding the credentials thereto. After successful completion, forwarding the credentials to an authorization-service that is retrieving a preassigned disability role-ID, according to the credentials and transmitting a preassigned disability role-ID in an access-token.

Abstract: An example embodiment of the present techniques determines, in response to a byte-serving request to download a portion of a resource, that the resource has previously been determined to comprise malware. Further, the byte-serving request is modified to request downloading all the resource. Additionally, all the resource is requested for downloading using the modified byte-serving request.

Abstract: The invention relates, in general, to the field of computer engineering and, in particular, to arranging and storing information in the form of interlinked transactions in a distributed computer framework. The technology for linking transactions is provided. Transactions include information on public keys, as well as credentials of owners of these public keys. Public keys which belong to one owner are linked into a logical chain at the level of transactions. Each transaction contains information on one public key. Transactions are signed by a digital signature. Transactions are preliminarily placed into a specialized pool, then they are retrieved from the pool, verified, and, upon successful verification, data form the transactions is placed into a public ledger (blockchain). The verification comprises verifying the digital signature and confirming linkability or, in other words, confirming that a transaction belongs to a particular chain.

Abstract: In one aspect, a computer system for vehicle configuration verification, and/or detecting unauthorized vehicle modification may be provided. In some exemplary embodiments, the computer system may include a processor and a non-transitory, tangible, computer-readable storage medium having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations including: (1) receiving a vehicle image, including a vehicle identifier and at least one software module; (2) calculating a configuration hash value of the at least one software module; generating a first data block including the configuration hash value, a first index value, the vehicle identifier, and a digital signature; (3) storing the first data block in a memory; and/or (4) transmitting the first data block to any number of network participants using a distributed network to facilitate vehicle software configuration verification.

Abstract: A guest notification system and method are provided for a smart home. As a result of detecting input, an identity of a guest is determined. At least one operation is then performed, to notify an occupant of the smart home of the identity of the guest, as well as to notify the guest in the event that the occupant is not currently at the smart home.

Abstract: In order to improve the safety and reliability of services provided by a computer, an authentication device (1) equipped with a transmission unit (15) and a determination unit (16) is provided. The transmission unit (15) transmits a challenge to a terminal device (7) where the challenge is presented to a user (8) to be authenticated, the challenge being information serving as the basis on which the user inputs information to be used for authentication processing. At this time, the transmission unit (15) transmits a plurality of different challenges to the terminal device (7). The determination unit (16) determines not only whether or not a response input to the terminal device (7) by the user (8) in response to each challenge is correct, but also whether or not time information regarding the challenge and the response thereto satisfies a condition regarding the response.

Abstract: An unauthorized communication detection apparatus comprises: a reception module configured to receive operational data; a transmission module configured to transmit the operational data; an acquisition module configured to acquire a correction value for correcting a determination expression for calculating a score for determining whether the operational data is involved in unauthorized communication, based on a parameter for extending an application range of a specific learning model and on a specific feature amount corresponding to the specific learning model among a plurality of feature amounts of the operational data; a determination module configured to calculate the score based on the plurality of learning models, the plurality of feature amounts, and the correction value, and determine whether the operational data is involved in unauthorized communication based on the calculated score; and a transmission control module configured to control the transmission of the operational data based on a determinati

Abstract: Systems and methods of authorizing access to access-controlled environments are provided. In one example, a method includes receiving, passively by a computing device, user behavior authentication information indicative of a behavior of a user of the computing device, comparing, by the computing device, the user behavior authentication information to a stored user identifier associated with the user, calculating, by the computing device, a user identity probability based on the comparison of the user behavior authentication information to the stored user identifier, receiving, by the computing device, a request from the user to execute an access-controlled function, and granting, by the computing device, the request from the user responsive to determining that the user identity probability satisfies a first identity probability threshold associated with the access-controlled function.

Abstract: An embedded processing system includes processing circuitry, a memory system, and a reprogramming control. The reprogramming control is configured to receive a transaction indicator and user credentials from a reprogramming system, the transaction indicator identifying a type of configuration item to program in the memory system. The reprogramming control is further configured to access user authentication data to authenticate authority of a user to program the memory system based on the transaction indicator and user credentials and receive an encrypted configuration item. The reprogramming control is further configured to decrypt and authenticate the encrypted configuration item as a decrypted and authenticated configuration item responsive to authenticating the authority of the user, and store the decrypted and authenticated configuration item in the memory system.

Abstract: A method for securely receiving a multimedia content by a client device operated by one or more operator(s) involving a dedicated provisioning server of a security provider managing symmetric secrets used by the client devices and operators license servers. The provisioning server provides to the client device one or more generations of operator specific unique device secrets, which are then exploited by the various operators' license servers to deliver licenses such that authorized client devices can consume protected multimedia contents.

Abstract: There is provided an information processing device to grasp timing of a process by a protection storage unit and to effectively utilize the timing, the information processing device including a data obtaining unit that, on the basis of a notification from a protection storage unit, obtains data related to timing of a process by the protection storage unit, and a control unit that associates the data related to the timing of the process with data related to the process.

Abstract: Techniques for automatically discovering relationships between data to enforce data security are disclosed. In some embodiments, a query analytic system receives a set of one or more queries that accesses data from a set of data objects and is generated by an application to accomplish an application-level function that is opaque to the query analytic system. The query analytic system detects a relationship between a first data object and a second data object based on access patterns associated with the set of one or more queries. The query analytic system further stores an indication that the first data object is related to the second data object. An operation that is performed against the first object may also be performed against the second object based on the stored indication. Additionally or alternatively, information about the second object may be displayed when information about related objects is requested for the first object.

Abstract: In a server configured to operate on a network. secured access to shared digital content is implemented in response to a request from a first user to access one or more content items belonging to a second user. Information about the first and second users is analyzed with a machine learning algorithm to determine a relationship between the first user and the second user. The first user is granted or denied access to the one or more content items based on the determined relationship.

Abstract: This disclosure relates to systems and methods for managing protected electronic content that employ relatively efficient messaging schemes. Rights management architectures are described that may, among other things, provide end-to-end protection of content keys from their point of origination at a content creator and/or content service to end user devices. Certain embodiments may further provide for message protocols where fewer messages are sent in connection with a protected content license request process, thereby reducing latency associated with license request and provisioning processes.

Abstract: The present disclosure provides a communication apparatus comprising a cryptographic circuitry which, in operation, uses a shared cryptographic secret Key and a cryptographic salt to generate a cryptographically encoded Message Integrity Code (MIC) that is computed over the address field of a Wake Up Radio (WUR) frame; and a transmission signal generator which, in operation, generates a secure WUR signal by replacing the address field of the WUR frame with the MIC; and a transmitter which, in operation, transmits the secure WUR signal.

Abstract: The method for obfuscating hardware partially imitates the neural network perceptron, obfuscating the hardware design. This method obfuscates the design functionality and immunes integrated circuits against Trojan insertion. This method can also be used to check for the existence of faults inside chips. This method resolves the concern related to security and reliability when outsourcing the manufacture of integrated circuits.