Abstract: Systems and methods are provided for authenticating a user of a computing device. An example system includes a memory storing instructions, and a processor configured to execute the instructions to receive an authentication request from a user of a computing device, determine a context of the authentication request, determine a physical location of the user, and perform, based on the context of the authentication request and the physical location of the user, an associate proximity detection. The associate proximity detection includes steps to identify an associate based on at least one of the context of the authentication request or the physical location of the user, determine a physical location of the identified known associate, and determine a proximity of the user to the identified known associate. The authentication request may be approved when the determined proximity is within a threshold.

Abstract: A system and a method for automatically clustering sandbox analysis reports of similar malware samples. An automated malware analysis process includes receiving from a sandbox server the sandbox analysis reports of the similar malware samples at an application programming interface (API) of the clustering server, clustering similar Uniform Resource Locators (URLs) together and clustering the sandbox analysis reports of events in sandbox reports clusters (1-n) based on the URL clustering, static properties of the malware samples and dynamic properties of the malware samples.

Abstract: A user authentication method performed by an authentication management server constituting a block chain network with a target device may comprise receiving, from the target device, a transaction including authentication information of a user and a unique value of the target device; determining a token of the user stored in a smart contract based on the authentication information; and authenticating the user based on validity information of the token, ownership information of the token, and the transaction.

Abstract: A system manages usage of a network-enabled user device. A policy storage is separately located relative to the user device and stores usage policy sets. Each policy set comprises policies defining usage permissions/restrictions applicable to the user device. The system associates a first user with a first time period and a second user with a second time period, each time period exclusive of other time periods. The first user selects/modifies a first policy set for applying during the first time period, and the second user selects/modifies a second policy set for applying during the second time period. The first user cannot select/modify any policy set applicable during the second time period, and the second user cannot select/modify any policy set applicable during the first time period. A usage request from the user device is allowed/denied based on the policy set to be applied when the usage request is made.

Abstract: Disclosed is an electronic device. The An electronic device including a storage, and a processor configured to perform convolution processing on target data and kernel data based on stride information that indicates an interval at which the kernel data is applied to the target data stored in the storage, in which the processor is further configured to divide the target data into a plurality of pieces of sub-data based on first stride information, perform the convolution processing on the plurality of pieces of sub-data and a plurality of pieces of sub-kernel data respectively corresponding to the plurality of pieces of sub-data based on second stride information that is different from the first stride information, and combine a plurality of processing results, the plurality of pieces of sub-kernel data are obtained by dividing the kernel data based on the first stride information, and the second stride information indicates that the interval at which the kernel data is applied to the target data is 1.

Abstract: In some implementations there may be provided a system. The system may include a processor and a memory. The memory may include program code which causes operations when executed by the processor. The operations may include analyzing a series of events contained in received data. The series of events may include events that occur during the execution of a data object. The series of events may be analyzed to at least extract, from the series of events, subsequences of events. A machine learning model may determine a classification for the received data. The machine learning model may classify the received data based at least on whether the subsequences of events are malicious. The classification indicative of whether the received data is malicious may be provided. Related methods and articles of manufacture, including computer program products, are also disclosed.

Abstract: Identifying Internet of Things (IoT) devices with packet flow behavior including by using machine learning models is disclosed. Information associated with a network communication of an IoT device is received. A determination of whether the IoT device has previously been classified is made. In response to determining that the IoT device has not previously been classified, a determination is made that a probability match for the IoT device against a behavior signature exceeds a threshold. Based at least in part on the probability match, a classification of the IoT device is provided to a security appliance configured to apply a policy to the IoT device.

Abstract: Various implementations disclosed herein provide a method for authenticating users to an enterprise network using closed subscriber groups. The method includes determining whether the client device is associated with a subscriber group that corresponds to the enterprise network. The method further includes granting the client device access to the enterprise network in response to determining that the client device is associated with the subscriber group that corresponds to the enterprise network.

Abstract: A portable communication terminal control system includes a plurality of first portable communication terminals and a second portable communication terminal. A first processor in the first portable communication terminal performs a first portable communication terminal side determination process which determines whether communication connection is in an established state between a first portable communication terminal and the second portable communication terminal. The first processor performs a transmission control process in which, in response to determination that the communication connection with the other first portable communication terminal is in the established state and that the communication connection with the second portable communication terminal is in the established state, a release signal is transmitted to the second portable communication terminal.

Abstract: Described embodiments provide systems and methods for context aware frictionless authentication. A server may determine authentication method information, contextual scores and contextual weights of a device, in connection with a user request to access a resource via the device. The authentication method information may include a weight and a completion duration for each of a plurality of authentication methods available via the device. The server may determine an authentication score for each of the plurality of authentication methods using the authentication method information, the contextual scores and the contextual weights of the device. The server may identify a first authentication method from the plurality of authentication methods, according to the determined authentication score. The server may authenticate the user request via the first authentication method using a first device that supports the first authentication method.

Abstract: The techniques described herein relate to authorizing networked devices to access protected network zones and/or network resources in a private network. In response to a first access request, a network appliance requests full compliance information from the networked device. The received compliance information is stored in a database. Subsequently, when the compliance information on the networked device changes, the network device sends updated compliance information to the network appliance. The network appliance reevaluates the compliance state of the networked device based on the updated compliance information and the compliance information stored in the database.

Abstract: Systems and methods for root-level application selective configuration for managing installation of applications in a file system include at least one computing device and an agent. The at least one computing device can receive selections from a user for a file and for actions desired to be executed on the file. Instead of requiring a particular privilege level for the user, the agent can be provided privileges based on a policy file associated with the selected file, thereby allowing the selectable actions to be executed via the agent. The agent can be executed by the at least one computing device and register with an OS during a boot sequence. The agent can receive a selection of a file and render a context menu based on metadata from an associated policy file. The context menu can include one or more badges providing an indication of executable actions for the selected file.

Abstract: A cloud network for automatically provisioning a user directory in a multi-tenant system. The cloud network includes a local application that executes on an end-user device and a mid-link server coupled to a plurality of end-user devices. User attributes for configuration of the user directory and groups associated with the plurality of end-users is received from the local application. A program module integrates with an external application and the user interface allows integration with the mid-link server. A snippet is created for the configuration of the user directory from the user interface for each of the plurality of end-users. User policies and group policies associated with the plurality of end-users are determined. A high-risk user from the plurality of end-users is determined using the external application. The user directory is deployed using the snippet based on the user policies and the group policies.

Abstract: Implementations include providing a security rating and a data criticality value of one or more transactions, the one or more transactions to be recorded to a blockchain, and the blockchain being of a blockchain network, selecting a consensus protocol, the consensus protocol selected from a set of consensus protocols, and the consensus protocol selected based on the security rating and the data criticality value, defining a set of consensus nodes, the set of consensus nodes including nodes from one of a super node pool and a weak node pool, and executing, by the set of consensus nodes, the consensus protocol to record the one or more transactions to the blockchain.

Abstract: A method for identifying that an item of information potentially includes an item of sensitive information can be provided. The item of information can be received in response to a query of an end-user database. An existence of a characteristic associated with the item of information can be determined. The characteristic can be indicative that the item of information potentially includes the item of sensitive information. The characteristic can be different from being that a source of the item of information has been designated, via an information management system, as unsearchable. An action can be caused in response to a determination of the existence of the characteristic. The end-user database can be included in a multi-tenant database.

Abstract: Methods and apparatus to clone an agent in a distributed environment are disclosed. An example apparatus includes a first management agent associated with a first component server in a virtualization environment, the first management agent configured to facilitate communication between the first component server and a virtual appliance, the virtual appliance to authenticate the first management agent based on first credentials including a first identifier and a first certificate. The example apparatus includes a second management agent associated with a second component server in the virtualization environment, the second management agent cloned from the first management agent and including a copy of the first credentials. The example second management agent is to: generate second credentials including a second identifier and a second certificate; authenticate with the virtual appliance based on the first identifier and the first certificate; and delete the copy of the first credentials.

Abstract: Systems and methods enable secure service-based communications in networks that use a Services Communications Proxy (SCP). A Network Function (NF) producer receives a service request including an authorization token and a signed service request object, wherein the service request originates from an NF consumer of the wireless core network and is forwarded to the NF producer via the SCP. The NF producer verifies the signed service request object and generates, after the verifying, a service response. The service response includes a signed service response object. The NF producer sends, to the NF consumer and via the SCP, the service response with the signed service response object.

Abstract: A subscriber information authentication system that compares network-obtained and device-obtained information to verify that a device being used in connection with a user account is authenticated for that account. Certain subscriber information may be associated with the account during a registration process. In subsequent attempts to access the account, the registered subscriber information may be used in conjunction with information obtained from a telecommunication network and from a device to verify that the device is authorized. The information from the telecommunication network may be queried using Signaling System No. 7 (“SS7”) protocols. The device authorization may be performed, for example, to ensure that a device being used for device-based verification is the device a user purports it to be.

Abstract: A service or load balancer may use the techniques herein to perform client authentication using a certificate-based identity provider. A client may send a request for access to a service of the provider network. In response, the service or a load balancer may redirect the request to a certificate-based identity provider in accordance with a standard identity protocol (e.g., a federated identity protocol such as the protocol for OpenID Connect (OIDC)). The certificate-based identity provider may obtain a client certificate and validate the client certificate. The identity provider may also obtain and verify other credentials. In response to validating the client certificate (and in some cases authenticating the credentials), the certificate-based identity provider may generate and sign an identity token and redirect the client back to the service in accordance with the identity protocol.

Abstract: Disclosed is a method including: receiving, by a routing device, a message; determining an indication of an authentication server for authenticating the user to access the network service; and generating an authentication request including at least the user identifier derived from the data structure to the determined authentication server. Also disclosed is a routing device and a computer program product.